Wednesday, March 21, 2012
MS Surface Sample Apps Not Working (x86) - System.NotImplementedException was unhandled error
Solution
A "System.NotImplementedException was unhandled error" in Microsoft Visual C# 2008 Express Edition happened for the sample apps that came with the Microsoft Surface SDK and Surface Simulator. This was a huge problem until I found the Solution to this problem. It is simple. First, you have to show advanced build configurations by going to "Tool -> Options -> Projects and Solutions -> General", clicking the "Show all settings" and checking the "show advanced build configurations". This will make it so the "Build -> Configuration Manager" will show in the main window drop-down menus. Go there and "Add new..." with x86 processor run the apps without these problems.
System.NotImplementedException
MS Surface in the Store
MS Surface
Sunday, March 18, 2012
Octomobi
Octomobi is an Mobile App Building website. Here is an App that I made with it as a demonstration.
EZ App Builder
EZ App Builder
Tuesday, March 13, 2012
Web & Mobile Privacy
Web & Mobile Privacy
Adam Cox
University of Massachusetts Lowell
Lowell, MA 01854
Adam.Cox9@gmail.com
Abstract
Privacy on the web and on mobile devices is a growing concern. More people are sharing more aspects of their lives on their mobile device and the web without knowing exactly what can happen. This paper will identify the problem in general, provide some specific examples, and attempt to identify some potential solutions.
Introduction
“Privacy is considered a core value in democratic societies and is recognized either explicitly or implicitly as a fundamental human right by most constitutions of democratic societies. [2]” There is no clear definition of privacy. It is typically viewed by some researchers [7] as either “the right to be left alone” or “the right to control what information is known about them.” Further, other scholars [2] define privacy in two aspects, “informational privacy” and “spatial privacy”. One really good question was asked [7]: “Is privacy one of the unalienable rights to all citizens?” If it is, then there are mobile & internet privacy related issues that need to be resolved. It is implied [2] that privacy is a core value in democratic societies.
There has been research [7] into the foundation of privacy rights. As suggested, US laws are built upon the principles stated in the Constitution & Declaration of Independence. However, there was no direct mention of the term privacy in either of them [13]. The laws that do exist are considered a patchwork and some are not fit for the internet and mobile devices [7]. The laws will become too complex and possibly ineffective, but further, research suggests that a general law will not be effective either [7]. Breaking laws up into realm levels with guidelines in each realm would be more effective [7]. The US Bill of Rights [16] states that “private property [should not] be taken for public use, without just compensation” in Amendment V. Google’s new privacy policy has a one size fits all solution and a sub-privacy policy for specific services that either extend or overwrite the general policy [17]. Google’s method appears to be appropriate and the US in its’ entirety should make a general privacy policy with some policies that override it for specific situations.
“New users of the Internet generally do not realize that every post they make to a newsgroup, every piece of email they send, every [WWW] page they access, and every item they purchase online could be monitored or logged by some unseen third party. [1]” Whether it will be from their mobile device or their desktop computer, it is evident that users are at risk.
Current Privacy Laws
Most states have enacted laws to require companies to notify customers that their personal information has been breached. According to Anton, Earp, & Young [10], they concluded that it is plausible that these laws made it so more breaches were reported. This data can be visualized in [10].
The US has some privacy related laws [7]:
- The US Constitution (Amendment IV) secures the right of the people to be secure against unreasonable search and seizures
- Privacy Act of 1974
- Computer Security Act of 1988
In 1998, the FTC recommends five Fair Information Principles [6]:
- Notice/Awareness
- Choice/Consent
- Access/Participation
- Integrity/Security
- Enforcement/Redress
The EU has privacy protection laws [2]:
- EU Data Protection Directive 95/46/EC - codifies general privacy principles
- EU Directive 2002/58/EC - sets out specific rules for privacy protection in the electronic and mobile communications sector.
Security freeze laws were put into place allowing users to prevent any accounts being opened in their name. According to [11], Alabama, Michigan, and Missouri have not yet adapted a security freeze law, but since this paper was published, Missouri has passed such a law. However, the consumer agencies allow anybody from any state to set a security freeze on their account [10].
Common Threats
“Long-term databases threaten your ability to choose what you would like to disclose from your past. [1]” A post that you made after a few drinks when you were 21, could come back to haunt you at your job when you are 30. Further, advanced search technology could turn up a post or picture of you that maybe a family member or friend posted in the past without your knowledge or permission. This may cause harm at your place of work or in a relationship. Other problems include sites that allow anybody to locate another person’s address online. This could allow stalkers or an ex to identify and locate their victims.
There have been many specific examples of government employees abusing government databases of information [1]:
- · IRS employees making illegal queries
- · SSA employees making illegal queries
- · AIDS patients records have been leaked
- · The FBI has been known to spy on politicians
- · The NSA has been known to spy on other domestic targets
- · Bill Clinton’s Democratic administration was found to have unauthorized secret dossiers on Republican opponents
The HIPAA Privacy rule establishes national standards to protect individuals’ medical records and other personal health information [12]. There is no general law that forces companies to notify its’ customers of their privacy practices other than medical related information. There are many federal and state laws that are related to the privacy of users’ data [13].
