Insights For Success

Strategy, Innovation, Leadership and Security


What you need to know about the new Apple Watch Series 3

GeneralEdward KiledjianComment

The biggest change to Apple's smart watch lineup is the addition of LTE connectivity (a $70 option over the non-LTE Series 3). This new Dick Tracy style watch will allow you to make phone calls (with your same number), send and receive messages, use internet connected apps and stream music from Apple Music. 

The new OS, which will work on all devices, brings improved exercise and heart tracking, Siri finally can speak back to you. 

The heart rate functionality is dramatically improved tracking your heart-rate pre-working (resting), during and post-workout. It will show how your heart health is improving over time ( faster recovery, better resting heart rate, etc.).

They have also created a new standard that will allow your watch to talk to new types of gym equipment. This means your watch will be able to log gym equipment data (speed, incline, etc.).

The Series 3 Apple watch has the same dimensions as the existing Series 2, and they promise similar battery life. You will be able to pre-order the new watch this Friday (September 15). 

We'll have to wait and see what carriers charge to add this new device to your smartphone plan. Hopefully, it won't be $10 a month.

New US Border Control rules for Canadians

GeneralEdward KiledjianComment

Since the tightening of US border entry rules, readers have been emailing asking:

What should I do when crossing the USA / Canada border?

Canadian readers (and non-US) travelers to the US wanted to know what the new tighter controls mean when crossing into the US. 

The first important truth most travelers need to accept is that "entering another country is a privilege and not a right". Although the controls may have tightened a bit, they haven't changed materially. Having visited over 40 countries in the last 30 years, I accept the fact that anytime I cross a national border, I am subject to the controls of that country and prepare accordingly.

The cardinal rule of information security is "know your risk". The first step is to determine all your risk factors (status entering that country, data you will be traveling with, travel history, your background, travel risk level of the region you are entering, etc).

Before you leave

  1. Minimize the amount of information you travel with. People often forget the treasure trove of information they carry on a daily basis. Your smartphone (as an example) contains all your contacts, login information for all your social networks, health information, GPS location history, networks you have connected to, etc. Anytime you cross a border (not just the USA but this applies to any national border crossing), the agents are tasked with protecting that county and may "take" any information you are entering the country with to determine your traveler risk. Do not take anything you wouldn't want to hand over.
  2. Minimize the amount of devices you travel with. This may sound stupid but I have seen business travelers cross the border with a personal smartphone, work smartphone, a personal tablet, a work tablet and a work laptop. Understand that anything you enter the country with can be seized or taken  for analysis. With all the Snowden, Vault7, Wikileak dumps, its clear that if a border agent touches your device, you shouldn't use it anymore. You should assume it has been permanently hacked. Where possible, do not bring devices with you. If you do, try to bring "disposable" devices you wouldn't mind throwing away if need be.

What should I do before crossing the border?

  1. Remove all information from your devices that you do not absolutely need to bring with you.
  2. Anything you could need, try to move it to the cloud and securely delete your local copy.
  3. Delete any apps from your smartphone for which you don't want to hand over login credentials to.
  4. If you use a password vault solution synchronized with the cloud, you may want to delete that (Lastpass, 1Password) and reinstall it after you enter the country.
  5. If you use a cloud synchronized 2-factor authentication solution, you may want to delete that (Authy) and reinstall it after you enter the country.
  6. If you can, leave the device at home. If you have a work phone, bring it with you but leave your personal back home.  Instead of bringing a tablet, try to load your content on the smartphone.
  7. If you can, travel with the least complex device possible (chromebook instead of a laptop or tablet instead of a laptop)
  8. Ensure device encryption is turned on.
  9. Turn off your devices before crossing the border.
  10. Switch the unlock mechanism from fingerprint to password based.

At the border

Never lie to a border agent. Never! Ever! Ever!

Any foreigner that refuses to comply with a border agent request (any border not just the USA) will likely be turned away and sent back to their home country. In extreme cases, you can even be bared from entering that country again.

