Episode 184 – Floating Krack

From @guuuuugl’s ICAROS tweet from #AWE2017

Recording on a crisp October day, Michael and Michael start off this episode with the ICAROS virtual reality fitness rig @epredator shared from his experience at Augmented World Expo #AWE2017. The pair continue their mixed reality discussion with a thought experiment on Tinder prompted by an iMore article on the best AR experiences for social media. Michael R shares his understanding of a vulnerability in the WPA security profile stack known as Krack.  The net is, it is best to set up a separate router and separate network for your internet of things devices.  Michael R recommends “keep your stuff updated”.

Selected links 

ICAROS — Virtual Reality Fitness Experiences — http://www.icaros.com

Virtuix Omni 360 degree treadmill — http://www.virtuix.com

Augmented World Expo — https://www.augmentedworldexpo.com

iMore article: Best AR experiences for social media right now! — https://www.imore.com/best-ar-experiences-social-media-right-now

Tinder — https://itunes.apple.com/us/app/tinder/id547702041?mt=8

Wired article: Why the Krack Wi-Fi Mess Will Take Decades to Clean Up — https://www.wired.com/story/krack-wi-fi-iot-security-broken/

Motherboard article:  KRACK for Dummies — https://motherboard.vice.com/en_us/article/3kaxz3/krack-wifi-hack-attack-guide-explainer

Security Now podcast show notes on KRACK — https://www.grc.com/sn/sn-633-notes.pdf

 

What games are the hosts playing?

Michael R — Gunman Taco Truck — http://www.gunmantacotruck.com

Play

Episode 173 – Babel Fish


Computer to computer communications protocols used to start with a high pitched whine & crackle over a telephone line, using a modem – a modulator / demodulator – to establish a handshake.  Computer to computer interactions are nothing new — but AI to AI interfaces are becoming more and more common.  We discussed some of the ramifications in earlier episodes of the podcast — links below for those — and now we turn to how artificial intelligences create optimized methods of communication between themselves.  Like the Twitch example of two Google Home bots talking with one another, the first few articles tell the story of how Facebook and Google AIs created a new way to communicate more effectively by negotiating with one another.

The Google example for the translation services reminded Michael and Michael of the Hitchhiker’s Guide to the Galaxy Babel Fish translation concept of a fish that fits in your ear to automatically translate one language to another.  The Bragi Dash in ear headphones are designed to do just this.  Pretty futuristic stuff.

Riffing on what our friend @epredator tweeted, the team discusses the ramifications of knowing what people are looking at in VR in the YouTube Creator Blog.   And the last item deals with gamification to improve cyber defense.  What would you think could benefit from a blue team vs red team gamified process?

Selected links 

The Atlantic article:  An Artificial Intelligence Developed Its Own Non-Human Language — https://www.theatlantic.com/technology/archive/2017/06/artificial-intelligence-develops-its-own-non-human-language/530436/

Tech Crunch article:  Google’s AI tool seems to have invented its own secret internal language — https://techcrunch.com/2016/11/22/googles-ai-translation-tool-seems-to-have-invented-its-own-secret-internal-language/

The Atlantic article:  What an AI’s Non-Human Language Actually Looks Like — https://www.theatlantic.com/technology/archive/2017/06/what-an-ais-non-human-language-actually-looks-like/530934/

Twitch: C:>Bots Chat — https://www.twitch.tv/seebotschat

Edelweiss Little Singers of Armenia — https://www.youtube.com/watch?v=6JMHXbxZYf4

Wired article:  Bragi’s Fancy New Earbuds Translate for You in Real Time — https://www.wired.com/2017/05/bragis-fancy-new-earbuds-translate-real-time/

Babel Fish, probably the oddest thing in the galaxy — http://hitchhikers.wikia.com/wiki/Babel_Fish

Games At Work Episode 51:  Tea.  Bojangles.  Hot. — http://gamesatwork.biz/2013/06/30/episode-51-tea-bojangles-hot/

Games At Work: Episode 159:  Virtually Secure — http://gamesatwork.biz/2017/01/22/episode-159-virtually-secure/

Games At Work Episode 163:  Chat Me Maybe — http://gamesatwork.biz/2017/02/27/episode-163-chat-me-maybe/

YouTube Creator blog:  Hot and Cold: Heatmaps in VR — https://youtube-creators.googleblog.com/2017/06/hot-and-cold-heatmaps-in-vr.html

Mind over Machines blog: Symphony of Big Data — http://mindovermachines.com/blog/a-symphony-of-big-data/

Security Intelligence:  Game Over: Improving Your Cyber Analyst Workflow Through Gamification — https://securityintelligence.com/game-over-improving-your-cyber-analyst-workflow-through-gamification/

What are the co-hosts playing these days?

