Translator APP

So I have this idea that I will probably never make, but I would like to share it.

With all the new technology that is coming out in portable devices I would like to see a Translator app. My idea is to be able to use the cameras on cell phones and OCR technology to translate on the fly. I am not sure how the tech this would be accomplished. The current thinking is that you would need to an internet connection and up load the image to a server for the translation. This would be a good work around until Cell Phone processing power is increased enough to handle it.

He is what I envision; take a picture of something like a menu in a restaurant. The picture gets uploaded to a server and optical recognition software strips the words out and then overlays them back on the image.

Original Picture:

Picture After OCR:

All recognized words are highlighted yellow and words that were not recognized are highlighted blue. From here you can translate the words to various languages.

Translated words:

The translated words pop up over their highlighted counterpart. In this scenario I translated English to Spanish, but the done in reverse. Imagine being in Mexico and your phone was an on the translator. I know there are plenty of apps that translate typed text to you. There are also apps that use OCR technology to pictures of text into editable text. I have not seen one that combines the two technologies together.

Tell me what you think. Is there app out there that already does this? Do you think this is a good idea?

Government Scrambles to Fix an Unfixable Issue.

If you have been anywhere near a TV, Radio, or Internet news site you have probably heard the word ConFlicker. I’m not here to talk about this internet terror itself, but I am here to talk about the actions that people are taking. As the title of this post says, the state is scrambling to fix an issue that cannot be fixed. What I mean bythat statement is that although ConFlicker can be stopped technically, it was built to thrive on societal ineptitude of internet culture by means of social engineering. 

The infections scheme is based on Social Engineering concepts. A time honored tradition of thieves, rouges, and conartists. Social engineering has the power to make people accept totally believable, yet factious, stories which gain information and confidence of victims to further the personal greed of criminals. I would like to say that this rare, but with AIG, Madoff, Enron, and Katrina scandals in the news I believe it is more common place now than ever before. Here in America, our society is built on the fact that you’re innocent until proven guilty. I believe that is the correct way to view the world, but this leads us to trust the good in people and hinders our skepticism. This innate idea to trust sometimes blinds us to the reality that there are harmful people, whose only intentions are to steal our identities and money.
Enter Conflicker, a computer worm that infects your unpatched computer through visiting bogus websites setup by hackers. Most people who visit these malicious websites are steered there through cleverly disguised social engineering techniques such as spam emails, hacked accounts social network accounts, and variety of other unassuming methods. 60 Minutes recently did an episode that showed how a hacked Facebook account was used to direct friends of that account to infect websites. As soon as I saw that computer generated Facebook message from the hacked account it sent warning signals off to me, but probably 90% of people would have clicked the link. This type deception is the true danger of Conflicker and other virus like it. The major way the virus is effective is if your unpatched computer is tricked in to visiting an infected site.  
You might be wondering what all this has to do with government. As much as the government tries to patch all their machines and cut internet usage to their workers this will not be enough. Conflicker, while nasty, is not the issue, it’s the methods that spread Conflicker that need to me addressed. Until we start teaching internet users to be savvier or law enforcement can eliminate the threats at the source, Conflicker is just the means of this attack and not the solution for stopping the problem.

So what are we to do about this threat???  It is a two pronged solution, education and punishment. I will not go into punishment here, but I’ll only say that most of these cyber attacks come from Russia and China which we have few options for recourse even if we know who is the criminal. Education, Conflicker is not a technical issue; it is a computer/internet education issue. Patched computers with updated antivirus software are at little to no risk. The systems that are at risk are the ones that do not patch the OS or the Anti Virus protection is outdated. This is why we need to better instruct people why they need to keep their Antivirus up to date. We need to show computers users how to keep their operating systems patched. We need to educate people on what to be suspicious of when they receive emails, IM’s, text messages, tweets, etc…. The power these hacker are given is because overall society of internet users are oblivious to simple, but crucial steps to deter criminals. This is not saying that by teaching the mass how to be safer on the internet will end all problems. There have been and will always be people that prey on the uneducated, the less fortunate, and trusting. 
For> more information on Conflicker or a means of scanning your computer to see if you are infected 

For more information on Conflicker or a means of scanning your computer to see if you are infected read Adrian Kingsley-Hughes – “The ‘no bull’ guide to Conficker”

Tally Talks

Just an idea

Would anyone be interested in an every other month get together, for 2ish hours, where you would have 3 or 4 people give a 15 minute speech/lecture on a tech type topic and Q&A afterward? Think TED, but local Tallahasseeians giving mini-lectures on technology topics they find relevant. It could be anything they want it to be as long tech play a role in it.