Tools & Solutions
The Platform for Privacy Preferences (P3P) [3] protocol would allow websites to publish their privacy policies in a machine readable format. The browser of the visitor could then read this and compare it to the user’s settings. The drawback to this method is that there are no laws or regulations forcing websites to adhere to this policy if they use it [2].
Other tools, such as PiML would control the dissemination of a User Agent profile. The User Agent profile includes information such as location. PiML could be run as a proxy-based solution or browser built-in solution [2].
There is also a PRIME project, which is working on solutions that will provide users control over their personal data. It will also allow users to trace where the data about them is being sent [2].
Vulnerabilities
Mulliner [9] found that private information would be sent to the websites that the user visited through the HTTP proxy headers. They concluded that the mobile network carriers appended this information instead of it getting sent directly from the phone. They showed a detailed example of how the MSISDN number is getting sent out which contains the user’s phone number. They showed that a website could collect this information and, in some cases, perform a reverse phone number look up. The “reverse phone number look up” reveals information such as first & last name and sometime the user’s address.
The solution presented [9] is for the mobile network operators to not inject this data into the headers. Alternatively, the data would only be included in the mobile carrier network and only be sent to currently authorized third parties. The user has no way to prevent this from happening.
Some security vulnerabilities were presented [8] in accessing social networks from mobile phones in which private information can be accessed by a third party. Three classes of privacy and security problems associated with mobile social networks were identified:
1. Direct anonymity issues
2. Indirect or k-anonymity issues
3. Eavesdropping, spoofing, replay, and wormhole attacks.
Further, [2] stated that “the current development of technologies has neglected to maintain the protection of individuals’ sovereignty over his/her private sphere and particularly individuals control over personal data that the real non-electronic world naturally and culturally provides.”
User Concerns
A study performed [10] revealed issues in the following classifications - personalization, notice/awareness, information transfer, information collection, information storage, and access/participation.
The top concern was information transfer, followed by notice/awareness, then information storage and access/participation; the fifth top concern is information collection and finally the least concern is personalization [10].
Personalization is when a website changes based on the users behavior. Even though this is the least of users’ concerns, users were concerned about personalization in 2002 and even more in 2008 [10]. This could be from the users’ perceived feeling of being a victim of the websites targeting.
It was stated [2] that “privacy can only be effectively protected by a holistic approach comprising both legal and technical means of protection.”
Conclusion
Through the research presented in this paper, it is shown that privacy threats exist on the Web and on Mobile Devices. These threats were identified and a summary of them was presented. It was also shown that there are some ways to potentially prevent some of these threats either through individual or collective means.
References
[1] I. Goldberg, D. Wagner, E. Brewer. “Privacy-enhancing technologies for the Internet” http://www.cs.berkeley.edu/~daw/papers/privacy-compcon97-www/privacy-html.html
[2] S. Fischer-Huebner. “Privacy Risks and Challenges for the Mobile Internet”
[3] W3C, Platform for Privacy Preferences (P3P) Project, http://www.w3.org/P3P/
[4] The Privacy Act of 1974 http://www.justice.gov/opcl/privstat.htm
[5] The Computer Security Act of 1987 http://www.cio.gov/documents/computer_security_act_jan_1998.html
[6] FTC, Fair Information Practice Principles http://www.ftc.gov/reports/privacy3/fairinfo.shtm
[7] C. Purchell, J. Zhan. “Adapting US Privacy Laws to the Internet: Is Patching Enough?”
[8] A. Beach, M Gartrell, R. Han. “Solutions to Security and Privacy Issues in Mobile Social Networking”
[9] C. Mulliner. “Privacy Leaks in Mobile Phone Internet Access”
[10] A. I. Anton, J. B. Earp, J. D. Young. “How Internet Users’ Privacy Concerns Have Evolved since 2002”
[11] Missouri Attorney General. http://ago.mo.gov/ConsumerCorner/blog/10407/Credit_freeze_may_become_law_and_cheaper_in_Missouri/
[12] US Department of Health & Human Services, HIPAA Privacy Rule. http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/index.html
[13] Information Shield, United States privacy Laws. http://www.informationshield.com/usprivacylaws.html
[14] US Constitution, http://www.house.gov/house/Constitution/Constitution.html
[15] Declaration of Independence, http://www.archives.gov/exhibits/charters/declaration_transcript.html
[16] Bill of Rights, http://www.archives.gov/exhibits/charters/bill_of_rights_transcript.html
[17] Google, Policies & Principles. http://www.google.com/policies/privacy/preview/
Monday, March 12, 2012
Subscribe to:
Posts (Atom)