Category: Free

Meet Kevin Richardson, the man that naps and hugs lions. Like real lions. Crazy video and well worth the watch.

Read the linked story and then try to justify to me that Digital Ocean is a good hosting provider. These guys are shit, run away from them.

(Note: I do think there was a wrong done by the blogger in not getting permission for posting the quote. I do not think that is a case for the hosting provider to be involved, as it is clearly a case for the courts to decide.)

Bruce Schneier:

> We’re at a crisis point now with regard to the security of embedded systems, where computing is embedded into the hardware itself — as with the Internet of Things. These embedded computers are riddled with vulnerabilities, and there’s no good way to patch them.

The problem is especially bad in routers — where people update/upgrade/replace them about as often as they do TVs.

Kevin Fitchard:

> AT&T launched a new billing program called Sponsored Data Monday at its developer conference at CES, which shifts mobile data costs from the consumer to the content provider. The idea is to create a two-sided charging model for mobile data, letting app developers and content providers foot the bill for their customers’ data use. That kind of the model has the potential to save consumers money, but as we’ve pointed out before it also messes with some of the foundational principles of the internet.

This kind of stuff makes me nervous, and Fitchard does a really good job pointing to the good and bad sides of a move like this.

> But one of the foundational principles of the internet is that it’s neutral, that no content is prioritized over other content. While AT&T stressed it won’t actually prioritize traffic in the Sponsored Data program — apps and content will work the same on the network no matter who’s footing the data bill — this type of program creates a kind of de facto hierarchy from the consumer’s standpoint. If all other things are equal, why not watch the video or use the app that doesn’t drain your data plan?

It will be interesting to see how this plays out.

Senator Paul meanwhile had decided to sue over NSA spying. We’ve hit a nice precipice of outrage and I doubt people stop making noise until the Supreme Court weighs in.

The NSA was asked by Senator Sanders whether or not the NSA, in any way, spied on members of Congress. Senator Sanders also outlined what he meant by spying. It was a great letter which left little wiggle room.

The NSA response was predictable and a non-answer answer. In short the NSA did everything it could to not have to admit that, under Senator Sanders description of spying, the NSA *does* spy on congress.

Matthew Panzarino:

> Apple has contacted TechCrunch with a statement about the DROPOUTJEEP NSA program that detailed a system by which the organization claimed it could snoop on iPhone users. Apple says that it has never worked with the NSA to create any ‘backdoors’ that would allow that kind of monitoring, and that it was unaware of any programs to do so.

Click through and read the statement — it’s a pretty definitive statement from Apple (and came quickly, for Apple at least) and encompasses *all* Apple products not just the iPhone.

This doesn’t mean there isn’t a backdoor — as I understand it the NSA attacks BIOS level software. If that is the case perhaps Apple isn’t writing the BIOS’ on iPhone and therefore the NSA has partnered with an Apple vendor? This is pure speculation though.

Marco Arment:

> While most of the press demands new hardware categories, I’d be perfectly happy if Apple never made a TV or a watch or a unicorn, and instead devoted the next five years to polishing the software and services for their existing product lines.

On this, I am in complete agreement with Arment. See also [Arment’s follow-up (of sorts) post](http://www.marco.org/2013/12/29/smart-watches-and-face-computers) on smart watches and Google Glass.

Just a quick reminder that you can save $10 on a yearly subscription to this site through the end of tomorrow. This isn't likely something I will do again so now is your chance (as they say).

Thanks for your support — it is your support that will hopefully pay the bills one day.

Jay Hathaway:

> According to leaked documents, the NSA claims a 100 percent success rate when it comes to implanting iOS devices with spyware. The documents suggest that the NSA needs physical access to a device to install the spyware—something the agency has achieved by rerouting shipments of devices purchased online—but a remote version of the exploit is also in the works.

