Pokémon Go—the best thing since sliced bread (or Tinder)

By now you’ve undoubtedly heard about Pokémon Go, the ridiculously popular new phone app based on the Pokémon franchise. In the relatively new development space of augmented reality it blends fantasy characters with the real world. It uses your phone’s GPS and superimposes Pokémon[1] on a map, like this:

Near CIT

This is a screenshot taken outside my office, standing next to I-94 at Woodward.

It was released last week and is now more popular than Tinder, and is rapidly catching up with active users of Twitter. Since I’ve only just begun playing I can’t report a great deal about what it does (there are various kinds of critters that you can ‘capture’, and there are ‘gyms’ where you can have fights (the platform-like object in the image above is a gym at the church across the street from the main C&IT building at Woodward and 94), and I’m told there’s one near the Science and Engineering Library. In addition there are ‘Pokespots’ all over campus, including one inside UGL.

Here is an excellent, if a little snarky, introduction to the whole thing.

The social fall-out from Pokémon Go has been quite astonishing. There are stories of folks making friends through the app (which is perhaps why it’s surpassed Tinder 🙂 ), and a few cases of accidents of various types. Apparently, in the space of a week some folks have started playing a NSFW[2] version. There was originally a security issue because the first version of the app was able to access all your Gmail contacts if you had an iPhone, but an update has assigned appropriate security levels.

There is going to be a Pokémon Go event here in the Cultural Center on Friday.

So it really seems to be ‘a thing’, and probably worth learning more about. I haven’t yet had a chance to wander around looking for Pokespots yet, but probably will. Don’t forget to be very careful if you are walking around holding your phone. There are two dangers:

  1.  Apple Picking
  2. Immovable objects

In the end, have fun. And let me know what you think. Is this the greatest thing since Twitter? Or a flash in the pan?
_____________________________________________________________________

[1]  Since I’m a linguist you’re gonna get some linguistic commentary here too. Like several other words borrowed from Japanese (emoji, for example), purists insist that the plural is unmarked (that is, that you don’t add an ‘s’). This is analogous to those who insist that ‘data’ is plural and that the correct plurals are ‘stadia’, ‘podia’ and ‘octopi’. Or perhaps it’s analogous to the animals that have what we call ‘zero plurals’, like ‘sheep’ or ‘deer’.

[2] ‘Not safe for work’. You can probably figure out why, given that the game uses your phone’s camera, which can take selfies.

Creepy new smartphone surveillance tricks

One of my favorite gadget gossip websites, Engadget, had a post last week from Violet Blue, an internet privacy activist, about a cute new piece of snooping software called SilverPush. (Warning: Violet Blue is an internet privacy activist. But she’s also a porn artist and porn philosopher (!). Also a somewhat radical feminist. Visiting some parts of her own website can be ‘not safe for work’.)

It seems that some phone apps (but it’s not clear which ones) activate your smartphone’s microphone, and listen for signals being sent from your TV or computer. When it hears that signal (it’s not clear whether the signal is inaudible or masked in other noise) it sends a bunch of information about you to the advertiser you are listening to on your TV or computer.

What happens next is that your phone, or another computer you are logged into, or a tablet or whatever, will serve you up ads based on the signal that was sent to your phone. As Ms Blue puts it

The service it delivers to advertisers is to create a complete and accurate up-to-the-minute profile of what you do, what you watch, which sites you visit, all the devices you use and more.

The result is that your phone is watching you all the time, and making note of which ads you’ve seen so that it can send you more, including being able to text or phone you (one of the pieces of information that it ‘shares’ is your cellphone number).

Apparently the Federal Trade Commission was a little creeped out by this too, and told them to start warning people they were doing this. Apps that use SilverPush apparently include some Samsung apps and Candy Crush. They claim that no US companies are using their service, but some have questioned that, since the list of companies they contract with is a secret.

Here’s another, perhaps a little less panicked view. Still, I’d recommend that when you install a new app, and it asks whether you want it to use the microphone, you might want to say ‘no’.

Interestingly, the Neilsen company (the ones who track who’s watching which TV shows) uses a similar technology, but on a much more open and aboveboard basis. They ask their raters to wear a ‘pager’ that also listens to the TV or radio for subsonic tones identifying which program is on. But of course, Neilsen contracts with the people wearing the pager, and pays them to do so.

For more general musing on the state of privacy with respect to the data that companies collect about us, you can watch this rather long, but entertaining talk by Bruce Schneier at a recent Cato Institute Conference on Surveillance.

