The Mozilla Foundation, the nonprofit organization behind the Firefox web browser, is expanding a campaign begun last year to help consumers buy safe, secure connected toys and mobile gadgets this holiday season.
Mozilla’s 2018 edition Privacy Not Included buyers’ guide offers an assessment of the privacy and security qualities of 70 products, ranging from connected teddy bears and smart speakers to game consoles and smart home gadgets.
Strong Consumer Interest
More than half the listed products failed to meet the minimum security standards Mozilla created in concert with Consumers International, a global consumer advocacy group, and the nonprofit Internet Society. The guide invites consumers to interact with a “creepy” rating scale.
Some of the failed products may not be the kinds of products consumers generally associate with being vulnerable to misuse of user data. The goal is to make consumers and Internet of Things vendors more aware of privacy safety with respect to connected toys and mobile gadgets.
Last year’s first shopping guide revealed strong consumer interest in the privacy and security of connected toys and smart home products. Some companies that sold products also were interested. This year’s guide took the lessons learned last year and put them to work to build a better guide, according to Mozilla.
The main problem with an approach like this is that the desire for privacy varies among users, and there is no way to show that in Mozilla’s buyers’ guide, according to Shea Drake, content strategist and tech expert withBusiness.org.
“There’s no comparison tool, table of factors, or even standards for what is considered creepy versus whether it is useful/cool enough to be worth the creep factor,” he told the E-Commerce Times. “Alexa is voted as one of the creepiest products, yet there are still over 40 million units sold.”
How It Works
Consumers view pictures of the 70 products Mozilla included in the guide. At the top of the guide’s landing page is a horizontal row of pre-screened categories: Toys & Games, Smart Home, Entertainment, Wearables, Health & Exercise, Pets. Click on a product category to see the included toys or gadgets. Clicking on the image takes users to a product detail page where they can view the product’s characteristics.
Consumers can rate products on a two-part Creep-O-Meter scale. A slider goes from “not creepy” all the way to “super creepy.” Respondents then can click on a thumbs up or thumbs down button to indicate their likelihood to buy the product.
Once a person votes, a display appears with a breakdown of the results, along with an opportunity to post and read other people’s comments on the product. Continue to scroll down the page to see a series of questions about the privacy characteristics of the product. The listings briefly explain what could happen if something should go wrong.
Mozilla includes a “Meets Our Minimum Security Standards” stamp on a page if the product has met its minimum security standards for IoT products.
Basic Safety Standards
Mozilla’s bare minimum standards will reject connected toys and gadgets under the following circumstances:
- Communications are not encrypted — Only the sender and the receiver should be able to access the information; there should be no eavesdropping.
- There are no security updates — A product must support automatic security updates by default. Otherwise, companies cannot fix vulnerabilities in a timely matter if at all.
- Weak passwords are permitted — Many products have default password such as “1-2-3.” Even worse, the passwords are printed on the box.
- There is no easy way to reach vendors — It is often difficult to get privacy and data protection details from vendors.
Only five of the 18 products listed on the Toys & Games page meet the minimum standards. They are Microsoft’s Xbox One, the Nintendo Switch, Sony PS4, the Harry Potter Kano Coding Kit, and the Amazon Fire Kids Edition.
Just six of the 18 wearables in the guide pass Mozilla’s minimum standards. Consistency within a manufacturer’s product line is not always a given. For instance, Apple AirPods failed, but the Apple Watch Series 4 passed.
In the smart home products category, most smart speakers have safety approval. These products include the Amazon Echo and Dot, Google Home, Apple HomePod, Sonos One and the Mycroft Mark 1.
Want a Nest-based smart home? Forget about it. None of the highlighted products have a safety approval from Mozilla.
Useful or Not
Mozilla’s approach to consumer education may not get the hoped-for results, but anything to build awareness helps, said David Ginsburg, vice president of marketing at Cavirin. Although typical consumers have a low chance of being breached, this awareness helps with their overall cyberposture — for example, proper home router and WiFi configuration, or securing their laptops.
