Top 10 benefits of online shopping

The Internet has revolutionized the way we shop. Because of the numerous advantages and benefits, more and more people these days prefer buying things online over the conventional method of going into stores.
What are some reasons that many people love online shopping and why is it so popular? Below are my top ten reasons for shopping online.

1. Convenience. The convenience is the biggest perk. Where else can you comfortably shop at midnight while in your pajamas? There are no lines to wait in or shop assistants to wait on to help you with your purchases, and you can do your shopping in minutes. Online shops give us the opportunity to shop 24/7, and also reward us with a ‘no pollution’ shopping experience. There is no better place to buy informational products like e-books, which are available to you instantly, as soon as the payment goes through. Downloadable items purchased online eliminate the need for any kind of material goods at all, as well, which helps the environment!
2. Better prices. Cheap deals and better prices are available online, because products come to you direct from the manufacturer or seller without middleman being involved. Many online shops offer discount coupons and rebates as well. Apart from this, online shops are only required to collect a sales tax if they have a physical location in our state, even if we buy from a store across the world.
3. More variety: The choices online are amazing. One can get several brands and products from different sellers all in one place. You can get in on the latest international trends without spending money on airfare. You can shop from retailers in other parts of the country, or even the world, all without being limited by geography. A far greater selection of colors and sizes than you will find locally are at your disposal. Apart from that, the stock is much more plentiful. Some online shops even provisions in place to accept orders for items out of stock and ship it when the stock becomes available. You also have the option of taking your business to another online store where the product is available.
4. You can send gifts more easily. Sending gifts to relatives and friends is easy, no matter where they are. Now, there is no need to make distance an excuse for not sending a gift on occasions like birthdays, weddings, anniversaries, Valentine's Day, Mother's Day, Father's Day, and so forth.
5. Fewer expenses. Many times, when we opt for conventional shopping, we tend to spend a lot more than planned. There are other outside expenses on things like eating out, transportation, and let's not forget impulse buys!
6. Price comparisons. Comparing and researching products and their prices is so much easier online. Also, we have the ability to share information and reviews with other shoppers who have firsthand experience with a product or retailer.
7. No crowds. If you are like me, you hate crowds when you're shopping. Especially during festivals or special events, they can be such a huge headache. Also, it tends to be more chaotic when there are more crowds out and this sometimes makes us feel rush or hurried. Grumpy, annoying, and smelly people also annoy me when I'm out shopping. Plus, parking becomes a huge issue. All of these problems can be avoided when you shop online.
8. Less compulsive shopping. Often times when we're out shopping, we end up buying things compulsively that we don't really need. All because shop keepers pressure us or use their selling skills to compel us to make these purchases. Sometimes, we even compromise on our choices because of the lack of choices in those shops.
9. Buying old or unused items at lower prices. The marketplace on the Internet makes it much easier for us to buy old or unused things at rock bottom prices. Also, if we want to buy antiques, there's no better place to find great ones.
10. Discreet purchases are easier. Some things are better done in the privacy of your home. Online shops are best for discreet purchases for things like adult toys, sexy lingerie, and so on. This enables me to purchase undergarments and lingerie without embarrassment or any paranoia that there are several people watching me. 

    So, have I given enough reasons to choose online shopping over conventional shopping?

    Things to remember when Buying from Online Stores

    When you are buying from online stores make sure that you check out the following.
    

    • Does the online store value your privacy and confidentiality? Is their privacy policy available to read if you want to see it?
    • How long have they been in business? Are they reputed in business with great reviews from customers?
    • Does the online store have a way to contact them?
    • If you’re unhappy with your purchase, do they have a refund policy?

    If you take care of the above, Online shopping can be a very rewarding experience because of its numerous benefits.
    
    

Who needs to spend too much on samsung gear when you have this.

• Going for just KSH 800, This is a new Bluetooth Smart Watch which is compatible with all Bluetooth V2.0 or above enabled smartphones, tablets and PCs (support Android 2.3 or above),such as iPhone 4, 4S, 5, 5S, Sumsung S3, S4, Note 2, Note 3, Note 4 etc
• Handsfree Speaker Phone.Answer or Dial calls from your wrist.Ringing reminder when you receive a call.Display the number or name of incoming call. Time / Date / Week / Battery state display
• Music Player.Play the music in your phone (after Bluetooth paring. Stopwatch / Pedometer
• Barometer / Altimete. Capacative Touch Screen
• Rechargeable Battery. NOTE: Android System can support all functions mentioned in the description; But IOS only support Passometer, Calendar, Call Sync,Calculator,Clock,Stopwatch.
• It comes in all colors.