UPDATE: [Steve Wildstrom reports](http://techpinions.com/apple-iphone-and-the-nsa-a-tale-of-sorry-journalism/26125):

>If you dig back through the sources here, you find a fascinating dump of documents in Der Spiegel (German original) about the NSA’s Tailored Access Operations including a 50-page catalog of snooping devices worthy of MI-6′s fictional Q. One, called DROPOUTJEEP, claimed the ability to compromise an iPhone by replacing altering its built-in software. “The initial release of DROPOUTJEEP will focus on installing the implant via close access methods,” the 2008 document said. “A remote capability will be pursued in a future release.” In other words, before any snooping took place, the NSA first needed to get its hands on your iPhone and replace its software1 .

Jacob Appelbaum, Laura Poitras, Marcel Rosenbach, Christian Stöcker, Jörg Schindler And Holger Stark reporting for Spiegel on the NSA TAO operations:

> A comprehensive internal presentation titled “QUANTUM CAPABILITIES,” which SPIEGEL has viewed, lists virtually every popular Internet service provider as a target, including Facebook, Yahoo, Twitter and YouTube. “NSA QUANTUM has the greatest success against Yahoo, Facebook and static IP addresses,” it states. The presentation also notes that the NSA has been unable to employ this method to target users of Google services. Apparently, that can only be done by Britain’s GCHQ intelligence service, which has acquired QUANTUM tools from the NSA.

And:

> Take, for example, when they intercept shipping deliveries. If a target person, agency or company orders a new computer or related accessories, for example, TAO can divert the shipping delivery to its own secret workshops. The NSA calls this method interdiction. At these so-called “load stations,” agents carefully open the package in order to load malware onto the electronics, or even install hardware components that can provide backdoor access for the intelligence agencies. All subsequent steps can then be conducted from the comfort of a remote computer.

The last quote makes a lot of sense, and is likely the reason why people like Schneier went and bought a computer from a store with cash as it’s not likely to have been intercepted. The first quote block though shows the amazing toolset at the TAO’s disposal.

Jacob Appelbaum, Judith Horchert and Christian Stöcker:
> These NSA agents, who specialize in secret back doors, are able to keep an eye on all levels of our digital lives — from computing centers to individual computers, from laptops to mobile phones. For nearly every lock, ANT seems to have a key in its toolbox. And no matter what walls companies erect, the NSA’s specialists seem already to have gotten past them.

> This, at least, is the impression gained from flipping through the 50-page document. The list reads like a mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets’ data. The catalog even lists the prices for these electronic break-in tools, with costs ranging from free to $250,000.

Holy fantastic post. Some choice quotes from Robert Evans, Rafi Sela’s post:

> The TSA treats each traveler the same because of some stupid idea that everything needs to be fair. Security needs to be done due to risk — and risk means that in Israel we don’t check luggage, we check people. And I’m not talking about racial profiling here; that’s a product of poor training. Regardless of race or creed, people with bombs strapped to their body behave in similar ways.

And:

> But thanks to the layout of modern American airports, he doesn’t even have to get through security. The TSA conveniently packs hundreds of travelers together in cramped security lines. Terrorists love crowds because they can inflict the most harm that way. Anyone who watches the news knows that. So what does American airport security do? It gathers folks together in long lines BEFORE they’ve been scanned at all.

Worth reading the entire post to understand just how woefully inept the TSA is.

At this point I wonder if even the President believes their tactics are anything more than ass covering.

Justin Williams:

> From the moment NewsGator announced it was looking to give Glassboard a new home, we were jumping at the opportunity to bring some fresh ideas to one of our favorite apps. We couldn’t wait to let you in on our first steps toward modernizing Glassboard…

This is great news. I love Glassboard, but it has been a bit long in the tooth for a while now. Kyle and I used Glassboard almost entirely while collaborating on Begin, and it was a savior for me. Can’t wait to see the updates.

I wrote up an iPad PDF roundup for The Sweet Setup. Go find out why PDF Expert is the best you can buy.

Justin Williams:

> This has been one of the hardest projects I’ve ever worked on. Simultaneously, it’s also the project I am most proud of. My partner in crime Jake Desaulniers and I set out to create a better photo browser for the iPhone, and I think we hit a home run.

I downloaded it this morning, and now I am trying to find out how to make my Lightroom library sync with my iPhone. Nice little app.