“As with any buyers guide, do not let it lead to a false sense of security or fear,” he told the E-Commerce Times. “This is the case with all guides — Consumer Reports, Yelp, Trip Advisor. It is always the responsibility of the consumers to understand their individual risks versus rewards.”
It’s also likely that the vendors that received a “creepy” rating will take a look at product security and documentation.
“What is perfectly acceptable in one region may not be in another,” Ginsburg said.
These kinds of alerts are only as effective as the audience they are able to reach and who actually read them, noted Nathan Wenzler, senior director of cybersecurity at Moss Adams Cybersecurity Consulting Services.
Mozilla’s guide is definitely a necessary resource, and if anything, it needs to be expanded to include as many products as possible, he suggested.
“Even by their own admission, 70 products is a drop in the bucket in comparison to the number of IoT devices out there,” Wenzler told the E-Commerce Times. “It is a good start on Mozilla’s part, but there needs to be more of this kind of thing for a wider array of products that need to be made available to consumers in more ways.”
Mandated government standards may become the ultimate solution to regulate privacy guarantees, but self-policing by the industries involved may be a better goal.
Standards could include plain speak about how data is used when it is gathered, and an easy way to opt out. If you are paying for a product, vendors should not make more money on how you use that product, suggested Business.org’s Drake.
“Breaches or improper use should include not only a minimum fine to the government, but also to each user of the product,” he said. “Right now, consequences are fairly minimal, but standards only work if we enforce them.”
A line needs to exist between safety and privacy, ghough one could say that certain security vulnerabilities could result in safety issues, noted Cavirin’s Ginsburg.
“A combination of IoT and privacy regulations (like CCPA) on the national level will probably make it through the new Congress,” he added.
Bare Minimum Goals
Encryption should be used wherever possible, to protect communication between the IoT device and anything it is connected to, as well as any data stored on the device itself, Moss Adams Cybersecurity’s Wenzler suggested.
Minimum standards should include requiring the default password to be changed and not allowing older, weaker connection protocols over wireless or Bluetooth, he said.
Many older security protocols have been broken over the years and could be compromised easily today, Wenzler pointed out.
As customers become more aware of the threats these devices can present, the more they will demand that security features be built into products, he added. That ultimately will be a far more effective way to get manufacturers to make security protocols a standard feature of whatever they produce.
PICHAI PUTS KIBOSH ON GOOGLE SEARCH ENGINE FOR CHINA
Google is not working on a bespoke search engine that caters to China’s totalitarian tastes, and it has no plans to develop one, CEO Sundar Pichai told lawmakers on Capitol Hill Tuesday.
“Right now, we have no plans to launch in China,” he told members of the U.S. House Judiciary Committee at a public hearing on Google’s data collection, use and filtering practices.
“We don’t have a search product there,” he said. “Our core mission is to provide users access to information, and getting access to information is an important human right.”
Pichai acknowledged that the company had assigned some 100 workers to develop a search engine for totalitarian countries, however.
“We explored what search would look like if it were to be launched in a country like China,” he revealed.
A report about a Google search engine for China appeared in The Intercept this summer.
The project, code-named “Dragonfly,” had been under way since the spring of 2017, according to the report, but development picked up after Pichai met with Chinese government officials about a year ago.
Special Android apps also had been developed for the Chinese market, The Intercept stated, and had been demonstrated to the Chinese government for a possible rollout this year.
“We certainly hope they abandoned those plans,” said Chris Calabrese, vice president for policy for the Center for Democracy & Technology, an individual rights advocacy group in Washington, D.C.
“We didn’t think it was a good idea to build a search engine that would censor speech in order to go into the Chinese market,” he told the E-Commerce Times.
Google may have been testing the waters with its Chinese browser, maintained Russell Newman, assistant professor for the Institute for Liberal Arts & Interdisciplinary Studies at Emerson College in Boston.