US releases declassified report on Russian hacking

The Office of the Director of National Intelligence has released its public report on Russian hacking operations in the United States.

The report, a declassified version of a classified report ordered by President Obama, details attempts by Russia to interfere with the 2016 presidential election, and concludes cyber-operations from the country were directly ordered by President Putin to harm Hillary Clinton’s campaign.

Report finds Russia had “clear preference” for Trump

“We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election,” according to the report, titled “Assessing Russian Activities and Intentions in Recent US Elections.” “Russia’s goals were to undermine public faith in the US democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump.” 

This week, in a hearing in front of lawmakers, Director of National Intelligence James Clapper previewed some parts of the report, saying Russia had relied on a “multifaceted” program to influence opinion in the US, and the report outlines some of those efforts officially for the first time.

“The Kremlin’s campaign aimed at the US election featured disclosures of data obtained through Russian cyber operations; intrusions into US state and local electoral boards; and overt propaganda,” according to the report.

Publicly names Guccifer 2.0 and DCLeaks.com as Russian fronts

The report states that Russian intelligence services made cyber attacks against “both major US political parties,” and specifically mentions the successful hack of the Democratic National Committee. (“Russia collected on some Republican-affiliated targets but did not conduct a comparable disclosure campaign,” it reads.) The report also publicly names Guccifer 2.0 and DCLeaks.com, two sources of stolen information released to the public, as Russian operatives working on behalf of the country’s military intelligence unit, the GRU. Officials from the organization were recently the target of US sanctions.

 WikiLeaks is also cited as a recipient of stolen information.

The intelligence report cites outlets like RT, as well as quasi-government paid trolls, as sources of pro-Trump, anti-Clinton propaganda online. The report also notes that the US has determined Russia “accessed elements of multiple state or local electoral boards,” though no vote-tallying processes were tampered with.

Russia accessed electoral boards but did not tamper with vote tallies

The FBI and CIA have “high confidence” the election tampering was ordered to help then-candidate Trump, according to the report. NSA has “moderate confidence” in that assessment. All three agencies put high confidence in Russia’s responsibility, and that the operations were meant to damage Clinton’s chances.

Despite those assessments, however, the report includes scant information on how the government tied the operations to Russian intelligence. The report cites “sensitive sources or methods” that would be damaged through public release, and claims the classified report contains more information. “Thus, while the conclusions in the report are all reflected in the classified assessment, the declassified report does not and cannot include the full supporting information, including specific intelligence and sources and methods,” according to the report.

The report contains scant information on attribution

That may not be enough for some critics, who have been publicly calling on the intelligence community to release more information explaining how it linked hacking operations to Russia.

Trump has attempted to cast doubt on the intelligence community’s attribution of Russia, although after an intelligence briefing on the hack today, he seemed to soften his tone slightly, saying in a statement that “Russia, China, other countries, outside groups, and people” are hacking the US, but claiming (unknowably) that “there was absolutely no effect on the outcome of the election.”

The report concludes that, after its successes in 2016, Russia will likely continue with similar tactics. “We assess Moscow will apply lessons learned from its Putin-ordered campaign aimed at the US presidential election to future influence efforts worldwide, including against US allies and their election processes,” the report reads.

7 ways to take screenshots in Windows 10

Screenshots are handy -- whether you're trying to write a how-to article or show your friend something on your screen -- but taking screenshots in Windows 10 is not as simple as it could be.
Don't get me wrong, you have plenty of options. There's the Snipping Tool, various keyboard and physical button shortcuts, and tons of third-party tools. It's just not as intuitive as I'd like (I'm a big fan of Apple's screenshot process in OS X). But if you're looking for screenshot info, look no further -- here are seven different ways to take a screenshot on your Windows 10 device

Snipping Tool

Windows' built-in screenshot tool, the Snipping Tool, has been around since Windows Vista. You can find this tool in Start > All Programs > Windows Accessories > Snipping Tool.

To use the Snipping tool, open it and click New to begin the screenshot process. The default snip type is a rectangular snip -- you'll use your mouse to crop a rectangular part of your screen for capture. You can also take free-form, window, and full-screen snips with the Snipping Tool.
The Snipping Tool does not automatically save your screenshots -- you will need to manually save them in the tool before you exit. It does automatically copy your captures to the clipboard.

