Image captionAs the volume of personal data in the cloud increases, so does the level of ID fraud
Technology of Business
When Max Schrems, an Austrian privacy activist, requested to see his personal data that Facebook stored on its servers, he was mailed a CD-ROM containing a 1,222-page document.
That file, which would stretch nearly a quarter of a mile if printed and laid end-to-end, offered a glimpse into Facebook's appetite for the private details of its 1.65 billion users.
The information included phone numbers and email addresses of Mr Schrems' friends and family; a history of all the devices he used to log in to the service; all the events he had been invited to; everyone he had "friended" (and subsequently de-friended); and an archive of his private messages.
It even included transcripts of messages he'd deleted.
But Mr Schrems, who says he only used Facebook occasionally over a three-year period, believes a sizeable chunk of information was withheld from him.
Image copyrightGETTY IMAGES
Image captionMax Schrems has so far filed two lawsuits against Facebook’s privacy policies
He received data records for about 50 categories, but believes there are more than 100, he tells the BBC.
"They withheld my facial recognition data, which is a technology that can identify me through my pictures. They don't disclose tracking information either, which is the even creepier stuff they do - things like whether you've read a webpage about a sports car and how long you read it for."
Image captionFacebook can even track non-members' internet usage
Mr Schrems' experience vividly illustrates the challenges we face in a digital age full of messaging apps, social networks, tailored search engines, email clients, and banking apps, all collecting personal data about us and storing it, somewhere, in the cloud.
But where is all this data exactly, how is it being used, and how secure is it?
The Big Four
More than half of the world's rentable cloud storage is controlled by four major corporations. Amazon is by far the biggest, with about a third of the market share and more than 35 data centres throughout the world.
The next three biggest providers are Microsoft, IBM and Google, and each of them adopts a similar global pattern of server farms.
Image copyrightD SVANTESSON
Image captionProf Dan Svantesson says having data stored in multiple jurisdictions can cause legal issues
Several of these major public cloud providers habitually duplicate user data across their networks. It means that information uploaded to the cloud in, say, the UK or the US, is likely to be transferred at some point to servers in major cities around the world, from Sydney to Shanghai.
The problem with this, says Prof Dan Svantesson, an internet law specialist at Bond University, Australia, is that "there is always a risk that the country your data goes to doesn't have the same level of protection [as your own].
"If your data ends up in another country, it can be unclear who has access to it, be it network providers or law enforcement," he says.
Benjamin Caudill, a cybersecurity consultant at Rhino Security Labs in Seattle, also has concerns about how this data is distributed.
Image captionBenjamin Caudill believes major cloud providers don’t always know where all your data is stored
"No-one really quite knows how the sausage is made," says Mr Caudill, whose work includes testing firms' defences though "ethical hacking".
"It's very difficult to understand where your data is stored. A lot of times the companies themselves aren't sure where all the data could reside."
He says a client of his, who was using Microsoft's Azure cloud service, fell victim to a hack - all data and back-ups were deleted.
Image copyrightGETTY IMAGES
Image captionGoogle's data centre in Taiwan is not all computer servers - a lot of cooling is needed too
But after some digging, it emerged that a portion of the lost data had been stored elsewhere on Azure's servers. While that was a relief to Mr Caudill's client, the apparent random nature of data placement across Microsoft's servers didn't fill him with confidence.
"No-one really knows how secure the cloud services are from the major providers," says Mr Caudill, who suspects that "both Amazon and Azure have had major security compromises at some point."
For their part, all the big public cloud providers say security is a priority.
At Google's server facility in South Carolina, for example, guards patrol the doors and employ biometric iris scanners at the entrances to the inner sanctum. Underfloor laser beams detect intruders.
But none would say they've never had security breaches.
Image captionGoogle's data centre in Finland underlines the sheer scale of such facilities
A Microsoft spokesperson told the BBC: "Microsoft has a customer commitment to help safeguard customer data and empower them to make decisions about that data. We recommend customers visit the Microsoft Trust Center to learn more about how their data is managed and kept secure."
Amazon emphasises that customers "retain ownership and control of their content. They choose which location to store their data and it doesn't move unless the customer decides to move it."
This ability to choose which region your data is stored in is proving increasingly popular with firms, particularly in the European Union where the new stringent General Data Protection Regulation is due to come into force in 2018.