This means that you are "forced" to comply with any request made by the border agent. If asked for your device password, you can provide it and cooperate or defy them. If you defy the request, they will likely take the device and send it for investigation while denying you entry (maybe even keeping you for secondary questioning). Either way, once you "lose control" of your device, you should assume it has been permanently hacked and that a clean re-install will not make it trustworthy again.

They may also ask you for your social media login information. Even if you do not have the app installed on your devices, they know you have an account and can ask for the credentials. Never lie. Refusing to cooperate can cause you to be detained for additional questioning and given an entry ban.

What should I do while crossing the border?

  1. Always be polite and respectful. Remember the agent is doing his/her job.
  2. Never lie. Always be truthful. 
  3. If asked to hand over a device or password, I would do it without putting up a fight. Once you are at the border, you have decided you are engaged and have to cooperate. 

After crossing the border

If your work device was accessed at the border, notify your company information security group immediately. 

If your personal device was accessed, you have to think long and hard about what you want to do. Know that there may be a permanent (un-removable) backdoor or tracker installed on the device. In some cases even a complete factory reset won't remove it. What do you want to do? In the security space, we recommend throwing the device away and buying a new one but this is a personal decision especially with a $1000 smartphone, tablet or laptop.

Also if they accessed your device or asked for your social media login information (username/password), assume they downloaded you social graph (all of your contact info and the contact info of your contacts). I would change all my social media passwords and double check my account information (email address, recovery phrases, telephone numbers, etc). Also notify your network that you lost control of your social media account and to be extra vigilant with requests and the information being shared with you. 

Other recommendations

If you travel to the US regularly, think about applying for a Nexus card (if you are a Canadian). Having a Nexus card means you have been deeply vetted and all of your fingerprints are on file. My experience has been that the Nexus has made crossing into the USA much easier. 

If you are a tech neophyte, take the time to read up on device security and security best practices. The truth is you are solely responsible for your privacy and security.

Artificial Intelligence will power the future

GeneralEdward KiledjianComment
Image by  Tristan Schmurr  used under creative commons license

Image by Tristan Schmurr used under creative commons license

The world is about to get smarter

Ask what artificial intelligence is to someone walking down the street and you will likely hear common names like Cortana, Google now and Siri.

Truth is these are not the artificial intelligence systems of the future, they are mere parlour tricks. How many times have you tried to use Siri, got frustrated and just gave up?

Future AI will be in the cloud

During Apple’s latest keynote speech, they made a big deal about performing “more intelligent” functions directly on your device. The justification for the dumbing of their AI is that they are the privacy company and privacy means your data should never be analyzed in the cloud.

Truly useful AI will be customized to the needs, wants and desired of each individual user.

I will suggest that this unfortunate position will bite Apple in the ass as it tries to compete with the other giants willing to do what it is not.

Truly useful AI

For AI to be truly useful, it must:

  • always be available everywhere you want to use it
  • be personalized and provide the information you need exactly when you need it with no fuss or complication
  • be usable as a natural extension of your everyday life

It must be everywhere

We are currently living in a siloed world where everyone tries to trap you in their ecosystem. Eventually AI will be sprinkled everywhere in everything and will follow the user.

Nowhere is the first generation of this concept more apparent than the Amazon Echo. Like many, I laughed at it, thinking it was the most absurd creation in the world. Why would I want to buy another intelligent assistant when I already had one on my phone. Then I had a chance to use it and it was a revelation. Once it is setup, the Echo disappears and you feel like you are talking to your house. I realized that the simple fact that I could talk to it without pressing a button or finding my phone was incredibly freeing.

AI of the future will be in all places, all the time. AI will be in your house, your car, your mobile device, built into your office and everywhere in between. It will be there when you want it without any cognitive stress (without having to think whether it is available).