Print Screen

To capture your entire screen, tap the PrtScn button. Your screenshot will not be saved, but it will be copied to the clipboard -- you'll need to open an image editing tool (such as Microsoft Paint), paste the screenshot in the editor and save the file from there.

Windows Key + Print Screen

To capture your entire screen and automatically save the screenshot, tap the Windows Key + PrtScn. Your screen will briefly go dim to indicate that you've just taken a screenshot, and the screenshot will be automatically saved in the Pictures > Screenshots folder.

Windows Key + H

If you'd like to capture your entire screen for sharing purposes, you can use the Windows Key + H keyboard shortcut. This will capture your entire screen and open the Windows Share toolbar so you can immediately share it with your friends via email, Facebook, Twitter, OneNote, etc.

Alt + Print Screen

To take a quick screenshot of the active window, use the keyboard shortcut Alt + PrtScn. This will snap your currently active window and copy the screenshot to the clipboard. You will need to open the shot in an image editor to save it.

Windows Logo + Volume Down

If you're rocking a Windows Surface device, you can use the physical (well, sort of physical) buttons to take a screenshot of your entire screen -- similar to how you would take a screenshot on any other smartphone or tablet. To do this, hold down the Windows Logo touch button at the bottom of your Surface screen and hit the physical volume-down button on the side of the tablet. The screen will dim briefly and the screenshot will be automatically saved to the Pictures > Screenshots folder.

Snip Editor

Snip Editor, or Microsoft Snip, is a Microsoft Garage project that works a little better than the Snipping Tool (in my opinion). Snip Editor lets you quickly take screenshots of the entire screen, an active window, or a manually-cropped rectangle -- and you can set up the PrtScn button as a shortcut to Snip Editor's screenshot tool.

 The app also features different ways to annotate screenshots, including a free-hand pen option (perfect for Windows Ink enthusiasts) and voice recording. Like the Snipping Tool, Snip Editor lets you delay screenshots by up to 5 seconds, so you can grab images of disappearing menus and tooltips.

10 things to tweak when setting up a Windows 10 laptop

Start the new year off right by setting up your new laptop right. Here are 10 settings to check or change.

1. Check for updates

Microsoft releases a steady stream of Windows updates. Your new laptop checks for updates automatically, but you can check manually by going to Settings (click the gear icon above the Start button), choosing Update & Security from the left-hand column and then clicking the Check for updates button. Or just type "updates" into the search box and click Check for updates. You can update your laptop this way instead of waiting for updates to install the next time you go to shut down your laptop.

2. Turn on System Restore

It's a good idea to make sure you have established a restore point should something go sideways with your laptop on down the road. To set up a restore point, search for "restore" and then click Create a restore point. You'll be taken to the System Protection tab of the System Properties window.
From there you can choose your main system drive (likely the C: drive) and then click the Configure button. Click the radio dial for Turn on system protection if it's not already on. And then you can choose how much disk space to reserve for your restore points. You don't need more than 2 or 3 percentage points.

3. Adjust display settings

Congratulations on getting a laptop with a razor-sharp 1080p (or above) display. While your images will look incredibly crisp, text and icons may now be small and hard to read or click. Lowering the resolution won't help because the resulting image will look fuzzy. Windows 10, however, lets you scale the size of text, icons and apps.
Right-click on the desktop and select Display settings. Next, adjust the slider to your liking for Change the size of text, apps, and other items. You'll need to log out and log back in or restart your laptop for the setting to take effect.

4. Choose a power plan

Your laptop doesn't need to run at full power all the time. If you want to lengthen battery life, you can choose the Power saver power plan. Or you can choose the High performance plan when you're engaged in serious graphics work. In the middle sits the Goldilocks-just-right Balanced plan. To choose a plan, click the battery icon in the system tray in the lower-right corner of the desktop and click Power & sleep settings. Next, click Additional power settings to select a power plan.

5. Set a default browser

If you want to use Chrome or a browser other than Microsoft's Edge browser, you'll need to install it yourself. Of course, if you do that, you'll likely want to make it your default browser. After installing Chrome, the first time you launch it, it will ask you if you want to set it as your default browser. If you miss that offer, you can go to Settings > System > Default apps and click Microsoft Edge in the "Web browser" section to make a different selection.

