Davey looks through the looking glass, and evaluates cheap background-checking services to see whether he can find any info... on himself.
Davey looks through the looking glass, and evaluates cheap background-checking services to see whether he can find any info... on himself
I’m happy being a geek, hence I’ve owned the happygeek.com domain for the past 20 years. I’m also attracted to good-looking things with high levels of intelligence, hence I’ve been married three times. Before I’m crucified for being a misogynist, that was an attempt at humour (which probably accounts for two divorces). Couple being a geek with a liking for good-looking, intelligent stuff and it was almost inevitable that I’d stumble across GlassWire. It’s marketed as a visual firewall, which I think demands a little explanation.
The most common description I’ve found is that GlassWire is an interface to the Windows Firewall, but that isn’t the whole story. I don’t have Windows Firewall running on the laptop where GlassWire is installed – the security suite disables it – yet I still run, and still like, GlassWire. Funnily enough, I don’t run Windows Firewall on my Samsung Galaxy 8+, yet the GlassWire app is installed there and I like that too. And the reason for this, in both cases, is the transparency to network activity it provides.
The Graph Apps view is good to get a broad-strokes idea of application activity and, with a mouse-click or two, to drill down into what any app has been doing online during any given period. There’s a Traffic view that brings that visibility at a protocol level, but I usually watch the “all” view that combines both.
Things get more interesting on moving into the Usage area, if you like to know what’s eating your bandwidth. Again, as is true of most areas within GlassWire, you’ll be able to drill down into the data here as well – by hosts, by alerts generated and so on. The third view is an Internet of Things one, or devices connected to your network. No drilling down here, but you do get a view of IP and MAC addresses, device name if known, and first connection to the network – but that’s it. I prefer the Fing app for this kind of network device discovery.
I can’t comment on the Firewall view much, mainly since Windows Firewall is disabled. If it wasn’t, then I could interact with it and control what it does through a more informative and intuitive interface. For example, get control over what programs can access the network using the “ask to connect” mode, rather than digging through the Windows Firewall advanced settings.
This would, of course, keep you busy on the pop-up dialog front – and that would be a huge pain; doing it in reverse with “click to block” is much easier on the finger. I do use the Firewall view, though, since it provides the quickest and clearest access to the VirusTotal function. This uses the VirusTotal database to check any app (just click and request a scan) against a bunch of AV engines to obtain a risk score. If there are any reports of it being malware, you can see quickly and then “click to block” while investigating further.
Talking of the security side of GlassWire, not only will it notify you when a new device joins the network, or an app has connected, but also if it has connected to a suspicious host. This is cool. Want warnings about changes to your HOSTS file or networking drivers and so on? It can do that as well. It even does the Fingbox ‘fing of having an evil twin option for alerting you to any device trying to connect to a rogue, cloned Wi-Fi hotspot.
I like that there is a functionlimited free version, but it enables the paid-for features during the first week so you can try them out. If, like me, you find them useful then you can opt for one of three subscription levels costing $39, $69 and $99. The cheapest gets you a licence for one device with three remote connections and a six-month history. The next level ups that to three devices, ten connections and a 12-month history. The Elite version brings ten devices with unlimited connections and history to the party.
I also like the Android app, which is free. It has no ads and, importantly, sends no data anywhere itself. This is a key consideration for me. A lot of apps send data over the network themselves. Look into this some more and you’ll discover that, in many cases, the app developer is at liberty – through the privacy policy
“I’m a fan of GlassWire, and the reason is the transparency to network activity it provides”
– to sell that data on to third parties. In contrast, GlassWire’s developers make money through the Windows desktop application. This enables them to make the Android app free, and they tell me no app usage data leaves the device at all.
Like the desktop client, the GlassWire app is great for both an informative overview of what’s connecting and to where, while a few finger-clicks can reveal all the information you’re ever likely to need.
Twitter applies AI to improve UI
As someone who visits threat research labs around the globe, I’m used to being briefed on how AI – or machine learning, in reality – can help protect networks and data from attack. When I heard that Twitter was implementing AI in a new project, I immediately thought it was detecting fake news from the Russians attempting to influence political outcomes in the West.
But no, nothing quite as exciting as that. Twitter has developed a smarter way to automatically crop previews of photographs uploaded to a feed. In fairness, this is no bad thing. How many times have you uploaded a photo to find that cropping applied by Twitter ruins the preview image?
In case you’re wondering why Twitter crops them at all, it’s all part of “the fewer characters, the better” approach to social networking. So, images are cropped both to enable more tweets to be seen at a glance and to render a more consistent UI. This would be acceptable if Twitter did a better job of the cropping.