It must be personalized

As a security leader, I am conscious of the incredibly tumultuous topic of personal privacy. Proponents say that once it is lost, it is impossible to gain back and they are right. But in order to move forward, we will need to adjust to the new reality of limited or differentiated privacy.

Truth is Siri is rather annoying. So annoying in fact that I rarely use it. Even though it is more difficult, I keep going back to the Google search app on my iPhone. Why? Because it works better. Google sees my email, calendar and location. It knows what I search for. It knows the stocks I follow and the people I interact with. Google has never been shy about using the information provided by its users. Its voice recognition engine is several generations better than Apple’s because its tools are always learning from every user interaction and those learnings are quickly made available to the entire population of customers. I am more likely to get a “good answer” from Google than Apple.

As the need for apps diminishes, the true differentiator of platforms will become intelligent AI, something Apple will have a tough time doing with its privacy stance.

Photos in IOS 10 will get much starter. It will allow you to search for some predefined scenes (beach, snow, etc) and categories of things (landmarks, dogs, etc). But the engine will only be able to index images on that specific device. Indexes will not be portable between devices and images not on a MAC, ipad or iphone will not benefit from these improvements. And searchable indexes made on one device aren't available on another.

Google Photos on the other hand has a highly evolved neural network that benefits from the hundreds of millions of images uploaded monthly by its users. It can identify not only that an image contains a dog but can determine that the the picture contains a Siberian husky. Because it indexes faces of people in your pictures, you can ask it to find a “beach picture of your aunt Gertrude taken last year in Venice”. Apple can’t do that. Apple won’t be able to do that until it changes its stance on privacy.

I will also use this space as an opportunity to remind users that although Apple protects your privacy, nothing else does. If you use Facebook with the Facebook app, it tracks were you are and what you are doing. If you browse the web, you are being tracked, by ad networks, websites and search engines. Being truly private is difficult and complicated. It requires a careful planning that the average user cannot do. Even the TOR proxy network isn’t totally private unless you take the necessary precautions. So the moral of the story is that much of what Apple is selling is security theatre.

We respond to the feeling of security not the reality
— Bruce Schneier

The last pilar is natural interaction

All of the available assistants today require you to use some standardized query format. Sure Google now supports close to 150 different queries but you still have to remember what it can do and remember to ask it, instead of performing the function yourself.

This leads to frustration and eventually you give up on that tool. The Amazon Echo is the closest to supporting natural queries but start adding skills and you will quickly forget the format it will respond to.

None of the assistants today are good but they will get better. Viv Labs (from the creators of Siri) are trying to bridge this gap by allowing the AI to automatically learn new skills when challenged and grow without human intervention. The goal is to build the skill quickly and automatically if it doesn’t already exist. This large available response set is critical. You have to subconsciously believe that it will respond correctly regardless of what you ask it

The second part of this equation is the way you interact with it. You should not be force to learn a special syntax or change the way you talk. The AI should adapt to you. It should learn your style and allow you to ask questions anyway you want and provide you the right answer (wether your are British nobility or a high school drop out from the intercity with slang based speech. It must allow you to be who you are and respond the way you expect it to respond.


The coming explosion of AI is exciting since things that are dumb will be connected and gain intelligence. Distributed highly available, customized and accurate AI will materially change the way we live. I believe it will impact humanity as much as the industrial revolution did.
Computers will disappear and everything will be be become a portal to your personal AI. Your AI profile will follow-you and will be available everywhere (from a store changing room, to your office, your car, your portable smart-device and even you refrigerator.)

Buy a Pebble SmartWatch for $89.99

technologyEdward KiledjianComment

The Pebble is a neat little watch but most don't want to pay the $119-150 price. How do you feel about paying $89.99 for it (shipping included)?

If you have access to a .edu email account (students, teachers, faculty and alumni) you can get yourself a brand new flashy Pebble smart watch for $89.99. This is the cheapest I have seen this watch and this promo is being offered by BestBuy (link).

Sorry this is a US only promo.