6. Choose touchpad scroll direction

Windows laptops scroll vertically in the opposite direction to MacBooks. If you want to switch the direction your laptop scrolls when you make the two-finger swipe gesture, head to Settings > Devices > Mouse & touchpad and toggle Reverse scrolling direction to on.

7. Show filename extensions

Is that image a JPEG or PNG? A Word.doc or a Word.docx? Windows 10 hides file name extension unless you ask it to show them. To do so, open File Explorer, click View from the top menu and then check the box for File name extensions.

8. Tell Cortana you need some space

Cortana really wants to get to know you. So much so that Microsoft collects speech and typing history. To turn these off, go to Settings > Privacy. First, go to the General tab and toggle off Send Microsoft info about how I write to help us improve typing and writing in the future. Secondly, go to Speech, inking, & typing and click Stop getting to know me.

9. Disable User Account Control

If you trust your own judgment when it comes to downloading applications, then you don't need Windows warning you each time you try to install a new app. You can disable these warnings by searching for "UAC" and selecting Change User Account Control settings. Move the slider to Never notify, click OK and then click Yes when Windows asks if you really want to make this change.

10. Remove bloatware

Many PC vendors package a new laptop with trial apps, but thankfully Windows 10 offers an easy way to see which apps are installed on your new laptop and a quick way to uninstall those you don't want. Head to Settings > System > Apps & features and peruse the list. If you don't want an app, click on it and then click the Uninstall button.

HP embraces the curved computer screen at CES 2017

                                              Josh Miller

HP is not afraid to put a curve on it. At CES 2017 it debuted two new high-end, curved displays, including an all-in-one computer and a gaming monitor.
HP Envy Curved AIO 34
The HP Envy Curved AIO 34 is an ultra-wide, 34-inch all-in-one computer (there's also a similar 27-inch model available) with a special design and pricing starting at $1,729. (UK and AU pricing converts to £1,729 AU$2,389, respectively
Not only is the screen elegantly curved, the computer and its B&O speakers are built into the dock, allowing for an impressively thin display (to match its sleek and skinny bezels, I assume).
Additionally, it has a radial button on the dock to easily turn the volume up and down, and tucked inside of the display there's a built-in pop-up camera that you can easily hide if you have any privacy concerns.
It's expected to go on sale on HP's website on January 11 and at select retailers on February 26, 2017.
Specs
34-inch, 21:9 aspect ratio screen
Seventh-generation Intel Core i5 and i7 CPU options
Nvidia GPU
Up to 256GB SSD and 2TB HDD
Four front-facing speakers
Wireless charging (optional)


HP Omen X
HP made a monitor to match its big, powerful and cube-shaped Omen X gaming computer. The Omen X has an ultra-wide, curved 35-inch display with a 3ms response time and 100Hz refresh rate. It's expected to go on sale in the US in March for $1,299. (UK and AU pricing converts to £1,056 and $1,795, respectively)

Specs
Nvidia G-Sync
1800R curvature
DisplayPort and HDMI
Three USB 3.0 ports
Height adjustable stand with ambient lighting 
Built-in headphone hook

Mattel is making an Amazon Echo that understands your kids, too

It's a baby monitor. It's a voice-activated smart assistant. It answers your questions, and maybe your kids' questions, too. It orders more diapers when you run out, and soothes babies back to sleep automatically. It plays with your kids. It could be the most exciting thing toymaker Mattel has ever produced.
It's called the Aristotle, and it's not just an Amazon Echo clone: According to interviews with Bloomberg, FastCo Design and USA Today, the device is a fully-functioning Amazon Alexa assistant that can answer all the same adult questions and has all the same smart home


                          Mattel
capabilities -- but say "Aristotle" instead of "Alexa," and it can also summon a different voice assistant who can interact with your kids.
The voice-activated speaker also comes with a wireless camera that streams 256-bit encrypted video to your phone, an array of colorful LEDs, and special software some of which -- as a new parent myself -- sounds too good to be true.
Here are some of the additional things that Mattel claims the Aristotle's software will do:

Automatically recognize when a baby wakes up, and sooth them to sleep with a lullaby, white noise, a favorite song, or a night light
Log wet diapers and feedings via voice commands or a phone app
Automatically order more diapers and/or formula from Target, Babies R Us and other participating retailers
Automatically look for deals and coupons on consumable baby supplies
Actually recognize and answer young kids' questions after a brief voice recognition training session
Answer questions until your child falls asleep
Play guessing games with kids based on animal noises (say the name of the animal) or shapes held up to the camera (say the name of the shape), and light up with the correct answer
Read aloud from a selection of thousands of children's books, via partnerships
Host sing-alongs and teach ABCs and 123s
Recognize specially designed kids' toys with embedded NFC chips, or with its camera, and provide sound effects when kids play with them (an upcoming Hot Wheels racetrack was one example)
Optionally require kids to say "Please" when they ask Aristotle for things, to help teach manners
Help kids with homework
Give foreign language lessons (Mattel says this is targeted at tweens, not younger children)

Interestingly, Mattel says that Microsoft's (not Amazon's) cloud services are doing a lot of the heavy lifting -- it will use Bing search to answer parenting questions, and both Microsoft Cognitive Services and "Cortana Intelligence" to do AI-like things. On the smart home side, Mattel says it's compatible with Wink, Wemo, Smart Things, Philips Hue, Zigbee and IFTTT among others.
According to FastCo Design, the device should ship in June 2017 for about $300 (this roughly converts to £245 or AU$415). That's not cheap, but it could be a small price to pay for the convenience of an Echo, plus some extra sleep.
And if you don't have kids, keep in mind that Lenovo also just introduced a $129 Amazon Echo derivative (£105 or AU$179 converted) which could have a way better speaker.
Update, January 4 at 11:09a.m. PT: Mattel claims it can do even more things than we originally heard. We've added the full list above.

Forget smartphones, BlackBerry's future is all about smart cars

                                     A QNX-powered infotainment system in a Jeep Wrangler
At this year's CES, Canadian tech company BlackBerry is taking the wraps off the latest generation of its in-car operating system, QNX SDP 7.0, which it claims takes security as well as reliability to another level and will also be debuting an autonomous Lincoln concept car.
BlackBerry may have been pushed to the periphery of the smartphone market in recent years, but when it comes to in-car connectivity and infotainment, its QNX operating system is at the center of the industry with everyone from Aston Martin and BMW to Ford, GM, Porsche and VW using it in their instrument clusters, head units or entertainment displays.
"With the push toward connected and autonomous vehicles, the electronic architecture of cars is evolving -- from a multitude of smaller processors each executing a dedicated function, to a set of high performance domain controllers, powered by 64-bit processors and graphical processing units," said John Wall, senior vice president and head of BlackBerry QNX. "To develop these new systems, our automotive customers will need a safe and secure 64-bit OS that can run highly complex software, including neural networks and artificial intelligence algorithms."

QNX SDP 7.0 also promises to be the most robust system available when it comes to warding off cyber attacks and meets the toughest current security criteria.

But as well as software, BlackBerry is using CES to show off concepts and during the event will be unveiling a specially developed Jaguar XJ with a digital cockpit, HD in-car communication and active noise control.

It will also be offering demonstrations of an autonomous Lincoln MKZ concept car that uses QNX to help it drive itself.

In December BlackBerry officially opened its first Innovation Centre for Connected and Autonomous Vehicles. Based in Ottawa, its mission is to accelerate the development of the company's own vehicular tech and partnering with others. 

"Autonomous vehicles require software that is extremely sophisticated and highly secure," said BlackBerry CEO John Chen of the new facility. "Our innovation track record in mobile security and our demonstrated leadership in automotive software make us ideally suited to dominate the market for embedded intelligence in the cars of the future."

The Lincoln demonstrator that will be making its public debut at this year's CES was co-developed with the University of Waterloo, Renesas and Polysync and is a first sneak peek of what the new facility will offer in the future.

5 cool CES showstoppers

LAS VEGAS — When you’re on the hunt for CES showstoppers, it’s hard to top a man taking a hammer to an iPhone screen protector.
Brad Bell, a marketing vice-president for Invisible Shield, was trying to prove how his new clear screen protection for smartphones is so tough, it could withstand just about anything.
Well, he did make a few dents, but the screen shield didn’t crack, nor did the iPhone break when he kept dropping a big steel ball on it.
Invisible Shield came to CES to launch its $79.99 “beta” program, offering a screen protector with a guarantee that sees the company paying up to $100 if your screen gets cracked.
How many people do you know with cracked smartphone screens?
That’s a CES showstopper.