Ideas:

• Photography and how you use the web to show your work.
• Digital creation through Photoshop.
• How to get more followers on Twitter???
• How to use Twitter to advertise and market.
• The benefits of using open source technology.
• How to Partition a RAID 0 disk array.
• Using Web 2.0 Technologies and Social Media to be more efficient.
• How to edit music with Audacity. Using technology to enrich church.
• How to setup a Media Center PC in your Living room.
• What makes a good password and how to keep your information safe while on line.
• Spam and Scam how to protect yourself from phishing.
• How to start a podcast.
• Whatever………….

 

With the presenters permission we could film it and create a Channel on Youtube to share these presentations.

If you think this might be something that you are interested in please let me know by commenting below or Twitter me @verticalgambit

Finding yourself and everyone else.

So, I have been trying this new service from Google called Latitude. Basically, it is a location based social media service that lets you share where you are and what you are doing. Latitude can be used through your phone or the web. The service will be within the RC33 release for Android (Google’s mobile OS). Google announced that this service will also be coming to other mobile devices (iPhone???). After giving Latitude a try (less than a day) on my iGoogle page, it appears to do the basics of every other location based social media application.

 

There are a couple things I can already see that Latitude needs. First, Twitter integration. I would like to be able to update my twitter and have it up Latitude. Even better I would like to use Twinkle on my iPhone to give location data and Twitter updates. Next, it appears right now it I can only update it through my iGoogle on the web. Give me a static Latitude webpage like Calendar, Docs, ect…. Also, when inviting people from my Gmail account please give me a “select all” button for my contacts list! Lastly, integrate my contacts list from all my other social media networks. I need Latitude to grab my Twitter, Myspace, Facebook, Linkedin, and Ning contact list for inviting people.

 

I Have Questions, Do You Have Answers?

I have not had a chance to update my Blog in a while and wanted to get something up. I was trying to think, “What can I blog about?”

I came up with nothing. Soooooo, I thought I would pose a few questions and see if I can get some ideas about what to write.

What is your favorite online video (YouTube, Hulu, Veoh, etc…) service?

Do you use a similar micro blogging service to Twitter (Laconica, Jaiku, Pounce, etc…)? If so, how do you use it?

Do you use an online storage site for storing things like files or backups? What site?

What is your favorite online image storage website (Flicker, Picasa, Photobucket, Shutterfly, ect…)?

Is there any online technology that you would like to know more about? I love researching tech, so if you have something that you want to know more about or something I can blog about that people might find interesting please let me know.

Mail Goggles. Don’t Drink and Email

 

For all those people (like me) that think Google is hilarious, well they have done it again. Google has launched Mail Goggles. 

 

The officail line from Google 

“Google strives to make the world’s information useful. Mail you send late night on the weekends may be useful but you may regret it the next morning. Solve some simple math problems and you’re good to go. Otherwise, get a good night’s sleep and try again in the morning. After enabling this feature, you can adjust the schedule in the “General” settings page.”

Basically this service will deter Gmail users from sending emails in a less that sober state. Once you turn on Mail Goggles, if you attempt to send an email between the hours of 10:00PM to 4:00AM (default time) you will be prompted to answer five math questions wi Emailthin a set time limit.

Unless you turn into Steven Hawking after a Guinness or two, this means it will be harder to send that late night drunken email telling your boss what you really think.

Although this has to be one of the funniest things I heard in a while, I do think this type of precaution can make the Internet better in the long run. Imagine if you are on your favorite forum and they implement this type of functionality. Imagine how many of the eight years old Trolls out there would be out of luck if they had to answer simple math questions.

New College Graduate Desperately Seeking Progressive IT Environment.

Until about three weeks ago, I had never heard the word millennial used in the context of referring to a specific group people. I first heard the word when I was in an hour long IT session, Web 2.0 Technologies. The presenter used the term millennials to describe college students who will be entering the workforce looking for the same functionality they use on the web to help solve business problems. Like most cliché technology words (solutions, beta, streamline, The Cloud, ect.) I’ve heard over the last three years, I did not pay this one any attention. Now, everywhere I turn, this word is working its way in to the business vernacular. It seems now that word is really starting pick up some steam. It will not be long, if it has not happened already, before we see Rick Sanchez twittering and talking on CNN about millennials.