“It’s an example of a firm seeing how far down the road it can go before it receives pushback,” he told the E-Commerce Times. “It discovers a limit, then pushes that limit a little more. I’d be surprised if they wholly gave up on the search engine for China.”
Mission: Protecting Privacy
In his opening remarks to the committee, Pichai declared that protecting the privacy and security of its users was an essential part of Google’s mission.
“We have invested an enormous amount of work over the years to bring choice, transparency and control to our users. These values are built into every product we make,” he said.
“We recognize the important role of governments, including this committee, in setting rules for the development and use of technology,” Pichai added. “To that end, we support federal privacy legislation and proposed a legislative framework for privacy earlier this year.”
Pichai also addressed a burning issue for Republican members of the panel.
“I lead this company without political bias and work to ensure that our products continue to operate that way,” he said. “To do otherwise would go against our core principles and our business interests.”
‘Bias Running Amok’
Among the Republicans on the committee who raised the issue of unfairness with respect to the way Google’s search algorithm treats conservative views was Mike Johnson, R-La.
“My conservative colleagues and I are fierce advocates of limited government, and we’re also committed guardians of free speech and the free marketplace of ideas,” he told Pichai.
“We do not want to impose burdensome government regulations on your industry,” Johnson continued. “However, we do believe we have an affirmative duty to ensure that the engine that processes as much as … 90 percent of all Internet searches, is never unfairly used to unfairly censor conservative viewpoints or suppress political views.”
Political bias is running amok at Google, charged committee member Louie Gohmert, R-Texas.
“You’re so surrounded by liberality that hates conservatism, hates people that really love our Constitution and the freedoms that it’s afforded people like you, that you don’t even recognize it,” he told Pichai, who was born in India.
“It’s like a blind man not even knowing what light looks like because you’re surrounded by darkness,” Gohmert added.
Despite Republican claims of liberal bias in Google’s algorithm, “there isn’t any evidence to back that up empirically,” Calabrese said.
Committee members also were concerned about Google’s market dominance.
“I’m deeply concerned by reports of Google’s discriminatory conduct in the market for Internet search,” said David Cicilline, D-R.I.
Google has harmed competition in Europe by favoring its own products and services over rivals, and by deprioritizing or delisting its competitors’ content, he noted citing European Commission findings.
“It is important for the U.S. government to follow the lead of other countries and closely examine the market dominance of Google and Facebook, including their impact on industries such as news media,” observed David Chavern, CEO of the News Media Alliance in Arlington, Va., a trade association representing some 2,000 newspapers in the United States and Canada.
“We will continue to urge for more hearings to examine ways in which the duopoly impacts the business of journalism, which is essential to democracy and civic society,” he told the E-Commerce Times.
Prelude to Privacy Law
House and Senate hearings in recent months are just the prelude to data privacy legislation that could be introduced next year.
“We’re certainly going to see a wide variety of comprehensive privacy bills filed, and I think we’ll make some progress,” Calabrese said.
“Advocates have seen the need for privacy legislation for a long time,” he said, “and now that we have privacy legislation set to kick in in California in 2020, there’s a lot of companies who would rather be governed by a federal law than they would a bunch of different state laws.”
If a general privacy law is enacted, it shouldn’t use Europe’s General Data Protection Regulation as a model, maintained Alan McQuinn, senior policy analyst for the Information Technology and Innovation Foundation, a public policy and technology innovation organization in Washington, D.C.
“We don’t want to see the GDPR enacted here in the states,” he told the E-Commerce Times.
“It is highly likely to create a drag on the European economy and hurt innovation and businesses,” McQuinn explained.
Privacy rules should be styled to fit industries, such as healthcare, finance and commerce, he suggested.
“The sector-specific approach that the U.S. has taken toward privacy has allowed for more innovation,” McQuinn noted, “and created the powerhouse of the digital economy that we have here.”