 We also liked:
— Epson’s new video glasses, one for drones, the other for augmented reality. The Moverio BT-300, selling for $799, connects to DJI drones to show you what the quadcopter is seeing. This is a cool alternative to how we do it now: staring down at the smartphone, which acts as the viewfinder. Epson, best known for printers, also has a pair for augmented reality, showing information on the screen in real life. Its promo video on YouTube has an example at the gym, where workout information is added to what you see on the gym floor.
— Pinball machines were at CES. Well, one company was, anyway. Stern Pinball, showing off its brand-new Aerosmith- themed machine, with “a more complex system of circuit boards and new types of displays,” explains Stern’s Jody Dankberg. Pinball is now “a different, modern experience.”
— Robots are everywhere at CES. We met a Chinese company, AI Nemo, which may be on to something. Its “family” robot, “Little Fish,” is basically Alexa with a video screen, explains AI’s Clement Song.
“You can do a lot more than what you can just do with voice,” he says.
With the screen and a built-in camera, the robot gets to know you, so that for instance, online shopping can only be authenticated by you, not your kid. (No plans to bring the robot here — yet.)
— Finally, the tech product for everyone, a new mattress. The folks from Sleep Number are pouring on the hype, saying that it’s new 360 mattress, a winner of the CES Innovation Award, is the “bed reborn.”
“It can sense what you’re doing in bed and automatically adjust,” says Sleep Number’s Christine Hamon.
Machine learning features include automatically adjusting if you snore, adding an automatic night light on the bed if you get up in the middle of the night, and pre-warming to toast up your feet on a cold night. It also connects to an app to offer information on how you’re sleeping.
A queen mattress starts at around $1,200 and will be available later this year.
Stick with USA TODAY and sister publication Reviewed.com for the latest from CES 2017, and don't forget to subscribe to the daily #TalkingTech podcast on iTunes and Stitcher, where you can leave comments, reviews and suggestions.