Michael R:  TechCrunch article:  SEGA’s new SEGA forever collection brings classic games to mobile for free — https://techcrunch.com/2017/06/21/segas-new-sega-forever-collection-brings-classic-games-to-mobile-for-free/

Michael M:  Yoga Studio — https://itunes.apple.com/us/app/yoga-studio/id567767430?mt=8

Play

Episode 159 – Virtually Secure

Michael R and Michael M, go deep on virtual assistants and the security storm around WhatsApp in the news recently. We also look at how an old virtual world shopping experience may be coming to life in virtual reality.

The duo start with the Facebook/Oculus tour of the White House and think about whether movies and television shows have the layout and rooms of the building right.  Michael and Michael quickly then turn to Amazon’s focus on virtual reality shopping experiences stemming from articles from TechCrunch and Variety.  Michael R shares his experiences in developing just this kind of experience for Sears 10 years ago.

Then things get even more interesting with holographic personifications of artificial intelligences — where the Gatebox anime character looms large — or rather hovers in a coffee machine style enclosure, and interacts with the user via voice and text chat.   While speech commands are picking up steam, it is still has a social hurdle to climb.  It is embarrassing or just feels weird to talk to inanimate objects, even though the author of the Digital Trends article makes the valid connection that talking to devices is like talking to a pet, and pets do sometimes listen…

The show wraps up with an interesting discussion on the security news related to WhatsApp.  We hope you enjoy!

Show Links:
Virtual White House – http://www.usatoday.com/story/tech/columnist/baig/2017/01/13/obamas-lead-white-house-tour-virtually-help-oculus/96532192/
The West Wing http://www.imdb.com/title/tt0200276/

Amazon possibly working on VR Shopping Experience https://techcrunch.com/2017/01/19/amazon-job-posting-suggests-plans-to-bring-shopping-experiences-into-vr/
Google Daydream View https://store.google.com/product/daydream_view
Oculus Rift https://www.oculus.com
Samsung Gear VR http://www.samsung.com/global/galaxy/gear-vr/
Bridge AR/VR headset https://bridge.occipital.com
Sears VR Shopping Experience – now 10 years old https://www.youtube.com/watch?v=0ABxTr8sL3U&feature=youtu.be

Variety article — Amazon VR Shopping app http://variety.com/2017/digital/news/amazon-vr-shopping-app-1201962695/

AI Assistants are like Pets http://www.digitaltrends.com/mobile/talk-to-ai-assistants-like-your-pets/
Gatebox Home AR Powered Holographic Robot http://arstechnica.com/information-technology/2016/12/the-anime-girlfriend-experience-gateboxs-ai-powered-holographic-home-robot/
Gatebox story http://gatebox.ai/story/
Gatebox https://gateboxlab.stores.jp/items/57ea607100d331404d002d77

Twitch See Bots Chat https://www.twitch.tv/seebotschat

Security Researchers call for Guardian to retract false WhatsApp backdoor story https://techcrunch.com/2017/01/20/security-researchers-call-for-guardian-to-retract-false-whatsapp-backdoor-story/?ncid=rss
SecurityNow! Transcript Episode 595 -What’s up with WhatsApp? https://www.grc.com/sn/sn-595.txt

Play

Email handling

This will NOT be a political post.  Over the last few years, the world has gone insane.  It has become obvious, at least to me, that people are using more and more technology that don’t have a clue how it works.  Governments, companies, and hackers are enjoying this, as many people don’t understand what data is stored where, and how that data is handled or secured.  Many people are willing to give up all of their privacy just to play a game (if you don’t believe this, take a look at how many of the freemium games on your phone “require” you to either be connected and/or have location tracking turned on).  A whole generation of consumers have given up on the whole idea of privacy online.

I was listening to a security podcast recently and they discussed the idea that we’ve all become overwhelmed with our own security requirements.  Many people have just given up on trying to stay up to date on their security and privacy settings.  When was the last time you have checked your Facebook security and privacy settings. Companies, like Facebook, assert the right to change their settings and defaults at any time, and as such just keeping up with those changes could be a full time job. 