AMAZON’S LATEST GADGET: A SELF-DRIVING TOY CAR FOR CODERS
LAS VEGAS: Self-driving cars, meet Amazon’s self-driving toys.
Amazon.com Inc’s cloud unit on Nov 28 announced a US$399 (RM1,670) autonomous toy car, aimed at helping web developers try out some of their own self-driving technology. Customers can train and tweak machine learning models in an online simulator and then test drive them on vehicles one-eighteenth the size of a real race car.
Amazon Web Services (AWS) is even creating a sports league and championship cup, borne out of races its employees had with each other using the model car, AWS DeepRacer.
“It started getting pretty competitive,” Andy Jassy, chief executive of AWS, said at the company’s annual cloud conference in Las Vegas. “We had to remind people that we were actually trying to build this and launch this for customers. But it was actually kind of interesting, educational for us.”
He added of the forthcoming competition: “This is the world’s first global autonomous racing league open to everyone.” The news represents another opportunity for the world’s No 1 cloud computing company to lure people to try its machine learning services such as Amazon SageMaker, applying them to the car.
It also raises questions about Amazon’s interest in autonomous vehicles, an exploding area that has drawn heavy investments from automakers and technology companies alike, notably Amazon’s rival Alphabet Inc.
Simulations similar to the races Amazon is proposing are common in academic circles studying how traffic management would work in an era of self-driving cars. To be sure, autonomous vehicles rely on sensors, lidar and other components that are not the focus of AWS DeepRacer.
Amazon previously held what it called “Robocar Rallies” focused on behavioural cloning technology, which AWS DeepRacer events will now replace. – Reuters
TESLA VS. JAGUAR: THE FIRST REAL ELECTRIC CAR TRACK SHOOTOUT
I’ve owned a ton of them over the years, and I’ve had both good and bad experiences with the cars. Currently I own two — a 1970 XKE and a 2014 F-Type — and they are about to get a sibling. I’ve ordered a new Jaguar I-Pace, which is the first legitimate challenger to Tesla, which surprised the automotive industry much like Apple surprised the mobile phone industry.
Tesla was first to build a decent electric car for this century. Not only that — its Model S set records in terms of safety and reliability. Most of the problems the firm has had have been due to a lack of competency in manufacturing and a borderline insane CEO. However, the design of the cars, with the exception of the Tesla X, generally has been better than first rate.
I recently read about Motor Trend‘s head to head challenge between the Tesla Model 3, the I-Pace, and the Alpha Romeo Giulia Quadrifoglio (don’t get me started on naming). Even though the I-Pace was designed to run on the track, it trailed both the other cars and the Alpha won — but not by much, and the Alpha is a decent track car.
I’ll share some observations about cars and close with my product of the week: the BlackBerry Key2, which I’ve been using for several months now and still love.
I-Pace vs. Tesla vs. Gas
As noted, the I-Pace (pictured above) is the first real challenger to Tesla’s dominance. You’d think I’d be disappointed that it didn’t do better on the track, given it was designed for the track. However, the I-Pace is a crossover, not a sedan, and when was the last time you saw an SUV run against a hot sedan and win on the track? An SUV is designed to go on and off road. It sits higher, and thus it won’t corner as well. Plus, it has far more wind resistance.
Until recently, Tesla cars, when tracked, would go into limp-home mode after a lap or two. You couldn’t track them at all until Tesla did a software tweak and introduced Track Mode in the Model 3, and now it’s a decent track car. On my last track day (I track a Mercedes GLA45 AMG) there was a Model 3 on the track, and it did impressively well. It was surprisingly competitive.
Now the issue with tracking any electric is where the hell do you charge the thing up? You use a ton of fuel when you track a car. I went through about a tank and a half of gas in my fast hatch in that one day on the track, and fortunately there was a place to fill up at the track.