5 things that got broken at oldest hacking event in world

Chaos Communications Congress is the world’s oldest hacker conference, and Europe’s largest. Every year, thousands of hackers gather in Hamburg to share stories, trade tips and discuss the political, social and cultural ramifications of technology.
As computer security is a big part of the hacker world, they also like to break things. Here are five of the most important, interesting, and impressive things broken this time.
Intercoms
The internet of things has been a security disaster since the days it was no more than a glint in a marketing manager’s eye. It turns out cheap hardware that can’t be easily updated but is permanently connected to the internet is a nightmare for users and a goldmine for hackers.
So if your house is accessed through an internet-of-things intercom, you might want to ensure you have an old fashioned back-up lock to keep things shut while you’re away.
Sebastien Dudek, a researcher at French firm Synacktiv, revealed his research on hacking smart intercoms, which replace the conventional built-in phone with a connection to the phone network. When a visitor arrives, the intercom makes a call, either to a landline or a mobile, and the resident can simply hit a key on their phonepad to let their visitor in.
Of course, that only works if the intercom actually calls your phone. If it can be intercepted to call another random phone, then the door’s open to allcomers.
For the simplest type of intercom, which uses a mobile phone SIM card to simply dial the target phone number directly, Dudek was able to use a piece of commodity hardware to spoof the mobile base tower and intercept the call directly.
Some more complicated intercoms instead call a preset command station, which then routes the call through to the final number. That could be more secure, but in practice, Dudek says it just introduces new avenues of attack.
For one thing, the central server allowed Dudek to compromise multiple intercoms at once. From there, he proposed a number of potential exploits: an attacker could change all the intercoms to premium rate numbers, for instance, raking in the cash whenever anyone has a visitor; or they could use a reverse look-up service to track down where each intercom is connected and organise a mass break-in.
Boarding Cards
The international travel booking network is one of the wonders of the world. Dating back to 1960, it was one of the first truly global networks to ever be created, and it is still responsible today for letting you book a flight from anywhere in the world to anywhere in the world, no matter where in the world you happen to be at the time.
Unfortunately, computer security has come on a bit since 1960, but the security on the Global Distribution Systems … hasn’t.
Researchers Karsten Nohl and Nemanja Nikodijevic, of German research firm SRLabs demonstrated the resulting weaknesses in front of a live audience, brute-forcing booking records, showing how easy it would be to steal airline miles or even whole tickets, and revealing how personal data stored in the booking system is barely protected at all.
The heart of the insecurities lies in the six-character booking code, printed on everything from baggage tags to boarding cards and confirmation emails. Six characters is few enough that a valid code can easily be guessed, even if it can’t be simply found by rummaging through bins in an airport, and most vendors only use another public fact – your surname – to secure it beyond that.
“Global booking systems have pioneered many technologies including Cloud computing,” the researchers said. “Now is the time to add security best practices that other Cloud users have long taken for granted.”
Smart Meters
What’s even more concerning than an insecure smart home? An insecure smart city. Netanel Rubin, co-founder of the security firm Vaultra, presented his research on smart meters, electricity meters that co-ordinate with the utility company and other meters on the same network to ensure that the power grid of a city is fit for the 21st century.
When used well, smart meters offer a host of advantages: individuals can keep better track of their usage, utilities can offer flexible tariffs to encourage use when the grid is underloaded, and microgeneration can be rewarded, letting utilities pay people for fitting solar or wind generation to their properties.
Unfortunately, some smart meters are anything but secure. Using a similar technique to Dudek, Rubin managed to intercept the communications between the smart meter and the utilities company itself. That would enable billing fraud (either stealing free electricity, or maliciously increasing the bills of victims), as well as privacy invasions.
Things get worse if a user has other smart devices in their house, such as a smart door lock. “Imagine you woke up to find you’d been robbed by a burglar who didn’t have to break in,” Rubin said.
At its worst, he argued, a hacked smart meter could cause explosions or house fires. The devices are designed with the goal of rendering that an impossibility, but then, they are also designed with the goal of rendering hacking them impossible. Not every design goal is achieved.
The UK department charged with implementing smart meters, the Department for Business, Energy and Industrial Strategy (BEIS), says that “robust security controls are in place across the end-to-end smart metering system and all devices must be independently assessed by an expert security organisation, irrespective of their country of origin”.
Elections
Voting on paper might seem woefully old-fashioned in the 21st century, but one hour in Chaos Communications Congress will leave you very relieved if your country still votes the old way, and very concerned if it doesn’t.
J Alex Halderman and Matt Bernhard, both of the University of Michigan, discussed attempts to prove that the US election wasn’t hacked, whether by Russia or some other attacker.
Their findings were concerning: not only would it be entirely possible to alter the results reported by a number of electronic voting machines while leaving no obvious trace of your attack, it would be possible to do that at the scale needed to hack an election.
“I’m pretty sure my undergraduate security class could have changed the outcome of the presidential election,” Halderman said. “It really is that bad.”
That wouldn’t be so bad, since every electronic voting machine used in the United States leaves some sort of paper audit trail, either in the form of receipts printed off to mark the vote, or the physical ballot paper scanned in in the first place.
Except no one counts the paper trail, and legal attempts to force them to do so ended in a costly deadlock in December 2016.
The one piece of good news? The abortive recount didn’t find any evidence that a hack had happened; it just also didn’t find evidence that it hadn’t happened.
Numbers
Even numbers are at risk when the security world gets going. Well, specific kinds of numbers, at least. Jos Wetzels and Ali Abbasi, from the University of Twente in the Netherlands, demonstrated their research on weaknesses in embedded cryptographically secure pseudo-random number generators, and it was bad news.
Let’s break that down. Random numbers are very important for a number of security applications, such as safely encrypting communications. But without specialist, expensive hardware, true random numbers are impossible for a computer to generate, due to the deterministic way they work.
Instead, they create pseudo-random numbers: a “good enough” approximation of randomness. Cryptographically secure pseudo-random number generators are a subset of that, which fit specific requirements that let them generate random numbers that can be used in a security context. It needs to be impossible to predict what number will come next if you know the number just generated, for instance, and it needs to be impossible to know the previous number generated if you’ve just seen one be generated.
In order to fake the randomness, many computers use external sources of data to “seed” the random number generators: information like mouse and keyboard activity, or disk accesses, can set the number generator in a different state each time. But those sources aren’t available in the simple computers used in “embedded” systems, like those powering the internet of things, ATMs and jet fighters.
So how do manufacturers solve the problems? As Wetzels and Abbasi showed, the answer is: badly. The pair showed three vendors – including one whose technology is used in jet fighters – whose number generators were anything but cryptographically secure. The scariest thing? The three they decided to show weren’t the worst: they were the best.

