Discus Systems PLC - IT Support Company in Birmingham West midlands
0800 880 3360

Posted by Damien Biddulph on Wed 11th Jan 2017

Josh Coombes is a hairdresser with a huge salon: the streets of London.

The 29-year-old has been giving free haircuts to homeless people for the past year. Photos of the results are posted on an Instagramaccount which has thousands of followers.

It's part of an campaign by Josh and friends Matt Spracklen and Dave Burt, which is using the the hashtag #DoSomethingforNothing, to encourage people to help others, any way they can.

Video Journalist: Alvaro A. Ricciardelli

For more videos subscribe to BBC Trending's YouTube channel. Or find us on Facebook.

Source: bbc.co.uk
corner spacer corner

Posted by Damien Biddulph on Wed 11th Jan 2017

Tech collageImage copyrightREUTERS/GETTY/BBC

Another year of tech news is nearly over.

It has been an eventful 12 months. Samsung smartphones exploded, GoPro drones dropped out of the air and Pebble smartwatches met an untimely end.

Facebook became embroiled in a fake news controversy, Yahoo revealed several mega-breaches, we identified the supposed creator of Bitcoin - who then went AWOL - and millions indulged in a game of Pokemon Go.

Yet none of those stories made our most-read-of-the-month list - based on the number of times an article was clicked - as you can see below.

January: Licence to spy

Office workersImage copyrightTHINKSTOCK

There is a good rule of thumb: if you do not want your employer to know what you are up to online, wait until you are not on the job. And at the start of 2016, a Romanian company successfully argued it was within its rights to read Yahoo Messenger chats sent by one of its staff.

The sales engineer had claimed his privacy had been invaded as he had posted details about his health and sex life, but the European Court of Human Rights noted he had previously been warned not to send personal messages within working hours. However, later in the year, the man appealed and the case was reconsidered. The ECHR will now issue a fresh ruling in early 2017.

February: iPhone lockout

iPhone with FBI symbolImage copyrightGETTY IMAGES

Apple clashed with the FBI when it refused to unlock an iPhone used by a murderer. Syed Rizwan Farook and his wife Tashfeen Malik had killed 14 people in a shooting spree in California before being shot dead themselves. Farook's iPhone 5C was password-protected and the FBI feared that if it tried and failed to guess the combination, the device would auto-delete.

The agency demanded a bypass, but Apple refused to help saying it would set a dangerous precedent. A legal battle ensued, but then suddenly ended when the FBI declared an unnamed third party had found its own way to access the data. For now, the matter rests. But at the height of the stand-off, Donald Trump called on consumers to boycott Apple. That is likely to serve as a warning to any tech firm tempted to take a similar stance in a future dispute.

March: Amazon's shock tactics

Amazon warehouseImage copyrightGETTY IMAGES

Amazon's bosses sounded somewhat distrustful when it was reported that they had started screening videos of staff caught stealing on the job via big TVs in their US warehouses. The alleged offenders were said to have been silhouetted with the words "arrested" and "terminated" superimposed over them.

It was not the only time working conditions at the company made headlines. Earlier this month, Amazon was also accused of threatening to axe workers if they took four days off for sickness even if they had a doctor's note.

April: Google's awkward April Fool

MinionsImage copyrightGETTY IMAGES

It must have seemed like a hilarious idea. To celebrate April Fool's Day, Google added a button to its Gmail app to let users send a gif of a Minion cartoon character dropping a microphone. The meme symbolises a triumphant moment and had been popularised by rappers, actors and even a fast food chain.

So what could go wrong? Well, because of a "bug" some users reported the gif had been added even if they clicked Gmail's normal "send" button. People complained of having the yellow henchman pop up in inappropriate messages. One man even claimed it had cost him his job. Despicable Google!

May: Microsoft's "nasty trick"

Microsoft boxImage copyrightMICROSOFT

As the shutters began to close on Microsoft's free Windows 10 offer, it faced a challenge. Many were ignoring its pop-up plea to upgrade and were opting instead to stick with earlier versions of the operating system.

So, in an effort to spur them on, the firm embarked on a mischievous strategy: clicking on the cross in the pop-up's top right-hand corner no longer dismissed the Windows update but triggered it instead. The move was widely denounced and Microsoft soon added a further notification message providing users with another chance to opt out before the software was installed. The firm's chief marketing officer recently acknowledged the whole affair had been "a lowlight" for all involved.