Post at your peril
But we consumers often don't have this luxury.
"The data of your Gmail account is absolutely on more than one server. It's absolutely in more than one country," says Prof Svantesson.
But why should we care?
Image captionIs duplication of data across multiple sites make hacking more or less likely?
The more of our data that's out there scattered throughout the world, the more vulnerable it is to hackers, argues Mr Caudill - a supposition borne out by the fact that identity fraud is on the rise.
As people continue to upload their digital information online, into a marsh of territorial legal complexities and undisclosed national security protocols, Prof Svantesson offers some practical advice - which many people still do not follow.
"I would suggest never putting anything sensitive on the cloud, such as credit card information, or personal images that you don't want others to see.
"Some things you should just leave to yourself," he advises.
Microsoft has announced that Windows 7 and 8.1 will receive cumulative updates once a month instead of individual ones from October 2016.
You may recall that this was a trick already used by Microsoft to bury a version of its GWX nagware last year, secreted as it was inside an important security update.
The company explained in a Microsoft TechNet blog post that this is an extension of the 'Convenience Rollup' that was first introduced for non-security updates earlier in the year.
"By moving to a rollup model, we bring a more consistent and simplified servicing experience to Windows 7 SP1 and 8.1, so that all supported versions of Windows follow a similar update servicing model," the post stated.
"The new rollup model gives you fewer updates to manage, greater predictability and higher quality updates. The outcome increases Windows operating system reliability by eliminating update fragmentation and providing more proactive patches for known issues. Getting and staying current will also be easier with only one rollup update required."
The changes will also include security releases as part of the Patch Tuesday cycle.
"Also from October 2016 onwards, Windows will release a single security-only update. This update collects all of the security patches for that month into a single update. Unlike the Monthly Rollup, the security-only update will only include new security patches that are released for that month," the post said.
"Individual patches will no longer be available. The security-only update will be available to download and deploy from WSUS, SCCM and the Microsoft Update Catalogue.
"Windows Update will publish only the Monthly Rollup – the security-only update will not be published to Windows Update. The security-only update will allow enterprises to download as small an update as possible while still maintaining more secure devices."
The downside is that it will reduce the ability for administrators to control which updates are installed and which are not.
This could be seen as Microsoft's attempt to make it more appealing for users to move to Windows 10, growth of which appears to have stalled since the free download deadline passed.
Brands have recognised the importance of social media as a communication tool, steering away from using it strictly as a promotional tool and more of a way of engaging with their consumers, in a less corporate and more approachable way.
Old methods of customer service include filling in a contact form, making a phone call or dealing with someone in person but each of these methods has its disadvantages, for example the time it takes to complete customer contact forms. Firstly, filling out a lengthy form isn’t always easy and is particularly tedious on a smartphone; then you have to wait around for a response – if someone even gets back to you at all.
Social media is more accessible to most people, offering quick, personal responses that require little effort and with more people turning to social media to voice complaints, or ask questions, it is vital that companies start using it as a customer service gateway.
Ability to listen
As social media moves away from being a promotional broadcasting tool, brands are realising that talking is no longer as important as listening when it comes to customer engagement. Unlike other means of customer service, such as emails and phone calls, brands are able to “listen in” to what consumers think of their brands in real-time.
By listening to their customers on social media, a brand can establish a few things about their business that will go towards improving it – for example, sentiment. Sentiment is the tone of conversation about a brand, either negative or positive. This can be monitored by tracking brand mentions, including those without the @ symbol and those that are spelt incorrectly.
Discover the logic behind the negative conversations and identify areas in the business which need to be developed and/or improved. This proactive approach will keep brands ahead of the curve and reduce any negative direct contact from consumer.
Customers don’t like to be kept waiting, particularly when they are angry or in need of answers urgently. Traditional methods of customer service often come with unavoidable waiting times, holding times on phone calls, or the period one has to wait for an email response. The longer it takes to respond to consumers, the more irate they will become.
Social media provides the opportunity for brands to give an immediate response. It is unrealistic to expect smaller companies to monitor their social media accounts 24/7 but the response time of social accounts is generally faster than emails to generic customer service email addresses.
Customers can post on the brand’s page wall, tag the account in, or even send direct messages – although the latter is private the other two methods are not. Thus it is also in the best interest of the brand to be responding speedily to this type of communication compared to traditional methods. The longer a negative comment is left unanswered, the more people it will reach and possibly influence, which risks tarnishing the brand’s reputation.
