Have you ever wondered what you have used Google to search for over the years?
Now you can easily find out what you looked for in April 2013. Neat!
Google have now allowed you to do such that.
Recently, Google have made their new feature available to all their users. The feature allows users to download their search history. Downloading the history is as simple as logging into Google and going to the Google history page.
The page provides you with lots of information, including hourly search activity, daily search activity and monthly search activity. However, this is nothing compared to the detail below the dashboard.
Google shows all the terms and time you searched for. Now ... this is fun!
You can go back to whenever you want. Of course, you will be able to find many embarrassing things you looked for in the past. No no no ... I am not only talking about your weird taste in porn. Haha! One of the funniest thing I found in my search history was I actually searched for Yahoo and Hotmail! That was years ago, though. Back when I never used the bookmark function.
Bear in mind that Google only record your search history when you have logged into your Google account. That means if you are logged on your mobile phone, whatever you look for is recorded. This, of course, includes the commands you issue to Google Now.
Furthermore, you are also allowed to download your entire search history. This will be sent to your email. You will also be able to delete your entire search history. However, Google warn that you may lose everything you have done over the years. (I have not tried deleting it, so I am not too sure what it means.)
This all sounds kinda fun. Beware that now you should not leave your computer logged on at anytime. This may go to your smartphone as well. It is now possible for anyone to look at your search history and, of course, download it, too. Watch out!
Anyway, this leads to my question "Why would someone need their Google Search History?"
Wednesday, 22 April 2015
Monday, 9 February 2015
Creativity and Innovation
Recently, I had a chance to read "inGenius", a book written by Tina Seelig, director of d.school at Stanford University, USA.
The first thing that struck me while reading the book was the fact that at d.school, there is a course called Creativity and Innovation. The aim of this course is to teach and train students to think creatively and out of the box through workshops, games and groupd assignments among other things.
Wow! A course that teaches people how to think creatively! I never knew that this kind of thing actually existed. I seriously thought that creativity was something that could not be taught. I thought that it was something you were born with.
Of course, the book told me that I was wrong.
Anyway, the minute I found out that Creativity and Innovation was avaiable to students at Standford, I looked back at the education in Thailand.
While students at d.school are involved in various exercises that encourage them to be imaginative, creative and think out of the box, students in Thailand are busy taking notes from what they hear in lectures. A lot of them struggle when being asked to solve problems beyond what they have learned in class.
Is it the teachers' fault that they only talk in front of the classroom? Is it the students' fault that all they want is to gain high marks in exams?
Whatever the answer, things need to change quickly. Other people are moving away from us further and further.
Thinking creatively is considered a skill needed in the 21st century. Maybe I will put a similar course to Creativity and Innovation in my curriculum. hehe!
This is it for now.
I will tell you more about what I have learned from the book, "inGenius", next time.
The first thing that struck me while reading the book was the fact that at d.school, there is a course called Creativity and Innovation. The aim of this course is to teach and train students to think creatively and out of the box through workshops, games and groupd assignments among other things.
Wow! A course that teaches people how to think creatively! I never knew that this kind of thing actually existed. I seriously thought that creativity was something that could not be taught. I thought that it was something you were born with.
Of course, the book told me that I was wrong.
Anyway, the minute I found out that Creativity and Innovation was avaiable to students at Standford, I looked back at the education in Thailand.
While students at d.school are involved in various exercises that encourage them to be imaginative, creative and think out of the box, students in Thailand are busy taking notes from what they hear in lectures. A lot of them struggle when being asked to solve problems beyond what they have learned in class.
Is it the teachers' fault that they only talk in front of the classroom? Is it the students' fault that all they want is to gain high marks in exams?
Whatever the answer, things need to change quickly. Other people are moving away from us further and further.
Thinking creatively is considered a skill needed in the 21st century. Maybe I will put a similar course to Creativity and Innovation in my curriculum. hehe!
This is it for now.