Even Cheap TVs in 2017 Will Be Smart TVs

Remember when smart TV capability was a step-up feature you had to pay extra for? Based on the announcements we've seen from a number of value-oriented brands here in Las Vegas at the Consumer Electronics Show this week, only the very cheapest—and smallest—TVs will be lacking that feature in 2017.
Smart TVs bring the streaming media box right inside the set—they connect to WiFi to let you easily watch shows from Netflix and similar services. A growing number of Roku TVs feature that company's streaming platform, and just before CES started, Amazon announced that several lower-priced brands would offer sets with its Amazon Fire TV platform baked in.
Amazon Fire TV Comes to 3 Brands
The Amazon platform is launching in Element, Seiki, and Westinghouse TVs, which are all brands owned by Chinese TV manufacturer Tongfang Global. The new sets will include many of the features found in Amazon's Fire TV streaming players, including voice prompts for some features, and the use of Amazon's Alexa voice assistant for search. All the Amazon-powered smart TVs will come with an Alexa-enabled voice remote control.
For example, you can use voice commands to launch apps and control playback in Amazon Video and Amazon Channels.
The Amazon Fire TV Edition TVs can auto-detect devices connected to the TV, and you can easily switch between inputs by using either the remote control or your voice. You can rename the inputs, then simply say things such as "go to Blu-ray," "go to Xbox," or "go to cable TV."
In addition, if you get live programming via an antenna, the Amazon interface will integrate the live TV choices with other viewing options on the main screen, along with a live TV program guide. And you can use voice commands to tune in to certain channels or networks just by saying the name or channel number.
All of the new Amazon Fire TV Edition TVs are 4K sets, and they will all support the HDR10 standard for high dynamic range, which can markedly improve the contrast between the darker and brighter parts of a scene and add specular highlights (imagine metal glinting in the sunlight), provided the TV can produce sufficient brightness.
Up to now, none of the Tongfang brands have done especially well in our TV ratings, and some have been among our lowest-scoring models. We'll be testing more of these models this year.




4K Roku TVs get HDR
As for Roku TVs, the big news at CES is that in 2017 these sets will be able to support both HDR10 and Dolby Vision high dynamic range technologies. HDR capability was one feature notably lacking in 4K Roku models in 2016.
At CES, both Hisense and TCL announced new TVs that would use the new Roku TV platform. We've been big fans of Roku's platform thanks to its wide assortment of streaming content, easy-to-use interface, and agnostic approach to streaming services, since it doesn't offer one of its own.
In addition to Hisense and TCL, we expect other brands that use the Roku TV platform—including Haier, Insignia, and Sharp—to introduce HDR-capable Roku TVs later this year. While sets from these brands have typically not done as well as sets from major brands, such as LG, Samsung, and Sony, in our TV ratings, they have been markedly better than the Tongfang brands utilizing the Amazon Fire TV platform.
Both Roku TVs and Amazon Fire TV Edition sets offer an easy way for secondary brands to offer a smart TV without having to develop, or license, their own system. LG and Samsung have their own proprietary systems, and Sony and Vizio use the Google Android TV or Google Cast platforms, so it will be interesting to see whether any major brands adopt these alternatives.
We'll be testing a number of these sets this year to see how they perform. We'll be at CES 2017 all week, so keep checking back for all our updates from the show.

Meet the AI that wants to control your smart home

The new Sky assistant is supposed to help you manage your Vivint security and smart home system.
Professional home security company Vivint today introduced AI software called Sky to its smart-home and security platform. While users previously had manual control over their various connected Vivint devices through the Vivint Smart Home app, Sky is supposed to make things even easier.
According to the Vivint team, a typical home with a Vivint system has at least 10 sensors. Sky is supposed to use information from those sensors, as well as from your phone and system usage data to give you curated recommendations based on your routine.
Here are a couple of things Vivint claims Sky can do:
- Forget to lock your front door? No problem. Sky is supposed to know when everyone's left the house and can either ask if you want to lock the door, close the garage door, etc., or do it for you.
- Leave the heat on? Don't sweat it. Sky should auto-adjust your thermostat based on whether you're home or away.
Like the Nest Learning Thermostat, Sky's algorithms are supposed to improve over time as they study your patterns. That's when the AI is supposed to start automatically making changes on your behalf. Sky also integrates with Amazon's voice control assistant, Alexa.
Sky is one of the first whole-home AIs we've encountered in the smart-home market. And we're definitely curious how well Sky intuits needs. It isn't a total disaster if your Nest thermostat fails to reduce the heat when you leave home, but it might be a big problem if Sky forgets to lock the front door and arm the security system for you.