A slump in oil, gas and other commodity prices over the past two years has left lower helicopter prices in its wake. In economies like Brazil’s, which are heavily reliant on volatile commodities prices, demand for corporate use copters has grown soft. And while companies that extract natural resources often rely on choppers to survey prospective mines and oilfields, they’ve recently been warming to drones, which can be less expensive.
Now, a used 2010 Bell 407 helicopter, a mid-size model that can work for corporate use or for mining operations, is fetching $1.69 million this month, down more than 13% from two years ago, according to helicopter appraisal firm Helivalues.
“The civil and parapublic [helicopter] market still looks pretty awful,” Thomas Enders, chief executive of Airbus Group, said during an earnings call last month. Airbus produces about a quarter of the world’s rotorcrafts, according to Forecast International, an aerospace-market research firm.
Helicopters generally hold their value much better than cars. The latest downturn is notable because rotorcraft production has declined—an important gauge of demand, since producers often have buyers lined up when the parts come together on the factory floor. Global rotorcraft production will likely total just 1,050 in 2016, which would be the fewest in at least a decade, according to Forecast International.
But the cheaper helicopters could be a boon to companies that offer shared rides on the aircraft, like Uber and Blade. Not to mention for wealthy private citizens looking for new ways to travel.
Finding a helicopter is easy, if you have some money to burn. A 1981-made 109A by Italian manufacturer Leonardo, currently sells for just $220,000, down by close to 50% from two years ago, Helivalues data show. And for a rock-bottom $100,000 you can get the helicopter frame—but likely need to replace most of the parts.
The real hard part is finding a helipad. And a pilot. And a hangar. And a community that will allow for your noisy arrival.
“You can’t really land in your backyard,” says Ray Jaworowski, a senior aerospace analyst at Forecast International.
Author Cathy Davidson famously wrote in a book entitled "Now You See It" that 65 per cent of children will end up in roles that have yet to be created – and those jobs may be appearing far sooner than you think.
This outlook is by no means a new one. In 1930 one John Keynes wrote about a world where grandchildren would be richer than their grandparents – but thattechnological unemployment would be a "new disease as our discovery of means of economising the use of labour would outrun the pace at which we can find new uses for labour.”
But while many go on to divulge how numerous jobs will become obsolete as a result, author Cathy Davidson suggested it made room for new roles to be created – with some already on the verge of making an appearance. So for those curious to know what type of roles you'll soon be looking to fill, we tapped into Microsoft Surface and The Future Laboratory research – and here's what we found.
Human body designer
Engineering advances will extend the average healthy human life as the growth of replacement tissues and organs becomes an everyday and affordable proposition. HBDs will use bio-engineering know-how to create a huge range of customised human limbs.
Virtual habitat designer
By 2025, millions of us will spend hours each day working and learning in virtual reality environments. A VHD will design and create these worlds. “These designers will be the superstar pioneers of the industry, leaving behind game design and joining product teams to create exciting new entertainment, work and learning environments,” suggested Dave Miller, recruiter at Artefact.
Ethical technology advocate
There will be an extra 55,790 new jobs in the field of robotic engineering by 2018 alone, research by Recruiter.com has revealed. An ETA will negotiate our delicate relationship with the robots by setting the moral and ethical rules under which the machines operate and exist. Essentially, they'll ensure we don't have an "I, Robot" situation on our hands.
Digital cultural commentator
In ten years’ time, visual communication will dominate social media. This is already apparent with Instagram set to grow 15 per cent in 2016 compared to just three per cent for the wider social network sector. DCCs will effectively communicate entire stories through an image alone.
Terrible news shook the web the other day, as reports surfaced of a new ransomware virus circulating the web.
A new version of the infamous Locky ransomware has been unleashed upon users worldwide, affecting computers all across the globe from the USA to Mexico, Japan, Germany, and beyond. The unwelcome arrival of the new virus was first reported yesterday here and was later confirmed by another source.
It works like most ransomware does, seizing the files on a victim’s PC and encrypting them. Much like its predecessor, Locky, the new virus changes the name of the files to its own extension: .zepto, which is why it has now become known as the Zepto Virus.