I will tell you more about what I have learned from the book, "inGenius", next time.
Thursday, 29 January 2015
Thailand's Cybersecurity Bill - What's All the Fuss About?
In the past weeks, there have been many comments, complaints and fears about the draft of the National Cybersecurity Act or the Thailand's Cybersecurity Bill. The draft was approved by the cabinet on the 6th January 2015. Since then the press and "experts" have been having field days.
I, no expert by any means, have just had a chance to take a good look at the draft (28th January 2015). I think I do have some comments of my own.
The Bill consists of six chapters and forty-three sections. I will only discuss the sections that I think are interesting and may raise some eyebrow.
Personally, I think Section 5 in Chapter 1 sets the tone of the entire Bill to lead me to understand that this particular Bill is more concerned with national security rather than personal security. I think anyone who reads this draft must set their mind set in this direction before having negative thoughts on other sections of the Bill.
Section 6 in Chapter 2 states that a committee known as "The National Cybersecurity Committee" or "NCSC" shall be established. As a part of the committee seven "qualified members" shall be appointed. It will be interesting to see who will be appointed and, especially how they will be selected. I wonder what the criteria will be and how they will end up with seven members. Bear in mind that there are so many people who claim or are said to be "qualified" and "expert" in the field.
The duties and responsibilities of the NCSC are stated in Section 7. Things like making action plans, giving advice to relevant ministries and monitoring the execution of this Bill are all here. I don't think I have a problem with this.
The rest of Chapter 2 is quite boring. Let us go on to Chapter 3 - The Office of National Cybersecurity Committee. At first glimpse, I thanked them for finally seeing the importance of cybersecurity and knowing the necessity for having an office dedicated to cybersecurity. As a part of this Office, the "National Computer Emergency Response Team" or "National CERT" will also be established. Wow! I like it a lot. Other developed countries such as the USA, Canada and many in Europe have had their own national CERT for a long time now. Finally, it looks like we will have one.
One of the duties of the Office of National Cybersecurity Committee that caught my eye is the one stated in Section 17 (8). They will have to "conduct studies and research on the information necessary for the maintenance of cybersecurity for the purpose of making recommendations on measures on cybersecurity." This is something I totally agree with. Nothing will come good without research. I just hope that the government will provide sufficient funding and, of course, research funds should be available to other sectors, too. I am looking forward to having some research grants in the future. haha!
There is one concern here in this Chapter 3. Section 21 states that "there shall be a secretary who is directly accountable to the chairperson of the NCSC as regards the operation of the Office and supervises the officials and employees of the Office." Why am I concerned? Well, from what I have seen in the draft, it looks like the secretary would have a lot of power even though the actions and performance would be judged by the Committee. At this moment, it sounds OK because we are being governed mainly by military. However, in the future, the people in power will be politicians. Will they pick their own people? Will the chosen secretary do things to serve the politicians? I will just leave this to your imagination, knowing what Thai politicians are like. haha! (At least it is good to see that no politicians will be allowed to take this position - see Section 23.)
Chapter 4 - Operation and Tackling of Cyber Threats - does not really leave me anything to comment, except if you are a sort of person who really thinks too much. Why do I say this? Take a look at Sections 33 and 34, which give the power to the Office of NCSC to order any agencies to perform any required actions if the Office see that a cyber threat affecting national security is occurring. In the draft, where everything is still vaguely define, these two sections appear to have no boundary or threshold of when the Office is allowed to use their power in Sections 33 and 34. I think this is something that needs to be clarified.
We now go to Chapter 5 - Officials. I think this is the chapter that has caused a lot of concerns and critiques. Section 35 is the main reason, especially (3) which states that the officials are allowed to gain access to information that is communicated via mail, telegram (which is now obsolete in Thailand), fax, phone, computing and other electronic devices for the benefit of national security.
What does it mean? Does it mean that any officials have the rights to access all information that belongs to other people without even asking for permission? Reading it word for word, I think it that it does. A lot of other people seem to think so, too. People have been saying that this section would violate human right and personal privacy. I have to say that they are right in saying this.