If you are not sure what a millennial is then, join the club. Millennial is another name for Generation-Y. Depending on where you look you will find different number, but basicly millennials are anyone born between 1977 to 1998. These are today’s teens to early thirty something’s that have grown up in the internet age. Some key attributes of this group are the early adoption, multitasking, no brand loyalty, and the need for on demand services. Most millennials care more about functionality, simplicity, user collaboration while appearance is secondary.

A recent article I read in Computer World magazine, Vol. 32, Number 38 (September 22nd 2008), pushed me to write this post. The publication dedicated two pages about how “Millennials Demand Changes in IT Strategy.” This article talks about a new generation of internet savvy users who are more likely to work for companies that take advantage of progressive web 2.0 technologies. It the same regard, companies that have strict policies are likely to lose talented young workers.

Herein lies the problem, if you are an upstart business with minimal data restrictions building a mobile and dynamic environment, attracting young talented workers is easy. There are many pitfalls for government funded state organization . The major issue for this type of change is security. Government organization cannot sacrifice security for usability. There are so many restriction that have been legislated on government agency to protect information it is virtually impossible to get anything done due to the fear of being sued or in violation of outdated government mandates.

Very soon this governmental inability to progress forward is going to lead to a bigger issue than security. It was hinted in the Computer World article that the lack of hiring young talented replacements will come to a head as soon baby boomers start retiring. This mass exodus of institutional knowledge coupled with the fact that most of the talented college graduates are not looking to work for the government is going to crush the public sector within the next ten to fifteen years. As the pace of information moves steadily faster and faster, government Information Technology departments are doing all they can to stay afloat. With budget crises across the county, any type of progressive projects or recruitment within State and Federal government IT is limited. The fact is that millenials, who may be able to find solutions to upcoming technology issues, are going in to the private sector because of the antiquated policies of government. This is the basic “Catch 22″ that need a solution now, not later!

What are your thoughts on the state of Government IT or millenials?

Business Threats through Social Engineering.

The presentation covered four key aspects of Social Engineering

• Change Society – Make Cyber Crime a Bad Choice
  
• Old School Social Engineering
  
• Phishing: Greed and Fear
  
• Post Phishing: key loggers
  
• Spear Phishing
  

Change Society- Make Cyber Crime a Bad Choice

 

The presenter started off by prefacing his reasons for the current state of internet social engineering. To start changing the current status of the internet environment the presenter suggested a change in the way society cyber crime. He stated two main reasons Phishing scams are so prevalent on the internet. The First reason is the lack of sufficient laws to prosecute criminals. The Second is the insufficient sentencing of social engineering crimes. For example, if someone robs a bank they could get a twenty year prison sentence, but if they steal your credit card information over the internet they normally get a slap on the wrist. This inconsistent administration of laws makes it an easy choice for criminals to committing cyber crime with little chance of severe consequences.

Suggestion to change the current state of Cyber Crimes:

• Better laws enforcement technologies, tools, and training
  
  • Need to have dedicated study (college, community college, trade school)
    
  • Need to have more money invested technology to help prevent and catch cyber criminals
    
• Stronger laws and punishment against cyber criminals
  
  • Local, state, and federal government need to take a look at stronger law to change the mentality of cyber criminals
    
• Raise awareness to reduce victim pool
  
  • Information Technology Departments or tech savvy users should make people aware of dangers that social engineering.
    
  • People should be praised for making right choices
    
    • Incentives should be given (give away a $10 dollar gift card (randomly selected) to lunch once a month for anyone that helped deter a potential security infraction)
      

Old School Social Engineering

“Old school social engineering” the presenter showed a picture and asked the audience what they saw.

 

A lot of the audience said a doctor. The presenter then told how our preconceived notions can mislead us. The picture above, for his example, is a criminal who dressed up as a doctor and then talked his way in to the hospitals network closet. Once inside the closet he installed a key logger to collect user’s passwords.

