By continuing to use this site, you agree to our updated Privacy Policy and Terms of Use. ×








deviceOwl v4.2 - Released

21st Dec, 2023 | Product Release


deviceOwl - Discover Device Potential

We're pleased to announce the release v4.2.1 of deviceOwl - an App to help you efficiently identify smart devices and covert consumer surveillance devices using AI computer vision.

DeviceOwl is a "point-and-shoot" hardware device scanner that visually comprehends and identifies thousands of popular consumer devices and covert spy cameras, helping individuals to identify devices, understand their sensory capabilities and the resulting privacy implications.

Enhancements in this release include vision enhancements, device type sensing, related device sensing, speech, expert mode enhancements, reduced installer size and bug fixes.

Read more...




Not a motion sensor, so what is it?

18th February, 2023 | Seen this Device? | Entropic Labs

Glass Break Sensor

You may have seen this device at stores or a restaurant. Its a wireless acoustic glassbreak sensor released around 2001 and marketed by companies including Linear Solutions and Interlogix, which shut down operations in US and Canada 2019.

This humble/generic looking device is powered by dual lithium batteries and is equipped with an omni-directional 360° microphone. The microphone feeds audio into a specialized pattern recognition processor that identifies the actual sound of glass breaking across the full audio spectrum.

Read more...




Not a smoke alarm, so what is it?

3rd February, 2023 | Seen this Device? | Entropic Labs

Heat Sensor

Ever seen this device on the wall or ceiling in your hotel room?

Its a Nohmi Bosai FDLJ Series heat detector which is commonly used in environments that require detection of heat, but not necessarily smoke.

Some examples might include kitchens, bathrooms and hotel rooms that permit smoking. All of these environments may have some type of steam or smoke as part of their regular use. A heat detector enables the heat from a potential fire to be detected, while still permitting smoke/steam within the room.

Read more...




Seen this Device?

23rd January, 2023 | Seen this Device? | Entropic Labs

Occupancy Sensor

Have you seen this device in your hotel room?

Though it's generic design resembles a smoke alarm, a public address speaker, or perhaps an emergency light, its actually a Telkonet SS2000/SS2200 occupancy sensor for managing energy usage in the room.

Released around 2006, this device communicates wirelessly with other nearby Telkonet SmartEnergy HVAC controls and accessories - normally a thermostat or an energy controller. Occupancy sensors are common in hotel rooms these days and are commonly built-in to the thermostat itself.

Read more...




deviceOwl v3.7 - Released

2nd Nov, 2022 | Product Release


deviceOwl - Discover Device Potential

We're pleased to announce the next major release v3.7 of deviceOwl - an App to help you efficiently identify smart devices and covert consumer surveillance devices using AI computer vision.

DeviceOwl is a "point-and-shoot" hardware device scanner that visually comprehends and identifies thousands of popular consumer smart devices and covert spy cameras, helping individuals to identify devices, understand their sensory capabilities, and the resulting privacy implications.

Enhancements in this release include Lidar Ranging, Lighting & Haptic Feedback and a new Expert Mode.

Read more...




deviceOwl v3.5 - Released

14th Oct, 2022 | Product Release


deviceOwl - Discover Device Potential

We're pleased to announce the next major release v3.5 of deviceOwl - an App to help you efficiently identify smart devices and covert consumer surveillance devices using AI computer vision.

DeviceOwl is a "point-and-shoot" hardware device scanner that visually comprehends and identifies thousands of popular consumer smart devices and covert spy cameras, helping individuals to identify devices, understand their sensory capabilities, and the resulting privacy implications.

Enhancements in this release focus heavily on improving the performance & reliability of deviceOwl and making it easier to use.

Read more...




deviceOwl v3 - Released

17th Feb, 2022 | Product Release


deviceOwl - Discover Device Potential

We're pleased to announce the next major release v3 of deviceOwl - an App to help you efficiently identify smart devices and covert consumer surveillance devices using AI computer vision.

DeviceOwl is a "point-and-shoot" hardware device scanner that visually comprehends and identifies thousands of popular consumer smart devices and covert spy cameras, helping individuals to identify devices, understand their sensory capabilities, and the resulting privacy implications.