By default, email is inherently an insecure protocol on the internet.   In order to route email between end points the meta data is not corrected.  So you already give up privacy on who you are sending email to.  Most email users will not change their settings to actually encrypt their email content.  

Over the years, I have used PGP encryption in my emails.  PGP is an example of public key encryption, which will allow you to encrypt the email content and ensure the receiver that the email has not been changed in transit, as well as ensure that it actually came from you.  However, for some reason, every time I upgrade my operating system my PGP tool fails, as they  must be hooked into the OS land thereby lag in compatibility. This is an unacceptable outcome for the average consumer.

I believe we need to change the fundemantal architecture for email to make encryption, security and privacy the default setting.  It may take another 10 years or more to migrate the web to this architecture, as we have the problem with defaults – most people don’t change them.  What do you think?

Episode 150 – Cyber Dementors

The Michaels go deep this episode on the idea of swarms, science, and security.

We review work presented at this week’s ACM conference regarding swarming robots, envisioning many different uses for this technology. We discuss the challenges of landing on Mars, and how swarms of cubesats and other technology may help us be more successful in space exploration. And after today’s major internet attack we wrap up with the UK government’s new plan to help debunk much of the FUD that comes up around security issues.

Finally, if you are out and about next week, come meet our co-host – Michael Martine, at the Southern Fried Agile conference!

Show links:
Swarming from ACM
Kill Decision
Robot Cockroaches
Sense-Fly Mapping Drones
ESA Failed Robot and Working Orbiter, what we know
Cubesats
Elon Musk’s Mars Colonization
Why the internet shutdown today
UKs new Cyber Security Centre
IoT Security PoV
Security Now transcript Episode #581 – Security Fatigue
Stranded Traveler email Scam
DMARC
The Diamond Age

Come See Michael in Charlotte, NC
Michael M. At Southern Fried Agile

Play

Episode 133 – Game Brains

yellowandblack

Episode 133 – Game Brains was recorded on Friday, the 18th of February 2016.

Does playing video games make you smarter?  Michael and Michael answer this question with a resounding “maybe”, as they go through a tour of several interesting links, from Google’s DeepMind computer playing Go, to Volvos starting up without keys, to toys that think and 3D printing going back to 1964 with plastigoop.

We hope you enjoy the show!

Selected links
Can Video Games make you Smarter? — https://youtu.be/OOsqkQytHOs
Luminosity — http://www.lumosity.com
Gmailification — http://techcrunch.com/2016/02/17/google-launches-gmailify-a-way-to-use-gmails-best-features-with-non-gmail-accounts/
Mailbox — https://itunes.apple.com/us/app/mailbox/id576502633?mt=8
Airmail — https://itunes.apple.com/us/app/airmail-your-mail-with-you/id993160329?mt=8
Google Now — https://en.wikipedia.org/wiki/Google_Now
Connected Toys and the Serious Business of Play — http://techcrunch.com/2016/02/15/the-serious-business-of-play/
Mattel 3d printer — http://www.engadget.com/2016/02/15/mattel-thingmaker-3d-printer/
Mattel’s Creepy Crawler Thingmaker with Plastigoop — https://en.wikipedia.org/wiki/Creepy_Crawlers
Sphero — http://www.sphero.com/starwars
Teddy Ruxpin — https://en.wikipedia.org/wiki/Teddy_Ruxpin
Monopoly — http://www.avclub.com/article/monopoly-now-cashless-economy-232281
DeepMind plays Go —  http://mashable.com/2016/01/27/google-ai-beats-go-champ
Pacman 256 — http://pac-man256.net
Rogue on iOS —  https://itunes.apple.com/us/app/rogue/id298113808?mt=8
Volvo keyless cars — http://www.bbc.com/news/technology-35611130
Keyless remote app — https://itunes.apple.com/us/app/car-remote-keyless-entry/id718121721?mt=8
Smartphone app ride pickup zone — https://twitter.com/doctorow/status/700734551132282880
Global Gamification Market estimated to be $11.1B by 2020 — http://www.businesswire.com/news/home/20160218006350/en/Global-Gamification-Market-Worth-USD-11.10-Billion

Games Michael & Michael are playing
Michael R — A Tiny Game of Pong — http://mashable.com/2016/02/17/apple-watch-a-tiny-game-pong
Michael M — Tomb of the Mask — https://itunes.apple.com/us/app/tomb-of-the-mask/id1057889290?mt=8

Play

Episode 112 – Persistent Personality Profile

It’s May and the co-hosts are all together to talk about gaming internet security. Michael R describes two different approaches to gaming internet security he saw at the recent RSA Conference, and challenges his co-hosts and you the listener to come up ways of improving both of them. We also discuss which games we are playing.