Social Engineering is not about having brilliant technology skills to crack high levels of encryption. Social Engineering is about using a moderate level of technology skill and charismatic personalities to crack the weakest link in security, the human element. The doctor example above is just one way show how social engineers can gain access to important information. Another way is for someone to call the companies helpdesk and talk them in to resetting a user password to allow the criminal to login to the system.

He also brought up a good point that the one of the most dangerous individuals’ in an organization maybe the lowest level employee. Often in large organizations there are employees that only last 3-5 months. These entry level positions often have access to more sensitive information than CEOs. Social Engineers will try to offer these employees vast amounts of money to copy sensitive information for them.

 

Phishing: Greed and Fear

Since the internet has become such an engrained part of society, this has made an easy target for cyber criminals. People have started to use the internet for banking, talking to friends, storing health records, talking about personal information, using public email for business purposes, ect… With email becoming the standard for communication within businesses, it has also become ground zero for the social engineering technique known as Phishing.

Phishing: A type of scam with the intent of capturing personal information such as Social Security numbers, online banking user identification numbers, debit and credit card account numbers, and passwords.

Greed Phishing: this phishing style is used by offering people incentives for filling out information. A common greed phishing scam is to send an email that looks like your bank sent it asking people to fill out a questionnaire to receive money. People receive and email that looks like a customer review form from a bank. At the end of the customer survey you are asked to give you account number and password so the bank can deposit money.

Fear Phishing: this is the most common style of phishing. Fear phishing uses emails to scare people to quickly access their account.

The email above is an example of how scammers get unassuming people to rush to what they believe to be their banks website (through the link inside the email). When a customer attempt to login to the fake site the cyber criminals get all applicable information to steal the customer’s money and identity.

There are a couple ways to prevent this type of phishing scam.

1. Do not use links within emails to access websites. Open a web browser and navigate to the website directly.
   
2. Check the URL of the website you are logging onto. If the URL address is not familiar do not give any of your information.
   

Post Phishing

Post Phishing is very similar to the fear phishing scams listed above, except it is software driven. It uses key loggers to wait until people login to an actual account and then send the login information to the social engineers. Key loggers are normally distributed through websites by using links within phishing emails. If the user clicks on the links within a post phishing email it could send you to a website that would infect you machine with malware.

Spear Phishing.

Spear Phishing: combines using emails and key loggers to get information for a specific target. Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization or a person. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient’s own company (spoofed email address) and generally someone in a position of authority.

According to an article in the New York Times, spear phishing attempts are not typically initiated by “random hackers” but are more likely to be conducted by “sophisticated groups out for financial gain, trade secrets or military information.”

Here’s one example of a spear phishing attack: The perpetrator finds a Web site for a targeted organization that supplies contact information for employees and other relevant data about the company. Using available details to make the message seem authentic, the perpetrator drafts an e-mail appearing to come from an individual who might reasonably request confidential information, such as a network administrator. Typically, a spear phisher requests user names and passwords or asks recipients to click on a link that will result in the user downloading spyware or other malicious programming. The message employs social engineering tactics to convince the recipient. If a single employee falls for the spear phisher’s ploy, the attacker can masquerade as that individual and gain access to sensitive data.

(Courtsey of http://searchsecurity.techtarget.com/
)

The presenter gave a similar scenario where a personalized email is drafted to the CIO of a technology company. The email uses information found in public website to depict a plausible reason for the sender to have an attached picture. The CIO reads the email and thinks the picture attached is of his daughter making a great play at her soccer game (found by reading the daughters blog). Once the attachment is opened a key logger is installed on the CIO’s computer.

Closing Thoughts

The presentation was very informative. Although I have heard of phishing the examples given helped greatly to understand how phishing scams really work and some of the motivation that drive people to fall for these scams. I would suggest that if given the chance everyone should be take a class on the dangers of phishing schemes. Also, look to implement a reward type system, even if it is just public kudos, within the department for people who help deter Social Engineering schemes.

Business Mashups FGTC 2008

Business Mashup

Mashups take numerous data sources combined and layer them together to form an informative presentation that can deliver services tailored to individuals. The presenter used the book “The Long Tail” as an explanation to the shift from mass production of generic stuff to niche markets.

“The Long Tail, in a nutshell“

The theory of the Long Tail is that our culture and economy is increasingly shifting away from a focus on a relatively small number of “hits” (mainstream products and markets) at the head of the demand curve and toward a huge number of niches in the tail. As the costs of production and distribution fall, especially online, there is now less need to lump products and consumers into one-size-fits-all containers. In an era without the constraints of physical shelf space and other bottlenecks of distribution, narrowly-targeted goods and services can be as economically attractive as mainstream fare.