Enhancements in this release focus heavily on improving the performance & reliability of deviceOwl and making it easier to use.

Read more...




deviceOwl v2.1 Released

21st June, 2021 | Product Release


deviceOwl - Discover Device Potential

We're pleased to announce the next major release v2.1 of deviceOwl - an App to help you efficiently identify smart devices and covert consumer surveillance devices using AI computer vision.

DeviceOwl is a "point-and-shoot" hardware device scanner that visually comprehends and identifies thousands of popular consumer smart devices and covert spy cameras, helping individuals to identify devices, understand their sensory capabilities, and the resulting privacy implications.

Enhancements in this release focus on making deviceOwl easier to use, more interactive & effective.

Read more...




Checking Power Outlets for Surveillance Potential with deviceOwl

18th November, 2020 | Device Type Focus | Entropic Labs

Hotel room photo by Alexander Kaunas on Unsplash


In our previous article, we discussed some best practices for general device checking using deviceOwl.

In this article, we provide some specific guidance to help you check Electrical Outlets - one of deviceOwl's many supported device types - for surveillance potential.

Unlike many other device types, the designs of standard power outlets can look very similar to one another across different brands and models.

However, with closer examination there are actually subtle design differences between different makes and models of power outlets that deviceOwl can recognize, which enables it to identify the manufacturer & model of an outlet.

Read more...




Best Practices for Checking Devices with deviceOwl

28th October, 2020 | Infographic | Entropic

Photo by Zdenek Machacek on Unsplash

deviceOwl is an AI “point-and-shoot” hardware device scanner that helps you identify the make and model of covert spy devices, and popular household smart devices, revealing their sensory capabilities, and their privacy implications.

To help you get the most out of deviceOwl's visual device inspection capabilities, we compiled some recent device sample feedback to illustrate by level of importance, the top reasons why a device may not be detected by deviceOwl.

For more general, and device-specific guidance on checking specific types of devices, you can also tap the steps icon on deviceOwl's main screen, or in the device checking viewfinder.

Read more...




deviceOwl - Discover Device Potential.

16th June, 2020 | Product Release

deviceOwl - Discover Device Potential

We are pleased to announce the release of deviceOwl "Fernandina" - an App to help you efficiently identify spy cameras and smart devices using AI computer vision.

DeviceOwl is a "point-and-shoot" hardware device scanner that visually comprehends and identifies thousands of popular consumer smart devices and covert spy cameras, helping individuals to identify devices, understand their sensory capabilities, and the resulting privacy implications.

The use of covert spy cameras has seen a significant increase in the past decade, with disguised cameras being planted in inappropriate areas of rental properties, conference rooms, hotel rooms, home stays, and public areas to surreptitiously monitor the activities of individuals, and erode their privacy.

The rapid evolution of household smart devices has also greatly enhanced the convenience, and peace of mind we have at home, but sometimes at a cost of privacy and security.

DeviceOwl reveals long-overdue elements of information about these devices, delivering simple yet holistic information about their capabilities, including...

Read more...




About Those Objects that Watch

5th March, 2020 | Biometric Privacy | Entropic

Photo by Geran de Klerk on Unsplash

Photo by Geran de Klerk on Unsplash

In our last article, we discussed the frontiers on which consumer smart devices are evolving, with the overall goal of increasing the surveillance resolution they have over individuals.

In this article, we'll focus on covert consumer surveillance devices - ones that are developed exclusively for the surreptitious surveillance of individuals.

What is A Covert Consumer Surveillance Device?

A covert consumer surveillance device is designed for convenient, surreptitious surveillance and data gathering. They are relatively inexpensive, are creatively designed to blend into their environment, can be remotely controlled and viewed, and can operate autonomously for an extended period of time.

Read more...




3 Prodigious Frontiers of Smart Device Evolution

3rd January, 2020 | Biometric Privacy | Entropic

Photo by Zdenek Machacek on Unsplash


In this article, we'll discuss the frontiers on which intelligent consumer devices are evolving. Specifically, we'll detail how corporations, including ones partially owned by governments are pushing the evolution of these devices with the objective of further gathering and curating information about individuals for the purposes of improving their products and services.