Do I care? Section 36 states that "officials are prohibited from disclosing or passing on the information obtained under Section 35 to any person." This actually makes Section 35 sound a little better. However, this does not really stop anyone from violating Section 36, knowing what Thai laws and law keepers are like.
Having said that, do not forget what the main objective of this Cybersecurity Bill is. Yes ... it is written for the purpose of national security. Without having access to information, how do you expect anyone to keep the nation secure?
The main problem with this section is, I think, when politicians come into power again. I have to go back to my earlier comment on our current military government. At the moment, I think I can trust them. However, when the power goes back to politicians, this is where the "fun" begins.
I am sure that they will definitely abuse their power. They will definitely try to access everyone's information. They will definitely try to gain access to anything that they are not really supposed to. All they have to do is they have to just say that it is allowed by this Act.
This does not sound good, does it?
From this, I don't think the Bill is the problem. The problem is the people/politicians (who will be) in power (after this government) are not trustworthy.
Maybe, we can stop thinking about changing the Bill for the sake of the nation's security, but start thinking about choosing the right people to come into power instead.
The rest of the Bill is just some formality, which is not worth commenting really.
On the whole, the draft Cybersecurity Bill has good intention in ensuring national security. With several changes, it would be even better. However, there must be a way of making sure that suitable and appropriate people are appointed to make this work. (Knowing Thai politicians, this will never happen. This is why people have expressed their concern on this Bill, especially Section 35.)
I, no expert by any means, have just had a chance to take a good look at the draft (28th January 2015). I think I do have some comments of my own.
The Bill consists of six chapters and forty-three sections. I will only discuss the sections that I think are interesting and may raise some eyebrow.
Personally, I think Section 5 in Chapter 1 sets the tone of the entire Bill to lead me to understand that this particular Bill is more concerned with national security rather than personal security. I think anyone who reads this draft must set their mind set in this direction before having negative thoughts on other sections of the Bill.
Section 6 in Chapter 2 states that a committee known as "The National Cybersecurity Committee" or "NCSC" shall be established. As a part of the committee seven "qualified members" shall be appointed. It will be interesting to see who will be appointed and, especially how they will be selected. I wonder what the criteria will be and how they will end up with seven members. Bear in mind that there are so many people who claim or are said to be "qualified" and "expert" in the field.
The duties and responsibilities of the NCSC are stated in Section 7. Things like making action plans, giving advice to relevant ministries and monitoring the execution of this Bill are all here. I don't think I have a problem with this.
The rest of Chapter 2 is quite boring. Let us go on to Chapter 3 - The Office of National Cybersecurity Committee. At first glimpse, I thanked them for finally seeing the importance of cybersecurity and knowing the necessity for having an office dedicated to cybersecurity. As a part of this Office, the "National Computer Emergency Response Team" or "National CERT" will also be established. Wow! I like it a lot. Other developed countries such as the USA, Canada and many in Europe have had their own national CERT for a long time now. Finally, it looks like we will have one.
One of the duties of the Office of National Cybersecurity Committee that caught my eye is the one stated in Section 17 (8). They will have to "conduct studies and research on the information necessary for the maintenance of cybersecurity for the purpose of making recommendations on measures on cybersecurity." This is something I totally agree with. Nothing will come good without research. I just hope that the government will provide sufficient funding and, of course, research funds should be available to other sectors, too. I am looking forward to having some research grants in the future. haha!
There is one concern here in this Chapter 3. Section 21 states that "there shall be a secretary who is directly accountable to the chairperson of the NCSC as regards the operation of the Office and supervises the officials and employees of the Office." Why am I concerned? Well, from what I have seen in the draft, it looks like the secretary would have a lot of power even though the actions and performance would be judged by the Committee. At this moment, it sounds OK because we are being governed mainly by military. However, in the future, the people in power will be politicians. Will they pick their own people? Will the chosen secretary do things to serve the politicians? I will just leave this to your imagination, knowing what Thai politicians are like. haha! (At least it is good to see that no politicians will be allowed to take this position - see Section 23.)
