More on the Sony hack and the weekly roundup in tech and retail

News and commentaries

Another week passes and the breadth of the Sony hack is further revealed. This week, disparaging emails about actor Angelina Jolie and racist remarks via emails from top executives surfaced. Beyond the embarrassment and the scrambling for public apologies, Sony also has to deal with the consequences from the exposure of its payroll records. Unfortunately, this is only a sliver of the amount of information that was stolen by the group known as Guardians of Peace. The group reportedly stole 100 terabytes of sensitive information and has since issued demands to Sony; these demands are not yet publicly disclosed. Imagine. That. This means that every week, the group can keep exposing sensitive information and Sony will have a public relations disaster and potential financial fallouts for months to come.

The lesson for you and me? As I have said here in the past, the security of any service you use is only as strong as the precautions that you, as a user take. Create strong passwords, change them frequently, use two-factor authentication whenever possible, use different passwords for different sites and so on. Most of us know this. The question is, do we really stick to it.

Here are this week’s most relevant news in tech and retail:

In tech:

  1. File sharing service Pirate Bay was taken down after a raid by police in Sweden
  2. Alibaba-backed social media app, Momo Inc. shares surge in NASDAQ IPO
  3. Adobe Systems reports better-than-expecting earnings of 14 cents a share on revenues of $1.073B; signs a deal to buy stock photo service Fotolia for ~$800M in cash
  4. Uber news: SF and LA files civil suit against company for making “false or misleading statements”; China’s search giant Baidu to invest $600M in Uber
  5. Google replaces Twitter as best tech employer in the US; removes Amazon’s app from the Play Store

In retail:

  1. US retailers report jump in November sales, core November sales up 4.4% from year earlier
  2. Lululemon Athletica shares surge Thursday after delivering mixed Q3 results and lowers full-year sales for 2014 but increases per-share profit for 2014
  3. Canada’s Hudson’s Bay Co double retail sales for the third quarter, fueled by sales from recently acquired Saks Inc.
  4. Teen clothing retailer Delia’s files for Chapter 11 bankruptcy protection; Wet Seal could be next
  5. One of India’s e-commerce sites, Snapdeal acquires recommendation platform, Wishpicker, for an undisclosed amount

Apple’s iCloud hack and the weekly roundup in tech and retail

News and commentaries

Unless you’ve been living under a rock (nothing wrong with that, by the way), you would have read/heard of an iCloud hack that led to exposure of several nude celebrity photos. Somehow, almost every article on this prominently features Hunger Games’ and X-Men actor, Jennifer Lawrence, who is simply one of many victims. 4Chan, the fringe and meme-generating site where the photos were posted, subsequently changed its policy to be more DMCA-compliant and will now remove content after an “infringement notice”. It’s most likely a defensive move against possible lawsuits from the victims involved.

I used to have the iPhone, from the first generation up to the iPhone 4s. When iCloud was launched in 2011, I was quite skeptical of Apple as a cloud storage company and did not even think of turning it on my phone. In 2012, around the time when I upgraded to the 4s, I considered turning iCloud on until I read an article about a writer whose digital life was pretty much erased due to security loopholes in his Amazon and Apple iCloud account. To be clear, the author’s way of daisy-chaining several online accounts were far from ideal but that cemented the idea in my mind that Apple’s iCloud is far from secure.

The recent hack turned out to be a targeted effort to gather the celebrities’ usernames, passwords and security questions and not a breach of iCloud itself. However, it brings us again to the vulnerability of using security questions to recover passwords. In fact, just a few days before the hack, security researchers released a Python script on GitHub that would allow for brute force to guess passwords via Apple’s Find My iPhone service. Apple has since patched the vulnerability but denies security flaws with the iCloud. On that note, whenever available, use multi-factor authentication for your online accounts – the pain is more than worth it.

Read on for this week’s most relevant news in tech and retail.

In Tech:

  1. Celebrity iCloud accounts hacked in a targeted attack leading to nude photo leaks; no security breach on iCloud according to Apple*
  2. United States installs a new Chief Technology Officer: Google(x)’s Megan Smith
  3. Motorola’s Android Wear Moto 360 launched and ready to ship while Apple gears up for possible iWatch and iPhone 6 launch next week
  4. Google rebrands Google Enterprise into Google for Work
  5. Healthcare.gov was breached; no consumer data were taken or viewed

In Retail:

  1. LVMH will relinquish most of 23.2% stake in Hérmes after a four-year battle and will not acquire any shares for the next 5 years; LVMH also ends a 10-year dispute over Google’s search results on counterfeit goods online; the two companies will sign a cooperation agreement to fight sales of counterfeit goods online
  2. Eyewear company, Safilo ends license deal with Gucci two years early after signing a deal with Kering
  3. Permira sells €850M worth of Hugo Boss shares equivalent to 11.2% of share capital; Hugo Boss AG shares fall
  4. Amazon partners with US Mail to deliver groceries in Seattle, Los Angeles and San Francisco
  5. European fashion retailer Zalando, currently valued at $5.3B, announces IPO on the Frankfurt Stock Exchange later this year; IPO offering will sell 10-11% of the company

*For such a large tech company that increasingly handles large amounts of data (iCloud, me.com, mac.com, iTunes), Apple is not transparent about the security features of its services. Worse, the Electronic Frontier Foundation (EFF) has found that Apple does *not* encrypt email transfers in what is known as the STARTTLS protocol. For all its might, Apple is still a hardware company and they better catch up soon especially when it comes to security.