The resulting amassment and centralization of this information is a major cyberprivacy time bomb, that will totally eclipse the types of targeted device hacks that we are observing today.


What is Surveillance Resolution?

With an eye towards cyberprivacy, Entropic Labs regularly performs in-depth research on emerging intelligent consumer devices. This makes it easier for us to see the motivations behind, along with the patterns of device evolution.

Companies that develop and market intelligent devices to consumers to feed their growing addiction to the information of individuals, are pushing to maximize the quality, quantity, and diversity of captured customer information, with the goal of attaining the best possible insights into our way of life.

Read more...




volteFace v1.3 - Photo Anonymization. Now supports iPad.

18th June, 2019 | Product Release

volteFace - Anonymize Photos

volteFace v1.3, the most efficient way to anonymize your photos, making them resistant to machine-based analysis & facial recognition has been released.

This release introduces support for iPad, anonymization and touch-up enhancements, and user interface enhancements and fixes.

Increasingly, every photo that you post or share online becomes subject to collection by the private sector & governments for the purposes of building better facial recognition systems.

While many of these systems have honorable causes, unfortunately there are very few effective laws & controls that govern how individuals' photos are collected, amassed, analyzed, and protected. This means that your photos can be "appreciated" by machines in ways that you did not intend or realize when you initially posted them, further eroding your privacy.

With volteFace you can govern whether or not you want your photos to be "appreciated" by machines, while still allowing them to be appreciated by the people who you share them with - as originally intended.

volteFace fortifies your digital photos by automatically identifying & anonymizing key facial "landmarks" in selected photos - the ones that machine-based facial recognition systems depend upon. Additionally, volteFace also automatically purges personally identifying metadata commonly embedded within your photos, which can reveal your physical GPS location, altitude, camera details & other vendor-specific information.

An additional touch-up feature can be used to anonymize additional features of a photo, such as signs and landmarks in the background of a shot.

Read more...




volteFace v1.2 Release - Anonymize Photos

16th May, 2019 | Product Release

volteFace - Anonymize Photos

We are proud to announce the release of volteFace - an App to help you efficiently anonymize your photos, making them resistant to machine-based analysis & facial recognition.

Increasingly, every photo that you post or share online becomes subject to collection by the private sector & governments for the purposes of building better facial recognition systems.

While many of these systems have honorable causes, unfortunately there are very few effective laws & controls that govern how individuals' photos are collected, amassed, analyzed, and protected. This means that your photos can be "appreciated" by machines in ways that you did not intend or realize when you initially posted them, further eroding your privacy.

With volteFace you can govern whether or not you want your photos to be "appreciated" by machines, while still allowing them to be appreciated by the people who you share them with - as originally intended.

Read more...




Can You Protect a Photo from Facial Recognition?

10th May, 2019 | Biometric Privacy | Entropic

Photo by Rye Jessen on Unsplash

In a previous article, we discussed how governments & the private sector are amassing photos of individuals from a diverse array of sources into "facial profiles", for the purposes of building and tuning better facial recognition systems. A facial profile that consists of one or more raw, unobfuscated photos of an individual, can be used to more dynamically identify an individual under varying conditions, for instance a bystander in a YouTube video or a public CCTV video feed.

Your photos are now a commodity. More than 100 commercial vendors are now offering facial recognition systems. Many of them are focussed on building global databases of people that contain photos and other personal information gathered from open sources, such as YouTube, LinkedIn & FaceBook.

Each additional photo that you post or share online becomes subject to collection by vendors & governments for the purposes of building better facial recognition systems, with few effective regulations over to govern how this unique, immutable biometric information of individuals is handled.

Read more...




Have I Been Hacked? Asking Can Be Perilous

16th February, 2019 | Cyberprivacy | Entropic

Photo by Braydon Anderson on Unsplash

Organizations that provide free and commercial "Have I Been Hacked?" or "Dark Web Scanning" services, including ones established immediately after the announcement of a data breach, can be justified by the best of intentions. Ultimately however, the way that these services amass stolen information from the dark web, and disseminate it to their customers, makes them subject to the same types of problems that have impacted the companies that they collect information about.

By using these services, you might actually be exposing more about yourself, and even raising further attention to your stolen personal information.

Read more...




