If you are an international Google Voice user then beware of clicking the little “upgrade your account” button from within Google Voice. Doing so may render your ability to access the Google Voice web site obsolete.
If you’re not in the US and you want to add credit to your account, make sure that you DON’T CLICK the “Upgrade your account” button from Google Voice. This feature is only useful if you are in the US, since it lets you get a Google Voice number. Unfortunately, if you click on that button and you’re not in the US, you’ll no longer be able to buy credit.
There does not appear to be an easy way to downgrade your account once you have opted for the upgrade. The Google Operating System article does mention the upgrade may be cancelled by using a U.S. based web proxy server but that is a little cumbersome for the average non-techie internet user.
All is not totally lost however. Although the Google Voice web site itself becomes inaccessible, phone calls initiated from within Gmail still appear to function. Hopefully Google will fix this and simply hide the “upgrade your account” button from international users. Doing so will create less confusion and not cause users to inadvertently prohibit access to their own accounts.
An academic research paper by University of Pennsylvania researchers claims touch screen phones may be vulnerable to smudge attacks, a new form of security vulnerability based on the oily residue left on the screen. The researchers claim malicious attackers may be able to ascertain a certain amount of information, such as inferring a password used by the devices owner, left by the smudges left on a touch screen.
The researchers took photos of screens and used a program to analyze the photos closely. They found they could figure out the password over 90 percent of the time. The study used Android phones, which use a graphical pattern to allow users to unlock the phone. Phones included the Nexus 1.
The study also found that “pattern smudges,” which build up from writing the same password numerous times, are particularly recognizable.
While it sounds somewhat plausible, I find it hard to believe that practical use of this vulnerability, assuming it is even an issue, will result in widespread exploits. The attackers would have to gain physical access to the device in order to make use of the exploit, and most bad guys prefer to do their dirty deeds from afar. This is not to necessarily downplay the issue but to speak towards the reality of the situation.
It should be worth watching to see if any true security issues ever come from this research. I applaud the University of Pennsylvania team for conducting some very exhaustive investigative work, and some very informative and interesting research, but the reality is this “vulnerability” is a non-issue right now.
I ran across an interesting article on TechDirt this morning about a couple of bloggers who were playing around with a microscope and the US Visa and Border Crossing Card. What they found was quite interesting. On the back of the card is a strip of tiny etchings of every U.S. president and all the state flags. Nothing overly exciting, right?
The label for the 6th president of the United States is actually printed as “John Quincy Adames” – yes, you read that correctly. There apparently is a typo on official U.S. government documents. An “e” was either accidentally or purposely added to our sixth presidents last name.
That seems like a pretty big mistake. However, some are suggesting that it was done on purpose. In the comments to the Notcot post, two specific theories are presented: the first is that JQA changed his last name to distinguish himself from his father. Doing some quick searches around various bios of Adams, however, shows absolutely no support for this one. Even the White House’s own page on JQA spells it Adams and makes no mention of such a change.
The explanation TechDirt proposes is that the misspelling is a form of fraud and/or counterfeit detection. This makes sense and is the most plausible reason for the “error” assuming this is not an error. On such a seemingly innocuous document there has to be a variety of counterfeit detection options, similar to how U.S. currency has a number of security features.
No matter what the explanation, it is interesting this has never been found until now. It is also intriguing to see the lengths our government will go to protect its very own products, even something as relatively unimportant as the US Visa and Border Crossing card.