Using face detection to focus on the “most prominent face” is a heuristic approach that immediately fails if the image doesn’t feature any faces, for example. The heuristic process used would compensate for no faces being found (even if there were, and it just missed them for whatever reason) and focus on the centre of the image instead. Twitter even had to admit that the face detector didn’t recognise cats, which is unfortunate given the sheer quantity uploaded.
Badly cropped previews are, in my opinion, worse than no previews at all. Thankfully, the boffins at Twitter seem to agree, and have been working on a new, intelligent cropping algorithm. This is based upon the notion of saliency, or the bits of the image that our eyes most commonly fall upon when scanning a photo. Wider research using eye-tracking tech has been plentiful, so there’s lots of data out there that’s perfect for a machinelearning environment to be trained with.
The problem, as with most ML-based technologies, is one of speed. Real-time sharing of images would be too slow if every image had to go through this saliency prediction process before being cropped and previewed. The Twitter researchers tackled this issue by optimising the implementation to just worry about the most salient regions of the image being “roughly” processed, rather than delving into a pixel-by-pixel level of granularity. Things were further speeded up by using a knowledge distillation technique, where larger networks generated predictions. These are then used to train a smaller and faster network to imitate how they did it.
Twitter researchers reckon these methods, plus some complicated iterative pruning of feature maps, resulted in a ten-times speed increase of predictive processing, enabling real-time intelligent cropping. These updates are currently being rolled out across Twitter, and will also arrive for Android and iOS apps shortly.
Encrypted Dropbox
PC Pro reader Alistair Coppin emailed in to ask a straightforward question: should I encrypt the data I store in Dropbox, and if so, how? As with all such questions, the truthful answer is “that depends”. On the sensitivity of the data being stored, whether you’re a business or individual, if GDPR or other data protection regulation may apply, and so on.
The data privacy regulatory framework doesn’t apply here; Alistair is more interested in keeping his family photos private in the event his account was compromised. The next question is what does Dropbox do by default? The answer is that it provides the usual encryption of data in transit (via Secure Sockets Layer/ Transport Layer Security), and encryption at rest using 256-bit AES when your data arrives.
Which is okay – but is it good enough? While 256-bit AES is decent encryption, if an attacker got access to Alistair’s credentials, they could log in as him and the data would be presented unencrypted. So the first bit of advice is to use random and long passwords (get that password vault operational), together with activating two-factor authentication; your attacker would then need access to your authenticator-generated access code as well as your password.
This still doesn’t get around the fact that Dropbox holds the encryption keys and could decrypt your files if law enforcement came asking. Or, indeed, if an attacker managed to compromise Dropbox itself and obtain access to those keys. Both are highly unlikely, and for the average user not too concerning.
If paranoia bites, there are options available to make encrypting your data before you send it to Dropbox both painless and secure. The latter as you hold onto the keys, not Dropbox, and the former as they really can be click-and-forget these days.
Boxcryptor is pretty good, with a Windows client that will encrypt data on the fly. Every file is encrypted separately, which means you can decrypt and view your files without engaging in a timeconsuming bulk decryption process. A double-click on an encrypted file opens it in seconds. Save your changes and it’s encrypted again, automatically.
Boxcryptor is free for personal use, but with a few restrictions – only connecting to a single cloud provider (Dropbox is supported), for instance, and data can only be synced across two devices. The new version
comes with support for 2FA, though. For unlimited cloud services and devices, plus filename encryption, upgrade to the £34.50-a-year version. There’s a free Android app, but you can’t encrypt existing files with it; you’ll need to use the desktop version for that. For the photo use that Alistair mentions, however, it has a cameraupload feature that will automatically encrypt and upload photos as they’re taken.
Davey Winder: no data found
There are numerous reputable organisations that specialise in providing online background checks, at a cost. Which is why, especially at the smaller end of the business spectrum, I generally recommend a combination of Googling, social network exploration and common sense – unless there are regulatory requirements to be met.
What I wouldn’t recommend is using one of the many services that offer such checks for a very low fee; which often turns into a recurring monthly subscription. I tried such a service recently, with a search on myself, to see how accurate you can be for £2.50. The answer? Not very.
I’ve led a very visible life online, since the time when the internet was only accessible to a privileged few. Searching for background on myself would, you might think, throw up a heap of information. Inputting my email address prompted a successful return in finding my full name, email IP, street address and background check data. Once I’d paid the fee, it further promised a full report that would include age, date of birth, address history, criminal records, marriage and divorce information, and property ownership details.
Having paid and entered my email address again, the result came back as: nothing found. I tried searching for my full name and, yet again, it returned zero records. If you need serious background-checking services, then, employ the proper HR firms that know their stuff. If you don’t, then either do that Googling and Twitter searching yourself, or use your judgement as to whether or not someone is good for the job.