How to Evaluate Facial Recognition from a Privacy Perspective

19th January, 2019 | Biometric Privacy | Entropic

Photo by Atharva Tulsi on Unsplash

While Amazon, Facebook, Google, Microsoft, and of course the Chinese and US governments tend to get the most media attention these days when it comes to facial recognition, there are actually now more than 100 companies across the globe, along with many academic institutions who are actively engaged in developing and/or selling facial recognition technologies.

If you are tasked with the responsibility of evaluating or implementing some type of facial recognition, then you most likely have heard that the U.S. Government National Institute of Standards and Technology (NIST) maintains an ongoing facial recognition vendor test for vendors that wish to benchmark their performance against their peers in the industry, and build brand visibility.

While this industry benchmark is intended to convey performance of these vendors, consumers of this information should understand that this is not a U.S. government endorsement of these vendors from a privacy or security perspective. With the slow response that governments typically have to enacting laws to protect individuals from the misuse of emerging technology, it's basically up to the entities who are developing and implementing facial recognition systems, to be responsible when handling the information of others, and to find resources to assist them in this process.

Read more...




The Food of Facial Recognition: Your Regularly Updated Photos & Videos

9th January, 2019 | Biometric Privacy | Entropic

Photo by Shamim Nakhaei on Unsplash

In recent years, facial recognition technology has evolved significantly, and is greatly improving the ability to efficiently detect people in still images and video. The improvements in facial recognition, along with increased availability is now empowering more and more uses of the technology across various industries.

A major benefit of facial recognition technology is about improving upon historically established use cases where people needed to be efficiently verified by another person. This manual verification process can be time consuming, mundane, and becomes increasingly difficult with shortages of staff, and where large numbers of people need to be verified in a short space of time.

A recent example of this is the US Customs and Border Protection, who are working with airports and airlines to deploy facial recognition across major airports in the US, such as Washington Dulles Airport to facilitate automated verification of travelers.

Read more...




Is AirDrop Over-Advertising Your Apple Device?

30th November, 2018 | Cyberprivacy | Entropic

Photo by Katlyn Giberson on Unsplash

When properly configured, AirDrop is a handy and secure way to transfer items between Apple devices, such as URLs, Files, Photos and Notes. A significant advantage of using AirDrop, is that items are transferred directly between devices using a decentralized (P2P) peer-to-peer approach, and don't go through a central authority.

This means that your fleeting need to transfer a confidential item to someone, or between devices, doesn't result in a copy being left lying around on an intermediary server somewhere. This is typically the case if you choose to send something to someone via e-mail or instant messaging.

For those of us that use AirDrop to conveniently transfer items between devices, a less considered privacy problem with this feature has to do with the broadcasting of the name of your iPhone, iPad or Mac when you are not using this feature. By default, Apple uses your actual name when naming your device. This, in combination with a discoverability setting might leave you open to harassment or social engineering attacks.

Read more...




Still Using Skype? Time to Abandon Ship

16th November, 2018 | Cyberprivacy | Entropic

Photo by Maryna Yazbeck on Unsplash

Skype was originally pioneered by the Swede Niklas Zennström and the Dane Janus Friis, in cooperation with Ahti Heinla, Priit Kasesalu, and Jaan Tallinn, Estonians who developed the backend that was also used by Kazaa, the popular decentralized file sharing application.

Following it's launch in August 2003, Skype quickly gained popularity as a secure, decentralized peer-to-peer messaging app. In the following years, Skype was acquired and sold by eBay, and had other key investments from firms including Silver Lake, and Andreessen Horowitz. It was eventually acquired by Microsoft in 2011, for $8.6 billion.

At the age of 15 years old in 2018, with broader availability to consumers and businesses through Microsoft branding and integration into their Windows operating system, Skype's total number of users now approaches half a billion.

Decentralized apps have been around longer than many of us realize, even before the inception of blockchain. When these apps first emerged, they were considered bandits and outliers due to the decentralized nature of their technology. Though there was heavy usage, many users of these apps were still concerned about the "edgy" nature of these apps, and the possible association with a criminal ecosystem. Now in 2018 with the broad recognition of blockchain, and related decentralized technologies, Skype with it's broad customer base might have completely dropped off of our radar, though we might still have a dormant account.