There was a charger as well, but it looked to be a low-powered charger (not high-powered or Tesla supercharger), which means a full charge is measured in days not hours. That makes tracking any electric really risky. You could end up getting stranded at the track if you don’t allow enough reserve power to get to a high-powered charger (there aren’t many out there) or a supercharger (there are more, but they’re still not exactly as common as a gas station).
Why the I-Pace Didn’t Do Better
Now what has been driving a number of us nuts is that the I-Pace has a far bigger battery than the Model 3 typically ships with, and yet it has less range. The cause appears to be threefold: The car is an SUV and thus not as aerodynamic as the Tesla; the front motor Jaguar uses (which may be better off-road, but this hasn’t been confirmed) can’t be turned off to save energy; and the battery appears to have far higher protection against premature aging than the Tesla’s.
The battery’s life span is largely speculation, but it appears that Jaguar uses less of the battery than the Tesla does. I used to be the lead battery analyst for North America years ago, and I recall a Toyota test that concluded if you kept a battery above 10 percent charge and below 90 percent charge it would last indefinitely. It was charging to the limits that caused the battery to degrade.
Both Tesla and Jaguar have settings that are designed to reduce battery loading, but the Tesla’s settings can be overridden while the Jaguar’s appear hard-coded, which is why many of us are speculating on why the Jaguar doesn’t have a greater range.
The Mystery of the Jaguar Grill
One of the funny things that keeps coming up on the Jaguar I-Pace is the fact it has a grill and none of the Tesla cars have one. Folks talk about this as being a styling thing, but the reason that Tesla cars historically have gone into limp-home mode on the track is that their batteries overheat.
I once read that to get the car around the track, one car magazine would buy a ton of ice and park its car on top of it, in order to bring down the battery temperature enough to track the car.
The I-Pace uses what appears to be far more effective battery cooling, thanks to that front grill. It also conceals an impressive front spoiler, which provides additional downforce for cornering. Granted, that front spoiler also may increase drag, but it should improve track behavior.
In many ways, the Tesla Model 3 is the more practical car. It uses Tesla’s increasingly convenient charging network; it is a sedan, which is likely closer to the way most of us drive — few SUV drivers ever go off road; and, as the third Tesla line, its design showcases lessons Tesla learned over the last two cars.
However, the Jaguar arguably is better looking. It is rarer (though all electrics are rare) and should convey more status. It reflects higher quality (given that it isn’t cheap, it likely should). Since my wife and I use our SUV mostly as a pet carrier, the SUV design is far more practical for us, and the huge ugly thing that the Tesla X became just isn’t an attractive alternative.
The Jaguar is just closer in design to what we need, and since we rarely drive more than 50 miles a day, the charging and range limitations aren’t issues. Still, had Tesla made a small, attractive, SUV with fold-down back seats and without those cool (but very unreliable) gull wing doors, our selection process might have ended very differently.
What many are just getting around to understanding is that these new electric cars can change a lot with software updates. The Track Mode thing with the Model 3 is relatively new and expected to migrate to other Tesla vehicles (meaning you eventually might be able to make it around the track in a Tesla Model S, and the I-Pace’s track performance is likely to improve as well). Unlike most gas cars, your electric likely will improve over time.
The car I’ve ordered is supposed to be in before the end of the month. I’ll provide a more in-depth review at that time, but for now, I’m still glad I ordered an I-Pace. That said, with other electrics from Mercedes, Audi, and particularly Porsche entering the segment, in a few years I may find another that catches my fancy more.
The competition between Google and Apple is fierce. Android phones generally provide greater value (bang for the buck), but Apple phones provide greater status. They’d better, because you are paying Apple a huge premium for them.
The issue with Android phones is that they are known to be relatively unsecure. I have no desire to see the stuff on my smartphone show up on the Dark Web, along with an impressive number of my old and obsolete passwords and IDs.
