Author: Christopher Parsons

Policy wonk. Torontonian. Photographer. Not necessarily in that order.

Categories
Links

Moto Z Play review: the best battery life of any smartphone today

But the Moto Z Play rarely feels like you’re doing much settling. Even when you add together the negatives like an average camera, Verizon’s annoying bloatware, and Lenovo’s poor track record with software updates, the Moto Z Play’s affordable price, zippy performance, and unbelievable battery life still add up to something very compelling. And yes, unlike the Z and Z Force, there’s even a headphone jack built in. Forget the Z’s before it; this is the practical Moto Z that most people should get. It’s available exclusively from Verizon Wireless for a limited time for $408, but starting in October you can get it unlocked on GSM carriers (and free of carrier bloat) for $450.

The Verge notes that if you buy a Moto Z you’re unlikely to get “software updates”. That doesn’t just mean you won’t get bells and whistles and neat new features as Google releases new versions of their operating system. It also means that Lenovo will not send you security updates. So you’ll have a long-lasting smartphone that is insecure to trivial attacks that could extract sensitive personal information or otherwise compromise your device.

But other than that, I’m sure it’s a great phone to recommend.

Categories
Links

More than 400 malicious apps infiltrate Google Play

Ars Technica:

One malicious app infected with the so-called DressCode malware had been downloaded from 100,000 to 500,000 times before it was removed from the Google-hosted marketplace, Trend Micro researchers said in a post. Known as Mod GTA 5 for Minecraft PE, it was disguised as a benign game, but included in the code was a component that established a persistent connection with an attacker controlled server. The server then had the ability to bypass so-called network address translation protections that shield individual devices inside a network. Trend Micro has found 3,000 such apps in all, 400 of which were available through Play.

“This malware allows threat actors to infiltrate a user’s network environment,” Thursday’s report stated. “If an infected device connects to an enterprise network, the attacker can either bypass the NAT device to attack the internal server or download sensitive data using the infected device as a springboard.”

BYOD: a great cost-saving policy. Until it leads to an attacker compromising your network and potentially exfiltrating business-vital resources.

Categories
Links

This is where your smartphone battery begins

This is a brilliant (if saddening) long-form investigation into how the cobalt in contemporary electronics is mined in the Congo and the impacts such mining has on the local residents. It’s worth the (long) read.

Categories
Links

Why doctors are rebelling against Ontario’s crumbling healthcare system

Toronto Life:

The fact that doctors bill more than $11 billion annually makes them something like a corporation—their revenues are roughly the same as Air Canada’s or Canadian Tire’s. When companies of that size have to deal with revenue freezes or shortfalls, they respond by finding efficiencies, eliminating duplication and waste, lowering wages or prices, squeezing suppliers for discounts. They take a hard look at how they run their business, and they usually become better companies as a result. Doctors refuse to do this work. Hoskins is determined to force them.

I’m uncertain that the author has ever travelled on Air Canada. Unless, of course, they think that the ‘efficiencies’ Air Canada has achieved by laying of thousands of people, worsening service quality, and regularly failing to meet its agreements with customers have made Air Canada a “better company” as a result.

Categories
Links

Organizational Doxing and Disinformation – Schneier on Security

From Bruce Schneier:

Major newspapers do their best to verify the authenticity of leaked documents they receive from sources. They only publish the ones they know are authentic. The newspapers consult experts, and pay attention to forensics. They have tense conversations with governments, trying to get them to verify secret documents they’re not actually allowed to admit even exist. This is only possible because the news outlets have ongoing relationships with the governments, and they care that they get it right. There are lots of instances where neither of these two things are true, and lots of ways to leak documents without any independent verification at all.

No one is talking about this, but everyone needs to be alert to the possibility. Sooner or later, the hackers who steal an organization’s data are going to make changes in them before they release them. If these forgeries aren’t questioned, the situations of those being hacked could be made worse, or erroneous conclusions could be drawn from the documents. When someone says that a document they have been accused of writing is forged, their arguments at least should be heard.

As someone who routinely receives, and consults on, leaked documents I can emphatically say this is a serious issue. And that journalists are generally very cautious these days about publishing based on mysteriously sourced documents.

Categories
Aside Links

Google’s latest IM client, Allo, isn’t ready for prime time

Ars Technica:

It’s no secret that Hangouts was poorly supported inside Google, so will Allo be any different? I’ve heard that Google Hangouts was never given resources because Google felt it would never be a money-maker. In instant messaging, you talk to your friends and send pictures back and forth, and an ad-powered Google service is never involved. With Allo, that changes because the Assistant is a gateway to search. Every question to the Assistant is a Google Search, with in-app answers coming for questions and links to generic Web searches for everything else. With search comes the possibility for ads, both from the generic search links and in the carousels that answers often provide. I’ve yet to see an advertisement inside Allo, but since it seems possible for Allo to make money, maybe it will receive more support than Hangouts did.

Setting aside the basic privacy issues of Google having access to unencrypted, plaintext, chats you have with friends and colleagues, the fact that Google is apparently unwilling to support its own products if they can’t be used to empower Google advertising is just gross. Google has impressively wasted the skills and talents of a generation of developers: imagine what might exist, today, if people were empowered to write software absent the need to data mine everything that is said for advertising purposes?