Once the encryption process is complete, the virus then changes the desktop image to a ransom note, informing the affected user of the actions that had taken place and providing instructions as to how the victim can receive the decryption key. It also creates files with the same information in each of the encrypted folders titled “_HELP_instructions.html”.
The amount demanded by the hackers in exchange for the key is 0.5 Bitcoins, which is roughly the equivalent of $300; however, it is likely that that number will be substantially increased in the event large businesses or organizations are affected.
At this point, there is no known way of breaking the encryption, but cyber-security experts are already working on cracking the .Zepto code. As was the case with .locky, this new ransomware uses the strong RSA-2048 and AES-128 ciphers.
Users are advised to take extra precautions when browsing the web and especially when dealing with newly received emails. This is the way ransomware is most commonly distributed, so be especially critical towards spam emails, more so if they come with attached files.
If you have fallen victim to this rapidly spreading virus, it’s not advisable to give in to the hackers’ demands and pay the requested ransom. This practice is what stimulates the cybercriminals to continue with their illegal activities and there are no guarantees that you will receive any decryption key.
Instead, you can try using the following removal instructions that would hopefully help you locate and delete the .Zepto virus. Other than that, there is little else to be done than wait for a working decrypter to be released in order to recover your files.
These apps will show customers which banks may offer the best account, based on their own borrowing patterns.
Banks will also have to set maximum monthly fees for unarranged overdrafts.
However the CMA decided against a cross-industry cap, leaving individual banks to set their own charges.
And there will be further measures to encourage people to switch accounts.
"The reforms we have announced today will shake up retail banking for years to come, and ensure that both personal customers and small businesses get a better deal from their banks," said Alasdair Smith, chair of the CMA's retail banking investigation.
"Our reforms will increase innovation and competition in a sector whose performance is crucial for the UK economy."
The consumer group Which? welcomed the report, but said it was questionable whether the measures would be enough to promote more competition.
Under what the CMA calls its "Open Banking programme", banks will be required to make it possible to share customers' data on new apps.
Individual customers will have to give their consent before this happens.
The method of accessing their data - Application Programming Interface (API) - is used by the likes of Facebook and Uber.
It will enable customers to see information about prices, standards and the location of High Street branches.
Above all it will allow consumers to see which bank is cheapest, given their particular pattern of borrowing.
Mr Smith said: "Our central reform is the Open Banking programme to harness the technological changes which we have seen transform other markets.
"We want customers to be able to access new and innovative apps which will tailor services, information and advice to their individual needs."
The emphasis on new technology was welcomed by the banking industry.
"Customers and businesses have already found digital banking hugely convenient and have taken advantage of mobile technology that is allowing us to bank round the clock," said chief executive of the British Bankers Association, Anthony Browne.
"We are pleased the CMA has reflected that in its recommendations," he said.
However the British Chambers of Commerce (BCC) warned about the dangers of sharing data.
Suren Thiru, Head of Economics and Business Finance at the BCC said the CMA should "tread carefully in the sharing of data by finance providers via the Open Banking programme, to ensure that businesses retain control over who has access to their data - otherwise any trust between lenders and businesses could be destroyed."
All the banks will be required to introduce a Maximum Monthly Charge (MMC) - set by themselves - to limit the costs of an unarranged overdraft.
At the moment most banks cap overdraft fees, but then add on interest payments.
The MMC will include debit interest - typically charged at up to 20% a year - and unpaid item fees.
The CMA said this would make different bank accounts easier to compare, and cut through the complexities of overdraft charges.
Media captionChair of the CMA Alasdair Smith outlines plans to create "open banking"
However Which? said banks would still be free to charge what they like.
"It is disappointing that the monthly charge cap is not actually a cap and banks will be allowed to continue to charge exorbitant fees for so called unauthorised overdrafts, rather than protect those customers that have been identified as among the most vulnerable," said Alex Neill, director of policy and campaigns at Which?
The CMA also ordered new measures to encourage more people to switch their accounts to other providers.
It said only 3% of personal customers move their accounts each year. Recent figures show the number of people switching actually going down.
As a result there will be:
a new regulator to oversee the Current Account Switching Service (CASS).
a longer period during which transactions will be redirected from the old account to the new - currently set at three years.
a "long-term" promotional campaign to encourage more switching.
Banks will also be required to send customers text alerts, whenever they go overdrawn - something which most banks already do.