In addition, I still think the move from phones that had keyboards, like the Palm and BlackBerry, to phones that don’t, like most Androids and iPhones, was stupid. You can blind type on a keyboard phone, while you largely can’t on a screen phone. I believe this one thing is what has caused the massive uptick in distracted driving and funny YouTube videos of folks walking into things like open manholes and fountains.
The BlackBerry Key2 is more secure, although it is an Android phone. It runs BlackBerry DTEK, which tells you how secure your phone is, and it loads Android on top of a BlackBerry platform, making the phone very difficult (if not impossible) to rootkit (that is, to put a piece of malicious software below the OS, fully compromising the phone).
It has a twin sensor camera and a decent flash, making it competitive with other smartphones in that regard. I’ve experienced no unique problems with Android apps, including Dell Mobile connect (which puts your phone screen on your PC monitor and allows you to drag and drop from, and remote control your phone from your PC).
Oh, and when I must type a long note, I am a ton faster on the BlackBerry Key2 than I am on a regular smartphone or a tablet. Thus, the BlackBerry Key2 is my product of the week.
SCOUT is the portable charger that’s thought of everything — and now, it’s half off
How to AirDrop a file from an iPhone to a Mac or other Apple devices
Huawei Y9 2019 Smartphone Excites Customers
Samsung Galaxy Fold, S10 and 5G phones unveiled at Unpacked event
Beats Wireless Headphones Are Up To $110 Off On Amazon Today
Samsung Galaxy Tab S5e Ultra-Thin Android Tablet
MWC 2019: Oppo releases 10 times lossless camera zoom
Google says the built-in microphone it never told Nest users about was ‘never supposed to be a secret’ (GOOG, GOOGL)
Mercedes-Benz sells 180,539 vehicles, January
Here are the latest predictions for Apple’s 2019 products, according to one of the most reliable Apple analysts
Z10 Tips, Tricks and Shortcuts
Mujjo reveals exclusive full-grain leather cases for the Galaxy S8/S8+, and they come with style
FACEBOOK UNVEILS ANONYMOUS LOGIN
ISACA INSTALLS 2018-2019 BOARD OF DIRECTORS
Europe to abolish mobile roaming charges by 2017
THE ‘BRUSHED ONYX’ DELL XPS 15 2-IN-1 (9575) IS A MONOLITHIC BEAUTY WORTH THE EXTRA $50
Is Social Media Actually Helping Your Company’s Bottom Line?
WANT TO MAKE LINUX MINT LOOK LIKE A MAC? THIS THEME CAN HELP
Microsoft ropes in Opera Mini as default Nokia dumbphone browser Ancient browser to power ancient Redmond mobes
THIS HANDMADE TESLA GUN IS SHOCKINGLY COOL
6 Stunning new co-working spaces around the globe
3 Ways to make your business presentation more relatable
5 Crowdfunded products that actually delivered on the hype
Startup adds beds and Wi-Fi to buses to turn them into ‘moving hotels’
The 9 worst mistakes you can ever make at work
15 Habits that could be hurting your business relationships
- Hardwares1 week ago
Huawei Watch GT coming to the US on February 19 for $200, up for pre-order on Amazon now
- Systems1 week ago
Oppo teases F11 Pro with 48 MP camera
- Tech News1 week ago
Developers say Sony is ‘playing favorites’ with PS4 cross-play support 25 Wargroove and Paladins developers say that Sony won’t enable the feature for their games
- Tech News1 week ago
Rockstar Games Loses 20-Year Veteran Who Worked On Almost Every Game The Studio Made
- Tech News1 week ago
Report: Apple Is Trying to Get Newspapers to Fork Over Half of Revenue From Planned Subscription Service
- Security1 week ago
The Ultimate Beginners Guide to GDPR Compliance in 2019
- Systems1 week ago
Xiaomi will announce the Mi 9 on the same day as the Samsung Galaxy S10
- Business2 days ago
Mercedes-Benz sells 180,539 vehicles, January