Attack on DNS causes major outages

On October 21st, a distributed denial of service (DDoS) attack took out major websites such as Twitter, Netflix, and Reddit, among others. The cause of the attack was malware known as Mirai. This malware took advantage of the lack of security within Internet of Things devices by scanning the internet for devices that still have default username and password combinations and then taking control of those devices. Mirai formed, essentially, an “army” of IoT devices to carry out the DDoS attack.

The attack interrupted a DNS managed by domain registration service provider Dyn. A DNS is how computers translate a web address into the correct code for a given website. This attack, by interrupting the DNS, prevented internet users from accessing a variety of websites.

The Mirai software is available on the internet; the source code for Mirai was uploaded to the site Hackerforums. One source suggests that the leaking of the source was intended to throw off those investigating the attack. Regardless of intention, the availability of Mirai makes another IoT-based attack a distinct possibility.

These attacks force us to confront a frightening flaw in the Internet of Things; despite its potential to simplify lives and increase productivity, IoT devices generally are not secure. Coupled with the fact that IoT devices require large amounts of information about their owners, these devices could pose a large privacy risk. In the DDoS attacks, the attackers gained control of the devices in order to interrupt a DNS. However, it is possible that other attackers could gain control of these devices in an attempt to steal personal information.

A map of the outages

Hopefully, these recent attacks will lead to increased security in IoT devices. It is not imperative to our security that we dismiss the Internet of Things entirely, but changes must be made for the sake of the users’ and owners’ privacy.

Sources:

http://www.theverge.com/2016/10/21/13362354/dyn-dns-ddos-attack-cause-outage-status-explained
http://gizmodo.com/this-is-probably-why-half-the-internet-shut-down-today-1788062835

IMAX to open virtual reality centers

Movie company IMAX is planning to open a virtual reality center in Manchester, England by the end of 2016. This facility is one of several that will be launched worldwide, and it will offer a variety of VR experiences from both movies and games. These centers will display content that IMAX is developing with Google, and they will also feature “pods” which can be used by a single person or by a group. Although they are highly experimental, IMAX hopes to use these virtual reality centers to figure out what exactly consumers want. The locations opening by the end of this year will “test several factors, including the overall customer experience, pricing models, and the types of content featured.”

An IMAX theater

One benefit to a theoretical VR center is its accessibility. If the opening of these locations is a success, IMAX will make virtual reality accessible to a wide range of people; what was once the topic of science fiction will suddenly become as commonplace as watching a movie. However, some limitations also exist. The VR experiences offered by these centers will range from 5-15 minutes and will likely lack in variety. The comparison of owning a VR headset vs. visiting a VR center is a bit like watching Netflix vs. visiting a movie theater. Users’ options will be predetermined for them, and some may find the experience dissatisfying.

Virtual reality itself also faces some criticism; Ray Kurzwil predicted that “By the 2030s, virtual reality will be totally realistic and compelling and we will spend most of our time in virtual environments … We will all become virtual humans.” Although all new technology faces some degree of skepticism, virtual reality does seem primed for abuse and overuse. Some critics subscribe to the idea of escapism: that people will turn to media as an escape from their lives.

The idea of these centers combines a couple topics that we have covered in class. We have discussed virtual reality on a few occasions, and experience design undoubtedly plays a large hand in the creation of these virtual reality experiences. The idea of technological convergence also comes into play, as these centers combine movie theaters, arcades, and individual gaming systems.

IMAX’s virtual reality centers have not garnered much attention yet, but when they begin opening new locations worldwide, they may face some backlash. The concept is exciting and brings to mind ideas of futurism and advancing technology, but only time will tell if these centers live up to the expectations.

 

Sources:
http://www.theverge.com/2016/10/11/13250454/imax-european-vr-center-opening-this-year
IMAX’s first European VR center will open before the end of 2016
http://www.theatlantic.com/health/archive/2015/02/the-good-and-the-bad-of-escaping-to-virtual-reality/385134/

Social media services used to arrest Baltimore protesters, in violation of their own privacy agreements

Instagram, Twitter, and Facebook have provided data for social media surveillance tools used by police. These tools create maps of social media activity in protest areas and can be used to identify protesters. Since being contacted by the ACLU of Northern California, which investigated these companies’ involvement in identifying protesters, all three services have stopped providing data.

The video below provides an example of the surveillance tools in use.

These tools were used to monitor the activity of protesters in Baltimore following the death of Freddie Gray. As the activity verged on violence, police were able to intercept and, in some cases, arrest protesters. While the use of these tools ensured public safety in this and likely many other situations, the social media services involved did blatantly violate their own privacy agreements.

Twitter’s agreement states that it will not use its data to “investigate, track or surveil Twitter’s users,” and Facebook’s agreement states that developers may not “sell, license, or purchase any data obtained from us or our services” without the company’s permission. Although a Facebook representative has asserted that the only data accessed was made public by users, it has still terminated its relationship with the company that created the surveillance tools. The ACLU is now calling for Facebook and Twitter to change their API policies to prevent future abuse of their data.

Some could argue that the company, Geofeedia, used only data that was made public by social media users, making it fair game for police to access, and because it can help police to maintain public safety, it does a net good for society. However, the service can be abused and could lead to further crime. Despite the moral argument that shrouds the Geofeedia debacle, the fact remains that Facebook, Twitter, and Instagram have violated their own agreements by providing data.

As we discussed in class, users’ privacy is integral to the success of social media. Users will not post media if they do not feel safe in doing so. This story is only one of many regarding the misuse of users’ content. Who is to blame for Geofeedia’s accessing this information: the users or the social media services? How will these breaches of privacy change the future of social media?

 

Source: http://www.theverge.com/2016/10/11/13243890/facebook-twitter-instagram-police-surveillance-geofeedia-api

Spotify may soon acquire SoundCloud.

Spotify, a music streaming service, is reportedly looking to acquire SoundCloud, a service which allows users to share their original music. This move would both provide Spotify with a larger library of content and remove a competitor from the market. Since SoundCloud launched a subscription service earlier this year, it has entered the paid music streaming market alongside Spotify and Apple and has apparently done quite well for itself. In July, the owners of SoundCloud were considering a $1 billion deal to sell the company to Spotify, when Twitter had invested $70 million in SoundCloud the month prior.

This acquisition is reminiscent of Apple’s purchase of Beats and Pandora’s purchase of Rdio, just a few of the many changes in the music streaming world. Both SoundCloud and Spotify having raised larged amounts of money in the past year, the pricey acquisition seems to make sense for both companies.

Spotify’s buying of SoundCloud ties into technological convergence, which we discussed in class. As mentioned during the lecture, larger entities tend to converge, while smaller user devices and services tend to diverge. The combination of Spotify and SoundCloud will make more music accessible in one location, but will it decrease the functionality of both streaming services? SoundCloud is a platform that allows users to share their original creations, whereas Spotify allows users to stream music from their favorite artists. The merge of professionally recorded music alongside amateur music may lead to a service that is less functional than Spotify or SoundCloud separately.

Problems could arise from a music library that is too large or too disorganized, a messy interface, or a haphazard attempt to separate the professionals from the amateurs. Only time will tell how consumers react to the Spotify-Soundcloud buyout.

 

Sources:

http://pitchfork.com/news/68615-spotify-in-talks-to-buy-soundcloud-report/

http://www.forbes.com/sites/hughmcintyre/2016/09/28/report-spotify-is-in-talks-to-buy-soundcloud/#473417366a49

http://www.theverge.com/2016/9/28/13098754/spotify-soundcloud-acquisition-report