Tomorrow I’ll post a blog on how to check to see if your smartphone is using your camera or microphone for things you might not know about.

Celebrate National Cybersecurity Awareness Month by Protecting your Smartphone

OK, so NCSAM isn’t your favorite time of year. But if you were to lose your smartphone, and you hadn’t been careful with it, it would very definitely be your least happy time. And it’s not just the annoyance of having to get a new one, and reinstalling all that stuff…

For many of us, most of our life is accessible from our phones–from dates with our sweeties to bank account access to plane tickets–even blood pressure tracking and lists of meds. How much of that would you like to share with a phone thief? And make no mistake, Wayne State, like everywhere, is a good place for ‘Apple Picking’ (swiping a phone from someone’s hand while they are holding it out and looking at it).

What can you do? There’s a good website that C&IT provides. But the most important thing you can do is to lock your phone. Both iPhones and Android phones can be locked so that you need to type in a PIN before you can do anything other than call 911 (or, in the case of iPhones, take a picture). It’s mildly annoying, but you can set it so that the lock doesn’t take effect for some specified time, say fifteen minutes. That way you can reopen your phone right after you’ve closed it, if you’re like me and forget why you opened it in the first place, and only remember after you’ve closed it again.

In my next post I’ll talk about how you can remotely wipe your phone, so that even if someone breaks into it, they won’t find anything.

Watch a rerun of ‘Are you smarter than your smartphone?’

A couple of weeks ago I mentioned a web broadcast on securing your smartphone that we streamed on campus January 9. The webinar is now available online and you’re welcome to watch it any time. You can find it here:

https://educause.adobeconnect.com/_a729300474/p50gva8h48h/?launcher=false&fcsContent=true&pbMode=normal

If you weren’t able to make the ‘live’ broadcast, take some time to watch it–you’ll make your life a little safer. And while we’re at it, there’s going to be another one, on keeping your online reputation intact. More information will be coming soon, but meanwhile note that it is Wednesday, January 30, at 1 PM in Purdy-Kresge Auditorium.

 

 

January is Data Privacy Month, and we’re celebrating with web broadcasts on privacy

The cybercommunity has proclaimed January to be National Data Privacy Month, and, before you sigh and turn away, you might give some thought to how you are using your smartphone, and, more importantly, how others are using your smartphone. And I’m not just talking about your phone getting hacked or stolen, although both of those things are also real risks these days.
C&IT, through the national university computing organization EDUCAUSE, is streaming a national webinar entitled:

Are you smarter than your phone?

Wednesday, January 9, at 1 PM, in the Purdy-Kresge Auditorium.

There is no need to register–just show up. After the webinar, a few of us from IT will hang around to answer questions and get some dialog going on this topic.

Here’s the official blurb on the webinar:

Nearly everyone on a college campus today has a mobile phone, capable of accomplishing amazing tasks while on the go. But, how SHOULD you make use of your smartphone? You are smarter than your phone if you know that you need to make careful choices about using your geo-location feature. You might post a picture to Facebook while on your European trip if there are other people still living at your address back home. But, if your house is empty while you travel, you would be smarter to wait to post until you get home. Do you really want everyone to know you are out alone at midnight by “checking in” at your local donut shop? You are smarter than your phone if you use sound judgment about revealing your location. You’re smarter than your phone if you know you need to think critically about the sensitivity of the data you put on or access through your phone. Do you use your phone for banking, without password protecting the device? Your phone is happy to do it. But you are smarter than your phone if you protect it with a password. If you’re not thinking critically about what you do with your phone, we’ll help you think again!

Hope to see you there!

Now you have to watch out for QR Codes

What are QR codes? They’re those funny little blotchy squares you see all over the place. They are actually web addresses that you can point your smartphone at, and it will take you there. Many ads in magazines and billboards have them. They’re cool, and they’re handy. But now, they’re also risky. Who would have thought? A recent article on Dark Reading (a website for security geeks like myself) has the info:

http://bit.ly/usGhge

VPN’s–Now on smartphones too!

News flash. In my blog about VPN’s I didn’t mention connecting to the Wayne VPN with a mobile device, such as an iPad or Blackberry. Turns out you can. All you need to do is download a free app (there’s one for each of the major platforms—iOS, Android and Blackberry) called Junos Pulse. Installing it is quite transparent, and it works flawlessly. Instructions for each device can be downloaded from the Juniper/Junos Pulse support website.