Courtesy of http://www.thelongtail.com/about.html

The graph above is divided in half, the first half (red) is made up of the most popular products, while the second half (yellow) is more niche products. To make this graph more understandable, The Presenter altered the words within the graph to give an example that everybody could understand.

Scientist ran a study on thousands of books that have been scanned in to computers and to find out what were the most common words used in the English Language. Through their study they learned that 50 % of the printed English language consisted of only 137 words. After the 137 most common words, there was a leveling off in to regional or Niche word within the rest of their scanned information. When put in to a graph it looks like the above. The presenter explained that this example demonstrated that the need for a more diverse section of content (yellow) that can be “Mashup” with the vastly more popular, but smaller, main content (red).

Zillow.com was used as a real world example show how combining niche information with globally accepted formats.

Zillow.com: is an online real estate service dedicated to helping you get an edge in real estate by providing you with valuable tools and information. Zillow can overlay recent home sales information (cost of home, mortgage rates, and monthly mortgage payments) which is niche information for only those interested in buying homes, with map technology that most people use.

Another example of using Mashups was submitting a leave request for work. Normally, when an employee submits a leave request an email would be sent to their boss, she/he would approval or deny without any knowledge of how much leave the employee had left. The employees request then would be sent to the HR department for recording the hours of leave taken. If there is not enough leave time on the books it presents a problem for the employee and the boss.

With a Mashup from the HR database when the employee submits a leave request it would have showed that there was only 7 hrs leave. The application would not have allowed the employee to send the request for time off.

Web 2.0 Technologies FGTC 2008

Web 2.0 Technologies is hosted by Joe Clark, Florida State University. Joe works at the Center for Teaching and Learning

Joe talked about a lot of major Web 2.0 companies like YouTube.com and Facebook. His main emphasis was on taking user generated content of websites that can be used as a model for building unique and inventive ways to get content to users. He showed examples of how Web 2.0 are good at getting the information out to a broad audience, but also how to use the feedback from comments because it can be vital source of information too. The sites below have multitudes of user generated information using simple tagging to very specific Meta-Data to categorize content.

RSS Feeds- RSS (Really Simple Syndication) is a format for delivering regularly changing web content. Many news-related sites, weblogs and other online publishers syndicate their content as an RSS Feed to whoever wants it. RSS solves a problem for people who regularly use the web. It allows you to easily stay informed by retrieving the latest content from the sites you are interested in. You save time by not needing to visit each site individually. All your information aggregated into on manageable location using an RSS Reader.

Del.icio.us – How Delicious is a social bookmarking service that allows users to tag, save, manage and share web pages from a centralized source. With emphasis on the power of the community, Delicious greatly improves how people discover, remember and share on the Internet.

SlideShare.net- SlideShare is the best way to get your slides out there on the web, so your ideas can be found and shared by a wide audience it is to Power Point’s what YouTube is to video. Help with user feedback, save exchange space having it stored in one accessible location.

Twitter- Users blast small 140 character messages good for quick broadband communication to interested parties. It can also send SMS message every time someone sends a Twitt.

Flicker – Photo sharing

YouTube.com – Hosts user-generated videos. Includes network and professional content. YouTube’s Tag line is “Share your videos with friends, family and the world”.

The concept of Web 2.0 is that friends, colleges, even strangers list and share information in a real time environment can lead to a greater understanding of a topic being discussed or just entertain.

 

In the presentation Joe showed how Ning.com which allows the user of popular Web 2.0 sites (Twitter, Flicker, blogs, ect.) to contribute specialized information that is aggregated through rss feeds onto one specially designed website. The example Joe share with us was the http://www.hurricanes08.org/ which is a user website that is built on the ning.com platform and ported huricanes08 web address. This site shows how using multiple data streams can be pulled in to make a very informative website. This particular site listed: Important Links and Contacts Latest Hurricane (static links that were places at the top of the page), Latest Hurricane News (rss news feed), Hurricane Maps (based off Google Maps and live NOAA weather info), Twitter (locals on the ground in the storm), Blog post (rss feed based on key words), Videos( YouTube), Pictures (Ficker), and other information sources.