Categories
Links

True stories of lawsuits, fisticuffs and harassment in condoland

Toronto Life:

Lifestyle clashes are inevitable when people of all ages and socio-economic backgrounds live on top of each other in a forced community. When different priorities collide, a siege mentality can set in. In the years since Pantoliano’s case, Toronto has sprouted tens of thousands of new condo units in every shape and size. Retired empty nesters live below boisterous hipsters. People who work night shifts are trying to sleep while parents are getting their toddlers off to daycare. Families with rowdy kids take up residence across the hall from quiet professional couples. And they all unrealistically expect the same degree of freedom and privacy as they’d have in a detached home. Instead, they’re keeping each other up at night, squabbling in hallways, sparring in elevators and petitioning condo boards. The shimmering vertical city has become a breeding ground for lawsuits, bullies and brawlers.

I’ve (generally) been blessed with good condo neighbours above, below, and around me for the entirety of my life. But having spoken to people in my own building who are living beside those who party all the time, cram 6+ people into three bedroom units, and drink and fight in the halls, I know that I’ve just been very fortunate.

Categories
Links

Congress Needs to Press the Pentagon, Saudi Arabia on Abuses in Yemen War

Just Security:

The panel also said the coalition should have warned medical staff at the Doctors Without Borders-supported Haydan hospital in Saada governorate before bombing it six times. But the panel dismissed the seriousness of attacking a hospital by concluding there had been no “human damage.” Besides the two patients who the aid group’s country director told me were injured, the attack destroyed the emergency room of the hospital, which had received about 150 cases a week. It was the only medical facility within an 80-kilometer radius, making the “human damage” of the attack incalculable.

The panel also concluded that a February 27, 2016 attack on a village marketplace didn’t kill any civilians, while we documented10 civilian deaths, including a woman and four children. In an attack on another marketplace on March 15 that United Nations research and ours found that 97 people died, the panel incredibly said it saw no proof of civilian casualties. One man told us he lost 17 relatives and another lost 16.

The coalition’s examination of attacks is a reversal of past practice, but there’s a long way to go before its investigations can be considered credible, transparent, and impartial. Since the Saudis haven’t released details about the panel members or the actual reports on each incident, it’s hard to know why their findings are so different from what we and the UN found on the ground.

There are also many more airstrikes that need to be investigated. It is unclear how the panel chose these 8 strikes over the more than 70 apparently unlawful airstrikes that we and Amnesty International have documented, and the more than 100 that the United Nations has. These documented coalition strikes have killed nearly 1,000 civilians.

For instance, a March 30, 2015 strike on a camp for internally displaced people killed at least 29 civilians and another strike a day later on a dairy factory near the Hodaida port killed at least 31. On May 12, the coalition struck a civilian prison in the western town of Abs, killing 25 people.

That same day, aircraft dropped at least five bombs on a marketplace in the town of Zabid, killing at least 60. A July 4 attack on another marketplace in the village of Muthalith Ahim killed at least 65. On October 7, the coalition bombed a triple wedding in the village of Sanaban, killing 43 civilians, including 13 women and 16 children.

There is an ongoing human rights crisis in Yemen, supported by Western technology systems and implicitly backed by the world’s largest superpower. And, at the same time, Canada is selling armoured vehicles to nations known to engage in similar types of human rights abuses.

Categories
Links

Trump’s Empire: A Maze of Debts and Opaque Ties

New York Times:

Tracing the ownership of many of Mr. Trump’s buildings can be a complicated task. Sometimes he owns a building and the land underneath it; sometimes, he holds a partial interest or just the commercial portion of a property.

And in some cases, the identities of his business partners are obscured behind limited liability companies — raising the prospect of a president with unknown business ties.

A revealing analysis of Trump’s actual financial situation.

Categories
Aside Links

France’s Emergency Powers: The New Normal

Just Security:

The new, six-month extension of emergency powers creates France’s longest state of emergency since the Algerian War in the 1950s. The new law restores or extends previous emergency provisions, such as empowering police to carry out raids and local authorities to place suspects under house arrest without prior judicial approval. It also expands those powers, for example allowing the police to search luggage and vehicles without judicial warrants. In addition it reinstates warrantless seizures of computer and cellphone data that France’s highest legal authority had struck down as unconstitutional, adding a few restrictions that still fall short of judicial oversight.

In separate reports in February, Human Rights Watch and Amnesty International documented more than three dozen cases in which the use of these emergency powers violated universal rights to liberty, privacy, or freedoms of movement, association and expression. The two groups also found that the emergency acts lost suspects jobs, traumatized children, and damaged homes. The vast majority of those targeted were Muslims. Those interviewed said the actions left them feeling stigmatized and eroded their trust in the French authorities. The latest version of the emergency law risks compounding these effects.

The decisions to advance unconstitutional and discriminatory ‘security’ laws and policies following serious crimes threaten to undermine democracies while potentially strengthening states. But worryingly there are fewer and fewer loud voices for the rough and tumble consequences of maintaining a democratic form of governance as opposed to those who assert that a powerful state apparatus is needed if normalcy is to exist. The result may be the sleepwalking from governments for and by the people, to those that protect citizen-serfs and harshly discriminate against difference.