Chapter 4 - Operation and Tackling of Cyber Threats - does not really leave me anything to comment, except if you are a sort of person who really thinks too much. Why do I say this? Take a look at Sections 33 and 34, which give the power to the Office of NCSC to order any agencies to perform any required actions if the Office see that a cyber threat affecting national security is occurring. In the draft, where everything is still vaguely define, these two sections appear to have no boundary or threshold of when the Office is allowed to use their power in Sections 33 and 34. I think this is something that needs to be clarified.
We now go to Chapter 5 - Officials. I think this is the chapter that has caused a lot of concerns and critiques. Section 35 is the main reason, especially (3) which states that the officials are allowed to gain access to information that is communicated via mail, telegram (which is now obsolete in Thailand), fax, phone, computing and other electronic devices for the benefit of national security.
What does it mean? Does it mean that any officials have the rights to access all information that belongs to other people without even asking for permission? Reading it word for word, I think it that it does. A lot of other people seem to think so, too. People have been saying that this section would violate human right and personal privacy. I have to say that they are right in saying this.
Do I care? Section 36 states that "officials are prohibited from disclosing or passing on the information obtained under Section 35 to any person." This actually makes Section 35 sound a little better. However, this does not really stop anyone from violating Section 36, knowing what Thai laws and law keepers are like.
Having said that, do not forget what the main objective of this Cybersecurity Bill is. Yes ... it is written for the purpose of national security. Without having access to information, how do you expect anyone to keep the nation secure?
The main problem with this section is, I think, when politicians come into power again. I have to go back to my earlier comment on our current military government. At the moment, I think I can trust them. However, when the power goes back to politicians, this is where the "fun" begins.
I am sure that they will definitely abuse their power. They will definitely try to access everyone's information. They will definitely try to gain access to anything that they are not really supposed to. All they have to do is they have to just say that it is allowed by this Act.
This does not sound good, does it?
From this, I don't think the Bill is the problem. The problem is the people/politicians (who will be) in power (after this government) are not trustworthy.
Maybe, we can stop thinking about changing the Bill for the sake of the nation's security, but start thinking about choosing the right people to come into power instead.
The rest of the Bill is just some formality, which is not worth commenting really.
On the whole, the draft Cybersecurity Bill has good intention in ensuring national security. With several changes, it would be even better. However, there must be a way of making sure that suitable and appropriate people are appointed to make this work. (Knowing Thai politicians, this will never happen. This is why people have expressed their concern on this Bill, especially Section 35.)
Tuesday, 7 October 2014
Thai Education Needs Changing ...
A couple of weeks ago, I started thinking about education in Thailand and how it should be reformed.
"21st century skills" popped into my head.
I found a video by the Quality Learning Foundation, Thailand, and would like to share.
The following is a summary of important points gathered from the video. I would like to thank the QLF for the video. I really enjoyed watching it.
Presently, there is so much knowledge available. It is, therefore, very difficult to get students to concentrate in class. This is only because there are more interesting things outside.
This century is the era of information technology where the amount of knowledge increases everyday. Today, we do not just want clever students or the ones who are good at memorising textbooks. What we want is students who are willing to learn and who know how to learn. That is, they need to have learning skills.
In the past, teachers and lecturers had a job that required them to stand in front of a class and talk and talk and talk. Students were required to take everything (and maybe accept everythin) that was lectured to them. This teaching and learning method may be suitable 100 - 200 years ago. It simply will not work today.
The essential thing is to change the educational method: (1) from having "knowledge" as a target to having "skills" as the required outcome and (2) from "teacher centred" to "student centred."