Show Links:
RSA Conference
Mavi Interactive
Blizzard Ban’s Cheaters
Star Wars Commander
Alto’s Adventure
Flower Game

Play

What’s been going on

There is something about spring that seems to impact our co-hosts getting together.  Between the demands of work schedules, conferences, and holidays with friends and family I would like to apologize for the infrequency of our podcast.  At one point in time we had planned on having a bunch of reserve episodes in backup that we could post, but that is not really fair to you, the listeners.  So for this week, I am going to write a quick post about some interesting things I’ve seen lately.

My schedule has been impacted by a bunch of customer visits and conferences lately, one of those conferences was RSA in San Fransisco.  RSA is one of the largest security conferences each year, and it was completely overwhelming.  You can go to my other blog for my daily quick reports on the conference over at Triangle App Show. There were two items at that conference that I think would have made great discussion topics on this podcast,  however, I will blog about them instead.

Bugcrowd and Cyber Patriot:

Bugcrowd – is a crowd sourcing platform which specializes in security testing of public applications.  It uses many of the traditional gamificafion techniques of leaderboards, non-traditional currencies (Kudos), and adds in real bug bounties for cash.  Companies will hire bugcrowd to get a group of testers who are unleashed on a site or app, and have to report bugs that they find.  While talking to the team at bugcrowd one of the original founders at topcoder came up and asked how they vet their participants.  This was a big issue for TopCoder when they looked at offering a similar service, and due to liability they decided not to offer it.  How do you stop a would be black hat from using the service to uncover bugs and not report them, only to then sell them on the gray market.  To me this was the part where bugcrowd didn’t understand the dynamics of the game.  Their basic premise is they only open up the call for participants on public sites or apps, so a real black hat wouldn’t join the game and just do their hacking independently.  I am not sure that this is true, since the black hat can see what exploits others are finding and sell them as short lived zero days.  I have been reading the book Future Crimes by Marc Goodman, and the value of zero days on social sites, even short lived, could easily be worth more on the gray market than the entire bounty of the bugcrowd game.  Setting up the right game mechanics could solve this, but could reduce the incentive for participants to build on the work of others.

Cyber Patriot
The Cyber Patriot program is a aimed at grade school kids to teach them about ethical hacking, security and privacy on the internet. At the RSA conference there was an area with an entire focus on cyber safety for kids. This area included many interesting companies (more on them over at my other blog – Triangle App Show. At the time of the show, the Cyber Patriot program had two competitions, one for Middle-school kids and one for High School kids. The structure of the contest allowed for state and regional competitions all leading to a national competition where the best of the best got a free trip for the team and their instructor. The national competition allows for students to compete head to head on identifying and solving a cyber security challenge. What I found interesting talking to the individual at the booth, was that they Cyber Patriot program recognized that waiting for Middle School was too late. As such they were about to launch in a few weeks (and they have by now) a program for younger kids – all the way down to Kindergarten. The younger children will get a much more “mario type” gaming mechanic as a way to help them learn and understand cyber safety and cyber security. I find this a great way of teaching kids the implications of our online lives.
A quick parallel to the last thought, as we’ve had more and more breaches of customer information in the news, healthcare systems, store credit cards, social networks, etc. the issue of identity theft is becoming more critical. Not just the identity of an adult, but that of our children. If a cyber criminal can get an identity tied to a young child, they can leverage that for 10+ years of fraud, ultimately ruining the future reputation of your children. Think about how you are protecting your children from this identity theft.

As we move forward with the podcast, I am sure we will be opening the aperture and extending our topics beyond just the gamification discussion. Having said that, please drop us a note if you have any ideas of what you’d like to hear more of. Thanks for all your support – and keep Playing Games!! AT WORK!

Episode 74 – 4K Gaming

George Bernard Shaw quote

Episode 74, 4K Gaming was recorded on Friday, September 27th, 2013.