Read more...




The Less Considered Perils of SMS Two-step Authentication

26th October, 2018 | Infrastructure | Entropic

Photo by Steve Halama on Unsplash

In previous articles, we have discussed different types of two-factor authentication (2FA) that are offered by Internet and social media companies to provide additional sign-in protection for your account.

The well established SMS-based 2FA option has been the primary choice for thousands of companies, including financial institutions - many of whom appear to be locked in to offering only this one type of 2FA sign-in protection.

Additionally, many of these companies have either forced or are planning to force their customers to migrate to this type of account protection under the assumption that this approach is the greater good for protecting their customer's accounts.

But without understanding all of the options, forcing a single approach for 2FA account protection, will only solidify a new playbook of problems, vulnerabilities and exploits.

Read more...




How to Boost your Yahoo! Sign-In Security

17th October, 2018 | Cyberprivacy | Entropic

Photo by Flo P on Unsplash

The record for one of the largest data breaches in history lies with Yahoo! Inc, now part of Oath - a subsidiary of Verizon Communications.

This breach collectively consisted of two major events instigated by Russian hackers contracted by the Russian Federal Security Agency (or FSB) - one that occurred in late 2013 and one in late 2014. This resulted in the loss of names, addresses, security questions, DOB, and hashed passwords for all of Yahoo's then user base - over 3 billion users. Magnifying the impact was that Yahoo! took over 2 years to report this breach to authorities and their customer base.

What we can learn from this is that at any time, your personal information might be in transit to hackers who have already found and exploited a previously unseen vulnerability in a given service. Additionally, we know that you are more likely to find out about the theft of your personal information months or years later. With this delay in discovery and reporting in mind, it's very good plan to regularly and frequently check the security of your Yahoo! account.

Read more...




Updates: How to Boost your Facebook Sign-In Security

28th September, 2018 | Cyberprivacy | Entropic

Photo by Tom Grimbert on Unsplash

Latest Updates

1) Facebook has announced another major data breach of almost 50 million user accounts. Hackers have exploited a vulnerability in the "View As" feature of Facebook that allows users to see what their profile looks like to other people.

2) Emerging research by Northeastern, and Princeton University working with Gizmodo has revealed that Facebook is now using your phone number that you entrust to them when setting up SMS-based two-factor authentication (2FA) for other purposes, aside from enhancing the security of your account. Specifically, they are using it to improve the granularity of their advertising services, including enhancing the ability for advertisers to target you more directly.

This adds to the list of reasons not to use this ailing type of 2FA to secure your account. 2FA is still a crucial part of securing your account, however there are better types of 2FA offered by Facebook - such as authenticator app-based 2FA. All forms of protection come with their own caveats, as illustrated in the updated Facebook 2FA options shown further in this article.

3) Instagram, a subsidiary of Facebook is rolling out support for authenticator-app based 2FA, which will allow their users to move beyond SMS-based 2FA.

Read more...




Who Else Can Access Your Tweets?

26th September, 2018 | Cyberprivacy | Entropic

Photo by Andrea Reiman on Unsplash

In our previous article we reviewed the current options available for boosting your Twitter sign-in security.

The need to continue delivering information efficiently to its users over the years has driven Twitter to establish a vast global computing infrastructure spanning five continents, with data centers consisting of thousands of servers.

To ensure efficiency and redundancy, much of the information that flows through this infrastructure is copied and duplicated across many different servers, for instance in caches, which helps to ensure information can be accessed efficiently across different regions.

Each of the countries that host Twitter computing infrastructure also have their own distinct regulations that designate access to the information that reaches those regions, such as access by local government authorities and law enforcement.

In this article we'll discuss the options Twitter provides to control your Tweet privacy - who can read your Tweets, and based on these options, who else might be able to access and accumulate your Tweet history over time.

Read more...




How to Boost your Twitter Sign-In Security

19th September, 2018 | Cyberprivacy | Entropic

Photo by Matthew Feeney on Unsplash

It was May 2013 when Twitter first introduced their SMS-based Two-Factor Authentication system, which they named "Login Verification". This was done in response to a breakdown in the security of their username/password based sign-in security that was rapidly becoming vulnerable to spear-phishing attacks, and other types of data breaches.

