Paul Thurrott’s Short Takes: March 6, 2015

Posted on March 6, 2015 by Paul Thurrott in Security with 0 Comments

Because Van Halen with Gary Cherone was most certainly NOT Van Halen, this week’s other news includes a super FREAKy revelation that Windows is also vulnerable to a decades-old encryption hack, news that’s not from Barcelona, Microsoft is looking to buy a social media news reader, Hillary Clinton was an email admin, and thieves are taking advantage of—but not actually hacking—Apple Pay.

Oops! Windows vulnerable to FREAK as well

If you’ve spent the past few days chortling because your mortal enemies in the Mac, iOS and Android folds are vulnerable to the FREAK encryption flaw, I’ve got bad news: yes, Windows is vulnerable too. “Our investigation has verified that the vulnerability could allow an attacker to force the downgrading of the cipher suites used in an SSL/TLS connection on a Windows client system,” a Microsoft advisory somberly notes. “The vulnerability facilitates exploitation of the publicly disclosed FREAK technique, which is an industrywide issue that is not specific to Windows operating systems.” The good news? This will be fixed by the next Patch Tuesday.

“Self-Driving Cars Could Drive Up Internet Revenue, Study Says”

One is left only to ponder yet another place for Google advertising.

Microsoft will reportedly buy a social networks news reader

Which, yes, sounds like a mashup of actual tech terms. But according to a report in Techcrunch, Microsoft is set to purchase a firm called Prismatic for $30 million. Prismatic makes an app called—wait for it—Prismatic that recommends news articles to its users based on their connections and “likes” in social networks like Facebook. If you think this sounds like exactly the kind of bizarre vertical market that Bing excels in serving, I agree, and maybe that’s what makes the purchase make some kind of bizarre sense. But if the goal is creating an echo chamber in which people only learn more about the things that already interest them, you can count me out. We’re already drowning in ignorance as it is.

“Google Opens Insurance-Quote Web Site”

Because you can’t subsidize your tech services with just web ads.


Don’t cry for me, Barcelona

I spent most of last August in Barcelona and it’s one of my favorite cities on earth. I also write about mobile technology every single day, and of course about Microsoft technology specifically. So you might think I would try to justify an expensive trip to Barcelona just so I could have attended Mobile World Congress this past week. But no: with over 20 years of experience behind me, the one thing I know is that trade shows are almost never worth it, especially one that is half a world away. And that in today’s era you can easily cover whatever pseudo-news develops from the comfort of your home office. So, yes, I’d have loved to have gone to Barcelona. But there is no way I’d pay for such a trip—or try to convince my employer to do so—because it just doesn’t make any sense. Maybe if it was in Rhode Island. Even then I’d have had doubts. Plus. Rhode Island. I mean, seriously. It’s like Massachusetts’ Mini Me.

“Mobile execs predict Apple Watch to dominate smartwatch market for foreseeable future”

So all they need to do is sell just 17 of these things: mission accomplished.

Thieves take advantage of Apple Pay

Thieves are entering the data for stolen credit cards into Apple Pay on iPhones and then using the electronic payment system to steal goods from major retailers like Home Depot and Target, a new report claims. The Apple Pay system hasn’t be hacked or compromised, or whatever. But here’s the ironic bit: apparently, over 80 percent of the goods stolen through Apple Pay since the system went online late last year have occurred at—wait for it—Apple’s own retail stores. Which you have to think are perhaps a bit too delighted to accept such payments. Hilarious.


“How to move your contacts from iOS to Android”

Well, first you have to get them into one of those cult rescue programs.

Hillary Clinton in personal email kerfuffle

If you follow the mainstream news, you may have heard about a controversy surrounding presumed presidential candidate Hillary Clinton, who apparently used a personal email account instead of a secure governmental system during her tenure as secretary of state from 2009 to 2013. This revelation comes with natural questions about security and privacy/transparency, though I can’t claim to care about those issues one way or the other. What I’m most interested in is a curious tidbit about this service: Mrs. Clinton didn’t use Hotmail, or Gmail or any other public email service. Instead, she actually had her own email server installed near her home in New York. So say what you will about Hillary Clinton or this escapade specifically, but that woman deserves our respect. Hillary Clinton is an email administrator.

“Google Wireless Plan Has One Catch”

It will only work with Google Nexus devices. And no, that’s not a joke.


Tagged with