It has been said and proved that project-based learning is a better method. In this way of teaching, teachers or lecturers will act as a coach. Students will be able to develop various skills such as understanding problems, researching for information, examining and evaluation data so that only appropriate data will be used in this particular assigned project. Moreover, they will get hands-on experience. They will improve their communication and presentation skills. Most importantly, they will learn how to work as a team. In addition, using project-based learning will get students to exchange their ideas which can lead to creating new knowledge of their own.
If we (especially in Thailand) are still attached to the traditional teaching method, there is no doubt that students will end up with having no skills to work and to live in the real world.
No inspiration. No fun. Boring. The worst thing is the whole country will just become stupid because students will get only knowledge ... and no skills.
"21st century skills" popped into my head.
I found a video by the Quality Learning Foundation, Thailand, and would like to share.
The following is a summary of important points gathered from the video. I would like to thank the QLF for the video. I really enjoyed watching it.
Presently, there is so much knowledge available. It is, therefore, very difficult to get students to concentrate in class. This is only because there are more interesting things outside.
This century is the era of information technology where the amount of knowledge increases everyday. Today, we do not just want clever students or the ones who are good at memorising textbooks. What we want is students who are willing to learn and who know how to learn. That is, they need to have learning skills.
In the past, teachers and lecturers had a job that required them to stand in front of a class and talk and talk and talk. Students were required to take everything (and maybe accept everythin) that was lectured to them. This teaching and learning method may be suitable 100 - 200 years ago. It simply will not work today.
The essential thing is to change the educational method: (1) from having "knowledge" as a target to having "skills" as the required outcome and (2) from "teacher centred" to "student centred."
It has been said and proved that project-based learning is a better method. In this way of teaching, teachers or lecturers will act as a coach. Students will be able to develop various skills such as understanding problems, researching for information, examining and evaluation data so that only appropriate data will be used in this particular assigned project. Moreover, they will get hands-on experience. They will improve their communication and presentation skills. Most importantly, they will learn how to work as a team. In addition, using project-based learning will get students to exchange their ideas which can lead to creating new knowledge of their own.
If we (especially in Thailand) are still attached to the traditional teaching method, there is no doubt that students will end up with having no skills to work and to live in the real world.
No inspiration. No fun. Boring. The worst thing is the whole country will just become stupid because students will get only knowledge ... and no skills.
Tuesday, 16 September 2014
The 11th International Conference on Computing and Information Technology (IC2IT2015)
The 11th International Conference on Computing and Information Technology (IC2IT2015) is organised by Faculty of Information Technology, King Mongkut's University of Technology North Bangkok and its partners, including:
Next year, the IC2IT2015 will be held at King Mongkut's University of Technology North Bangkok with the emphasis on two fields:
This is what the IC2IT2014 proceedings looks like. ^_^
Papers can be submitted here. We accept papers until the 21st December 2014.
Call for papers can be seen here.
- Fern University in Hagen, Germany
- Chemnitz University, Germany
- Oklahoma State University, USA
- Edith Cowan University, Australia.
Next year, the IC2IT2015 will be held at King Mongkut's University of Technology North Bangkok with the emphasis on two fields:
- Data Mining and Machine Learning and
- Data Network and Communication
This is what the IC2IT2014 proceedings looks like. ^_^
Papers can be submitted here. We accept papers until the 21st December 2014.
Call for papers can be seen here.
Thursday, 11 September 2014
Apple Pay ... Is it secure?
On the 9th September 2014, Apple finally announced two new iPhone models: iPhone 6 and iPhone 6 Plus. I won't go into any detail of the features they offer, because it looks like a lot of people have already talked about them.
However, there is one feature that I am particularly interested in. The Apple Pay. From what I have seen of it, it looks very convenient.
For now, let's look briefly at how it works. (Thanks TechCrunch for the video.)
Wow! Quick and convenient! What more can you ask for?
One question that instantly came to mind when looking at the demo of this sort. Is Apple Pay secure?
In order to answer this question, let us think about the technology involved in this. The first thing that makes this work is the NFC technology. Secondly, the credit card detail is required to be stored on the phone. Thirdly, the fingerprint of the user.