Amongst other key events, the most noteworthy was the use of spear-phishing to gain access to the Twitter accounts of The Associated Press, and on April 23rd 2013 make false posts that caused the Dow Jones to plunge 143 points. Since then, hackers have managed to find ways to bypass SMS-based two-factor authentication, putting more pressure on Twitter to provide additional options to help enhance sign-in security for their users.

Read more...




How to Review Your Amassing Facebook Data

12th September, 2018 | Cyberprivacy | Entropic

Photo by Christopher Alvarenga on Unsplash

In our previous article we reviewed the current options available for boosting your Facebook sign-in security.

In this article, we'll show you how to download and interpret the data that Facebook accumulates about you, with a focus on identifying the more important elements of your personal information.

The use of a centralized storage approach - holistic elements of your personal information that are stored and replicated across the globe, continues to be the single most significant vulnerability of Facebook.

This approach to information storage makes Facebook data centers very high value targets which are subject to a constant barrage of attempted infiltrations from nation states, cybercriminals, or seemingly legitimate entities, such as Cambridge Analytica that find ways to circumvent legal and technical loopholes, to glean and leverage your personal information.

If you have opted not to #DeleteFacebook, then at the very least you should regularly review the information that is accumulating about you in Facebook data centers across the globe. You can do this using the Download Your Information feature that Facebook provides in Settings.

Read more...




How to Boost your Facebook Sign-In Security

28th August, 2018 | Cyberprivacy | Entropic

Photo by Tom Grimbert on Unsplash

It was May 2011 when Facebook first established its SMS-based Two-Factor Authentication system, which they originally named "Login Approvals".

Since then, due to widespread security issues with SMS-based two-factor authentication, they have been pressured into providing additional options to help enhance sign-in security for their users. This includes introducing their own authenticator feature into the Facebook App, called Code Generator, the ability to use security keys on Android smartphones, and finally in May of this year, announcing support for third-party authenticator apps, such as Google Authenticator, Authy, Duo Mobile, LastPass, or Yubico Authenticator.

Two-Factor Authentication (2FA) can significantly boost the security of your Facebook account by requiring a second piece of information, or action before allowing you to sign in. It should be noted that this feature does not eliminate the need to maintain your password. This is something that you'll need to continue to regularly change, record, and remember.

Read more...




And, Your Exact Location in Your Living Room Is?

21st August, 2018 | Cyberprivacy | Entropic

Photo by Toa Heftiba on Unsplash

In a previous article, we touched on the Google Titan Security Key, as an example of how companies are trying to extend the sensory reach of their devices, using Bluetooth LE (BLE) to gain better visibility into your lifestyle.

Companies that produce intelligent IoT devices for the home are increasingly being pressured to not only improve the usability and reliability of their products, but also to ensure they coexist seamlessly with other products from other manufacturers. This includes being more intuitive to their surroundings, including how they sense and interact with other devices and people.

Improving the sensory awareness and response of their devices can not only provide intuitive benefits to their customers, but also helps companies glean increasingly refined telemetry about how people move throughout their home, along with their activities in each location therein. The resulting data revenue can help them further refine their products and services, as well as generating revenue by making this data available to third parties.

GPS Is No Longer Enough

Consider your physical location as tracked by your smartphone, and how valuable this is to companies like Google who, for instance use it to provide you with critical information on traffic congestion in Google Maps.

Read more...




Which Notes Do You Really Need in iCloud?

14th August, 2018 | Cyberprivacy | Entropic

Photo by Lennart Jönsson on Unsplash

If you are the type of person who loves using Apple devices, but are weary about how much of your personal data is seeping into iCloud, we'll discuss a few privacy checks that you can perform regularly to mitigate this problem.

The more of your information that Apple can push to iCloud, the better it is for their bottom line, since this gives them more opportunities to sell you things like additional iCloud storage.

By simply using and maintaining your Apple device(s) over time, the overall volume of information that "seeps" to iCloud increases. This is largely due to default configuration changes made during key events, that can change the data being collected. Some examples include:

Read more...