In this almost-lost episode, Michael M introduces Sandy Kearney as a Game At Work.biz co-host. Since Sandy used the term “HD of Gaming” during the recording of the podcast, it seemed a small editorial liberty to upgrade to 4K. Game on!

Sandy’s core work is with e426.org — assisting small businesses, IEEE and universities on the use of emerging and innovative technology. She is also a professor at Villanova University teaching leadership, business and emerging technology. Furthermore, she also teaches emerging technology and runs the emergency planning and professional studies programs at Immaculata University.

Wargaming and Peacegaming
Emergency planning lends itself very well to running board exercises to plan what would Hurricane Sandy look like, and how it would play out. Using new technology to explore the logical path forward through games helps to position first responders as well as create a better emergency preparedness plan for the university.

HD of Gaming
We can see instant results through visuals and dashboards that would not have been understandable ten years ago. This instant feedback allows for faster process awareness, both the detailed documented processes as well as the undocumented ones. Sandy noted that the best university responses to crises, both natural disasters and man-made ones, have been social media, noting “the best university responses have been social media, better than arming police officers”. Whereas the younger generations have quickly adopted and embraced these social new technologies, others are slower to make full use, and these emergency preparedness simulations can open the eyes and speed adoption.

Not just process modeling — process mining!
Following on the idea of emergency preparedness, Sandy and Michael explored the importance of collecting the data to analyze at a later time as an important capability. Because of the data capture, it is now possible to better understand how the data is joined to the process, determine behavior when people play, how the play, and look at the larger scenarios, the geopolitical framework, local crisis response and better understand the full ecosystem. This concept is not foreign in the space of business process modeling, where business people (as opposed to technologists) can make changes to the business models and have the underlying technology change the process to match the business reality. Professor Will van der Aalst’s research on process mining allows for this kind of analysis, on steroids. Every process step could be captured with a time & date stamp and the fuller analysis of the complete set of transactional events could create a process model that is much more like reality than a model created from scratch. Professor van der Aalst’s work surfaces the “elephant paths” — the way that people actually execute a process, rather than the proscribed steps that the desk procedures say that a process should execute.

Institutional Protocols
These elephant paths — very similar to the way that university students cut across a lawn to get from point A to point B in a more efficient way — demonstrate the inherent challenges with institutional protocols, and the efforts of people to circumvent them when they become a hinderance. Sandy uses the example of IT wireless network security, describing a situation where the difficulty in getting connected to a wireless network bogs down the the user to the point where they seek out a wired ethernet connection, which is much simpler to plug in and get to the Internet. Circling back to emergency planning, these kinds of data collection about what people actually do when confronted with a challenge, coupled with location based data could surface some very interesting insight needed to tighten controls as well as provide for more rapid communication, done in unconventional ways.

Selected show links:
e426.org the Innovation Corps for America — http://e426.org/
Villanova University Department of Computing Sciences — http://csc.villanova.edu
Immaculata University — http://www.immaculata.edu
IEEE — http://www.ieee.org/index.html
IBM BPM Symposium 2013 — http://www-05.ibm.com/de/events/bpm-symposium/index.html
Process Mining — http://www.processmining.org
BPM Symposium 2013 interview with Prof. Wil van der Aalst (auf Deutsch / German) — http://www.youtube.com/watch?v=PW16JqxftKw&feature=youtu.be
Technische Universiteit Eindhoven — http://www.tue.nl
Professor Wil van der Aalst — http://wwwis.win.tue.nl/~wvdaalst/

We are just delighted to have had you dialed our way. You can find us on G+, Tumblr, Facebook, Twitter and more. Please comment, friend, tweet and send us topics you would like to hear more about!

Play

Episode 25 – Social Reciprocity

As the the day are getting shorter, and our day jobs are getting busier, the Michael’s have a lot of fun talking about the latest tech news and how it ties back to playing games at work. Michael R even gushes a bit about the possibilities of Microsoft’s Surface RT, and how well they presented it to the market on Thursday. While there was no Oprah moment at the announcement, there were multiple people who walked away with one.

Links:
Windows RT Announcement
Apple’s iPad Kickstand
Data Visualization Widgets
Windows 8 is NOT Metro
Bean Traders
Awesome Coffee Visualization
LinkedIn Skills Profiles
Today’s Podcast on Storify
Michael’s iPad mini Review
Demon Costume

Play