Let's analyse. Well, I will just do whatever I can here. haha!
First of all, the NFC technology is an integral part of this Apple Pay. Without it, no communication between the phone and the point-of-sale is possible. What information is to be transferred between them? Of course, the user's credential information. You should be asking questions right about now. ...
Apple said nothing at the event about how the communication takes place, and more importantly, how the communication is to be made secure. Why not? I don't really know.
NFC's range is said to be no further than 20 cm, which may be enough to prevent any information interception (during the payment by a person in line next to the payer). However, remember that 20 cm is just an estimate. Therefore, it is still possible that the information can travel a little further than expected. If this happens then we may be in trouble.
NFC's standard is the ISO14443, which does not appear to have a part on security! It is, therefore, up to Apple to answer how they have made the communication between the phone and the point-of-sale secure.
The next thing is that after using the Apple Pay to pay for anything, does the NFC get automatically turned off? If not, it means that a communication channel is left open to anyone to try to get into the phone (albeit to be within the communication range is not that easy, but still not impossible).
So ... the first component of Apple Pay, the NFC, still leaves a question.
The second aspect of Apple Pay is the storing of credit card information. Yes, it is neccessary to do so otherwise this would not work. Anyway, it was good to hear Apple say that the information is to be encrypted by Apple's "secure element" (no real algorithm has been mentioned). Another thing that was pleasing to hear is that no information will be sent to the Apple server. Good good. Personally, I do trust that Apple can do a good job in securing the information on the iPhone for us, provided that we do not lose the phone! haha!
Still, how the credit card information is securely sent to the point-of-sale for verification remains to be answered. This is actually back to the NFC question.
The third component to be discussed is the fingerprint. Apple has taken the advantage of having the fingerprint scanner on the iPhone here. Clever. I quite like the idea of using biometric as a factor of authentication. At least, it is better than using a pin code, which can easily be stolen.
One final point ... Apple Pay uses credit card information and user's fingerprint for verification and authentication purposes. Is this a two-factor authentication? Not sure, but it looks like a single-factor authentication to me (credit card information not being a factor since another person can easily transfer the information using the same phone), at a glance here. Hmmm ... one-factor authentication. I'm sure I have heard that there are problems with this. hehe! At least another factor should really used, I think.
Why don't they use their Apple Watch as a second factor of authentication? Just a funny idea ... haha!
On the whole, the idea of Apple Pay is to provide convenience to users. Some security questions remain to be explained, especially the security of data transfer via NFC. The final question is "would people use it because it is convenient despite some security doubts?".
However, there is one feature that I am particularly interested in. The Apple Pay. From what I have seen of it, it looks very convenient.
For now, let's look briefly at how it works. (Thanks TechCrunch for the video.)
Wow! Quick and convenient! What more can you ask for?
One question that instantly came to mind when looking at the demo of this sort. Is Apple Pay secure?
In order to answer this question, let us think about the technology involved in this. The first thing that makes this work is the NFC technology. Secondly, the credit card detail is required to be stored on the phone. Thirdly, the fingerprint of the user.
Let's analyse. Well, I will just do whatever I can here. haha!
First of all, the NFC technology is an integral part of this Apple Pay. Without it, no communication between the phone and the point-of-sale is possible. What information is to be transferred between them? Of course, the user's credential information. You should be asking questions right about now. ...
Apple said nothing at the event about how the communication takes place, and more importantly, how the communication is to be made secure. Why not? I don't really know.
NFC's range is said to be no further than 20 cm, which may be enough to prevent any information interception (during the payment by a person in line next to the payer). However, remember that 20 cm is just an estimate. Therefore, it is still possible that the information can travel a little further than expected. If this happens then we may be in trouble.
NFC's standard is the ISO14443, which does not appear to have a part on security! It is, therefore, up to Apple to answer how they have made the communication between the phone and the point-of-sale secure.