How to Boost your Gmail Security

8th August, 2018 | Cyberprivacy | Entropic

Photo by Luis Alfonso Orellana on Unsplash

Over the years, Google has continued to evolve the ways they can help improve the level of sign-in security for their users.

Their 2-Step Verification feature, a type of two-factor authentication (2FA), now has several different options and, additionally Google has decided to start producing their own security key.

With these recent events, we thought it would be a good time to review the options, and provide an overview of what methods are currently available to secure your Google account.

Read more...




Don't Forget your Keys, Dave

30th July, 2018 | Cyberprivacy | Entropic

Photo by Luis Alfonso Orellana on Unsplash

Phishing, along with a host of other types of cyber attacks against their customers, has gradually forced many companies to introduce multi-factor authentication into their account sign-in process for their customers.

For an average consumer, multi-factor authentication has always been a relatively cumbersome process, which is why companies that develop these types of authentication products have invested a lot to make them less cumbersome and more user friendly, without compromising on the quality of their devices and the security of their users.

Google, as an example currently supports several options as part of their 2-Step Verification feature, including the use of an Authenticator app, such as Google Authenticator and third party security keys, which allow you to sign-in to Google by plugging the key into your notebook/PC, or placing it near your mobile device.

Read more...




What has your Nest Protect been Gossiping about Lately?

22nd July, 2018 | Cyberprivacy | Entropic

Photo by Hans Veth on Unsplash

Earlier this year, Google reported having sold over 11 million Nest devices to date. Perhaps one of the most essential, trusted, and well engineered of these devices is the Nest Protect Smoke + CO Alarm.

The conveniences of this device, which include intelligent notifications of smoke and carbon monoxide alarms (from home and away), remote management, automatically lighting the way in the dark, combined with the overall reliability of this device make it a solid choice for a consumer looking to upgrade their legacy smoke/CO alarm.

Amongst all of the Nest devices, this one is in the top category for having the most sensors and transceivers. Given the essential need for smoke/CO alarms, combined with the Nest Protect's capabilities of 24x7 collection of activity in your household, we decided to further investigate this device to better articulate what it gives to your home vs. what it takes.

Read more...




Who Else Can Read Your Gmail?

13th July, 2018 | Data Security | Entropic

Photo by Aurélien - Designatic on Unsplash

In a previous article, we discussed some ways that you might unwittingly disclose your physical location while using Google. Amongst the services of Google, the most widely used include Search, Android, Gmail, Chrome, Maps, YouTube, Google and Play Store - each of which have users numbering in the billions. Additionally, services such as Google Docs and Drive are also very popular.

If you depend on any of these services, it's important to be aware of what other Apps might also have access to your personal information on Google. This is because over time for instance, by using a mobile or web-based App, you may have unwittingly authorized one or more of them with specific levels of access to your Google account information - for instance Gmail, Google Drive, or Calendar.

Read more...




Decentralize to Protect your Data

26th June, 2018 | Data Security | Entropic

Málaga, Spain: Photo by JR Korpa on Unsplash

While most of us rely on encryption and authentication to protect our most critical files and other information, the reality is that these approaches to securing information have shown a continual pattern of failure since their inception. Compounding this issue is that over the past 20 years, we have carried forth an endemic fortress-based mindset of protecting information into the digital world, by consolidating massive amounts of sensitive information and concentrating it select physical locations using cloud-based infrastructure. This approach has dangerously centralized and even duplicated masses of stored information, in the name of manageability and cost savings.

By prioritizing manageability and cost savings over security, we have unwittingly created high value targets for cybercriminals, and further increased the motivation and ease at which they can extract large amounts of information for sale, distribution and exploitation.

Read more...




Unwittingly Revealing your Location to Others via Google

20th June, 2018 | How To | Entropic

White Sands, United States: Photo by Jacob L on Unsplash

For billions of us, Google is an everyday part of our lives. We depend on it for searching, e-mail, shopping, evaluating businesses, networking with others, finding our way around, and a host of other daily routines.These conveniences are too good to resist, but with these conveniences comes a loss of personal privacy.

A company can glean a lot of valuable information about an individual by tracking only their location, and in turn this information can ultimately be translated into company revenue. In this process however, others might also gain access to this information.

Read more...




