Insights For Success

Strategy, Innovation, Leadership and Security


The best way to share your location with friends or family

GeneralEdward KiledjianComment

Let's say you are meeting friends at a large outdoor concert, how do you provide your location? A street address may get them to the entrance gate, then what? What3words has proposed a solution that solves the issue of finding exact locations on a map?

What3words has divided the entire planet into 57 trillion 3mx3m grids and assigned each grid a unique three-word "address".  

If I want to meet friends at the entrance of Union Station in Toronto, I can search for "Union Station" in Google maps, and it will take me to the building but not necessarily the front entrance:


Or I can give my friends the What3Words address for the main entrance 3mx3m square which is: tens.listed.surviving


The What3Words address takes them directly to the entrance where I want to meet them. No ambiguity and no confusion.

In most western countries, we have mailing addresses but these aren't always easy to find. The most accurate mechanism has been latitude and longitude (which would look like this 43°38'43.3"N 79°22'51.9"W). Obviously, the three-word descriptor is easier to communicate and remember than the latitude/longitude. 

The entire world is mapped using about 40,000 words (it is available in multiple languages including French, Spanish, Arabic and more). Obviously, great care has gone into choosing the words to ensure there is nothing offending and no double meanings.  They have assigned more common words to locations in major centers. 

What3Words claims their tech is being used in over 170 countries by dozens of organizations from delivery companies (Aramex) to disaster relief coordination in the Philipines by the Red Cross. 

The entire mapping can be downloaded for use offline and consumes about 10MB of space. They are partnering with companies to build this tech into third-party apps. 

I really think this is a wonderfully unique approach to a problem everyone experiences and I hope more companies start using the What3Words technology. In the meantime, you can download their free Android and IOS app to get started. You can find the What3Words location address or navigate to any What3Words address (using your favorite Nav app installed on your IOS or Android phone (Google Maps, Apple Maps, Waze).

Android App showing the entrance of Union Station

Android App showing the entrance of Union Station

Once you enter a three-word address, you can click on the navigate app and it will send the exact GPS coordinates to the location to any GPS app installed on your device.

Once you enter a three-word address, you can click on the navigate app and it will send the exact GPS coordinates to the location to any GPS app installed on your device.

Once you enter a three-word adress, you can share the exact location using any messaging app installed on your smartphone (Google Messages, Facebook, Whatsapp, etc). 

Once you enter a three-word adress, you can share the exact location using any messaging app installed on your smartphone (Google Messages, Facebook, Whatsapp, etc). 

Install IOS Update 10.3.3

GeneralEdward KiledjianComment

As mentioned in my various articles, keeping your operating system and applications updates is a critical component to good overall security. 

Apple released IOS 10.3.3 yesterday, and amongst all of the bugs it fixes, there is one nasty security vulnerability that justifies installing it now. Right now. Do it. I'll wait. Come on, we don't have all day. 

Put Apple's banal sounding description aside for a second ("A memory corruption issue was addressed with improved memory handling".) This vulnerability comes from the Broadcom BCM43xx wifi chipset (CVE-2017-9417) and allows an attacker to execute code on the targeted device with kernel privileges.

To be clear, millions of Android smartphones (e.g. HTC, LG, Nexus and most Samsung devices) are also vulnerable to the BroadPwn vulnerability. 

Google also issued the BroadPwn fix in its July patch bundle (you are receiving the security updates for your phone right?)

The Workflow IOS Automation app is now free

GeneralEdward KiledjianComment

Automation can be help with simple tasks like converting a webpage to PDF or can become a complex monster saving you hundreds of hours a year. Until the Workflow app came to IOS, true automation was an Android only benefit.

The $5 app is now permanently free because Apple acquired them

The Workflow app has been around for a couple of years and is a distant cousin (functionally) to IFTTT. It allows users to string together a series of actions, tasks, conditions and inputs and perform all kinds of useful tasks.

It can:

  • Encode media
  • Record Audio
  • Post on social media
  • Automate app functionality where a URL scheme is exposed
  • Send emails
  • Pull RSS feeds
  • much much more

What we don't know yet is what Apple will do with the team and the app. It was made free but there is always the risk Apple will kill the app and move some of the functionality to:

  • a new Apple branded app
  • into a new version of IOS
  • into a new service running on iCloud

You should download the latest IOS upgrade now

GeneralEdward KiledjianComment

There is no such thing as bulletproof security. If a well funded, technically competent and determined adversary is targeting you, they will get in. Your job is to make their life as difficult as possible by using passwords that are complex (difficult to guess) and by keeping your software up to date.

Apple has been a good steward of IOS security and regularly releases patches to protect its user base. Today we were gifted IOS 10.2.1 which is an out of plan upgrade I recommend you download asap.

IOS 10.2.1 includes some important security protection that you definitely want to get. These security fixes touch WebKit (the rendering engine for Safari) and protect against arbitrary code execution using kernel privilege (aka an exploit using this flaw could take complete control of your device).

This complete control thing is why you need to download it now. A skilled threat actor could use this to install/delete apps, copy files and spy on you. The Webkit flaws also allow an attacker to run arbitrary code. 

Looks like many of the vulnerabilities were discovered by Google's Project Zero security research team. Obviously finding these required extremely skilled professionals but these high grade specialists work on both sides of the fence (some are white hats and others black hats). Due to the nature and complexity of the vulnerabilities, anyone exploiting them would be a nation state actor but an ounce of protection is worth a pound of cure.

To upgrade IOS, open the Settings applet and choose General > Software Update

A free anonymous (TOR) Web browser for IOS

GeneralEdward KiledjianComment

I have written plenty of articles about TOR over the years:

Is TOR really anonymous

We know that large scale government actors that control many of the TOR exit nodes have techniques to deanonymize TOR traffic, but this is still difficult to do and TOR is still the most reliable web anonymization technique available.

The Onion Browser

The Onion Browser was released ion 2012 by a developer that wanted to scratch his own privacy itch on IOS. Like many good products, the developer (Mike Tigas) built something he needed and published it at the cheapest rate ($0.99) Apple would allow [just to see what would happen].

Mike started working for ProPublica in 2016 and decided to to give up his In a blog post he says :

Given recent events, many believe it’s more important than ever to exercise and support freedom of speech, privacy rights, and digital security; I think now is as good a time as ever to make Onion Browser more accessible to everyone.
— Mike Tigas

The team behind my favorite Android TOR products The Guradian Project (OrBot and OrFox) has decided to support the Onion Browser. The most visible change will be a full app rewrite with a new interface. 

Additionally Onion Browser is the TOR project recommendation for IOS.

I would say go and download it now.