The next thing is that after using the Apple Pay to pay for anything, does the NFC get automatically turned off? If not, it means that a communication channel is left open to anyone to try to get into the phone (albeit to be within the communication range is not that easy, but still not impossible).
So ... the first component of Apple Pay, the NFC, still leaves a question.
The second aspect of Apple Pay is the storing of credit card information. Yes, it is neccessary to do so otherwise this would not work. Anyway, it was good to hear Apple say that the information is to be encrypted by Apple's "secure element" (no real algorithm has been mentioned). Another thing that was pleasing to hear is that no information will be sent to the Apple server. Good good. Personally, I do trust that Apple can do a good job in securing the information on the iPhone for us, provided that we do not lose the phone! haha!
Still, how the credit card information is securely sent to the point-of-sale for verification remains to be answered. This is actually back to the NFC question.
The third component to be discussed is the fingerprint. Apple has taken the advantage of having the fingerprint scanner on the iPhone here. Clever. I quite like the idea of using biometric as a factor of authentication. At least, it is better than using a pin code, which can easily be stolen.
Speaking of stealing, I think one of the reasons Apple decided to use fingerprint as a factor of authentication is to at least make it more difficult to use the Apple Pay when a phone is lost or stolen. But ... let's not forget that fingerprint can also be faked! This is how. (A few years ago, I had students in my information security class research on this exact topic, too. Interesting it was.)
One final point ... Apple Pay uses credit card information and user's fingerprint for verification and authentication purposes. Is this a two-factor authentication? Not sure, but it looks like a single-factor authentication to me (credit card information not being a factor since another person can easily transfer the information using the same phone), at a glance here. Hmmm ... one-factor authentication. I'm sure I have heard that there are problems with this. hehe! At least another factor should really used, I think.
Why don't they use their Apple Watch as a second factor of authentication? Just a funny idea ... haha!
On the whole, the idea of Apple Pay is to provide convenience to users. Some security questions remain to be explained, especially the security of data transfer via NFC. The final question is "would people use it because it is convenient despite some security doubts?".
Monday, 1 September 2014
Has the Apple's iCloud really been hacked?
"Celebrities' private photos have been hacked and shared on the Internet" is really today's big news. How did it happened? Did they all happen to lose their phones at the same time? Did all the phones happen to fall into the same person's hand at once? I don't think that's what has happened anyway.
Many have suggested that the photos have been shot and automatically saved on the Apple's iCloud. Somehow this person was able to access it and took those photos. The question is "has the iCloud been hacked?"
A lot of articles have agreed on the theory. But ... hacking the iCloud directly could not have been easy. Personally, I question whether the following had been done prior to getting into iCloud.
If this is actually what had happened, another security awareness must be raised. That is, people should know that password reuse is really not acceptable. Maybe the TOTP or Time-Based One-Time Password is an option. ^_^
I am not praising Apple by any means. I am not even using any of their products at the moment. But I have seen and read every page of their security document, and I think they have their job in trying to protect the privacy of the users.
Just wanting to provide another perspective to this current and trendy news. ^_^
Many have suggested that the photos have been shot and automatically saved on the Apple's iCloud. Somehow this person was able to access it and took those photos. The question is "has the iCloud been hacked?"
A lot of articles have agreed on the theory. But ... hacking the iCloud directly could not have been easy. Personally, I question whether the following had been done prior to getting into iCloud.
- Is it possible that the hacker had got the usernames and passwords from somewhere else and used them on the iCloud?
If this is actually what had happened, another security awareness must be raised. That is, people should know that password reuse is really not acceptable. Maybe the TOTP or Time-Based One-Time Password is an option. ^_^
I am not praising Apple by any means. I am not even using any of their products at the moment. But I have seen and read every page of their security document, and I think they have their job in trying to protect the privacy of the users.
Just wanting to provide another perspective to this current and trendy news. ^_^
Subscribe to:
Posts (Atom)