The Genetic Fortress

17th June, 2018 | Data Security | Entropic

h heyerlein on UnSplash

Companies that provide Genetic genealogy services offer individuals the option to submit a sample of their DNA, to enhance their ability to explore their ethnic origins, their family heritage, and discover and reunite with lost relatives. Similarly, Personal genomics companies also offer individuals this option to help them better understand their genetic traits, and how that might affect them in their lifetime, along with their descendants and relatives.

Despite the advantages that these services bring, the widespread use of expiring security and storage technologies to protect this information represents the next significant new threat to the loss of our privacy and individuality.

Read more...




A River of Facebook Profiles

23rd May, 2018 | Data Security | Entropic

Forest and Whitewater river in Mühlebach VS

In our previous article, we introduced a model to help describe the lifecycle of information after it has been disclosed to an organization by another individual or organization. In this article we'll focus on another phase of this lifecycle - the Third Party Sharing phase, and describe how it applies to the 2014 mass extraction of 87 million+ user's Facebook profiles performed by Global Science Research (GSR), which were subsequently sold to SCL Elections and Cambridge Analytica, a subsidiary.

Read more...




The Fuel of Facebook

15th May, 2018 | Data Security | Entropic

Menlo Park Trail

In our previous article, we introduced a model to help describe the lifecycle of information after it has been disclosed to an organization by an individual. In this article we'll focus on one particular phase of this lifecycle - the Collect & Send phase, and describe how it applies to Facebook.

When you think of how users interact with Facebook, you might picture someone using an app on their phone, or a browser on their PC to interact with the social network. However, over the years through third party integrations, company acquisitions, and the evolution of the Facebook Platform, the number of products and services they now offer, along with the volume of information that they collect from their users, has massively increased.

Read more...




The Information Disclosure Lifecycle

5th May, 2018 | Data Security | Entropic

Mt. Hamilton Observatory

Organizations are constantly challenged to continually improve their security posture, and protect the information they rely on to do business. Many now also rely heavily on curating information about individuals who have consented to share, as they go about their daily lives.

Blockchain is helping to improve these organizations cybersecurity posture, in areas such as multi-factor authentication (MFA), and the Internet of Things (IoT). Some of these improvements are detailed in this article by Christina Comben, originally posted on CoinCentral.com

With the recent increase in events surrounding the handling, processing and protection of information, we thought it would be a good idea to create a draft model that would allow us to better describe the lifecycle of information after it has been disclosed to an organization by an individual.

Read more...




Best Practices for Decentralizing Information

27th April, 2018 | Data Security | Entropic

Inyo National Forest

In our previous article, we discussed how the fortress mindset has influenced how we instinctively protect information. Today, encryption and authentication are the foundation of how we secure information that is holistically stored in one location - the fortress.

If an attacker knows that all of the information they seek is holistically secured in one place, their motivation to break through the barriers that protect this place becomes very high. Over time, both encryption and authentication have had to adapt to contend with evolving attack techniques, many of which exploit vulnerabilities arising from the need to balance security with convenience for the user.

Read more...




Decentralizing the Information Fortress

17th April, 2018 | Data Security | Entropic

Data Center

Over the past 20 years, as a result of implementing cost savings, better efficiency, and improved manageability, we have seen a significant migration of software, hardware, and data to public and private cloud-based storage infrastructure.

Within these fortresses of information - data centers, and possibly unbeknownst to many, a large amount of personal information continues to accumulate.

Read more...




Panwrypter v2.0 "Langkawi" Release

5th April, 2018 | Product Release

Postcard

Dear All,

We are pleased to announce the launch of Panwrypter v2.0 - an App to protect your most important files, using a type of decentralized protection called bitwise depletion.

This release improves upon convenience & ease of use, and introduces additional, advanced security features...

Read more...




Protecting your files while travelling

Tutorial: Protect Files while Traveling with Panwrypter

29th March, 2018 | Tutorial

You may travel as part of conducting business with regional offices and customers. During travel, you may habitually choose to store sensitive files on your notebook, or on a USB stick. Using this approach vs. cloud storage might give you some peace of mind that the sensitive information is physically with you at all times.

During travel however, when your carry-on or checked-in luggage is not with you, this information might be vulnerable to unauthorized access....

Read more...