June: Shattered glass


Media captionDan Simmons tests the world's longest glass-bottomed bridge

BBC Click's Dan Simmons was invited to visit the world's highest and longest glass-bottomed bridge ahead of its launch in China. He took a sledgehammer with him. You can view the results in the clip above. It's smashing! The bridge opened to the public in August, but was closed again a fortnight later for urgent maintenance work. We understand Dan was not to blame.

July: Self-drive death

Crashed Tesla vehicleImage copyrightREUTERS

Image captionA Tesla driver died in Florida in May after colliding with a lorry

While other car-makers talked up their self-driving vehicle plans, Tesla went ahead and deployed a restricted form of the tech. The firm described its Autopilot feature as being a "beta" test, but it faced criticism when a former Navy Seal died after his Model S car failed to recognise a tractor trailer and ploughed into it.

Weeks later, another non-fatal crash involving Autopilot occurred in the US, and then unconfirmed reports emerged from China that another motorist had died in a motorway crash while using the feature. Tesla continues to roll out updates to Autopilot and its chief executive Elon Musk says the technology has the potential to save many lives. But critics - including the German and Dutch authorities - have urged Tesla to rebrand the system to discourage drivers from putting too much trust in it.

August: Android alert

Android smartphone

Every summer, many of the world's top hackers, cybersecurity experts and government officials descend on Las Vegas for the Defcon and Black Hat conferences. To mark the events, a flurry of new cracks and bugs are revealed as researchers compete for recognition from their peers and the wider public.

This year's break-out revelation was about flaws in software used on Android devices powered by Qualcomm chips, which could be exploited to reveal their users' data. By the time the news was made public, Qualcomm had already developed a patch and Google fixed outstanding issues in an Android update released in September.

September: Hit the road, jack

Apple iPhone 7Image copyrightGETTY IMAGES

Usually new hardware is all about what has been added. But the iPhone 7 made headlines because of Apple's decision to build it without a headphone jack - a decision that took "courage" apparently. To be fair, the move helped Apple make the handset more water-resistant, and others - including Samsung - are now rumoured to be considering similar moves.

But the path to a wireless music-playing future was not totally smooth after Apple had problems getting its accompanying AirPod earphones to market after running into manufacturing issues. The hiccup has now been addressed, but a backlog in orders means many users will not be able to pop the new tech into their ear canals until the new year.

October: Snapchat slapdown

Sasha ObamaImage copyrightGETTY IMAGES

Daughters... it does not matter how powerful you are, they are still prone to gain the the upper hand. President Obama revealed on TV that his youngest child, Sasha, had recorded him "lecturing" his family on Snapchat and other social media. He said she then secretly posted her reaction - a look of boredom - to her friends via the app. The anecdote sparked a brief media frenzy as gossip writers and others sought to track down Sasha's Snapchat account, but to no avail.

November: ...now with added dongle

AppleImage copyrightAPPLE

Apple clocked up its third "win" of the year after it offered a discount on connector adapters following criticism that its latest laptops lacked legacy ports. The firm has a habit of dropping support for historic hardware standards ahead of the competition and often before many of its consumers are ready. But this time even it acknowledged that it was surprised by the scale of the backlash it had provoked.

December: Back to the phone future

NokiaImage copyrightNOKIA

Nostalgia had a certain role to play in our last popular story of the year, as Nokia revealed that handsets emblazoned with its brand are being promoted via its website once again. The Finnish firm is not actually making the mobiles this time round - a start-up called HMD Global is taking charge - but has lent its name for a fee.

Nokia itself is more interested in virtual reality and smart health tech these days. But for many, its brand, ringtone and Snake game will be forever associated with the dawn of the mobile age. Whether or not many people will actually buy one of the existing featurephones or forthcoming Android smartphones is another matter.

Source: bbc.co.uk
corner spacer corner

Posted by Damien Biddulph on Wed 11th Jan 2017


DroneImage copyrightDFID

Image captionThe Zip drones are launched from a catapult

The UK government is to fund a trial of drone-based deliveries of blood and other medical supplies in Tanzania.

The goal is to radically reduce the amount of time it takes to send stock to health clinics in the African nation by road or other means.

The scheme involves Zipline, a Silicon Valley start-up that began running a similar service in Rwanda in October.

Experts praised that initiative but cautioned that "cargo drones" are still of limited use to humanitarian bodies.

The Department for International Development (Dfid) has not said how much money will be invested in the Tanzanian effort or for how long.

It also announced plans to fund tests of drones in Nepal to map areas of the country prone to damage from extreme weather, so help prepare for future crises.

"This innovative, modern approach ensures we are achieving the best results for the world's poorest people and delivering value for money for British taxpayers," commented the International Development Secretary Priti Patel.

Nepal mapImage copyrightDFID

Image captionDfid believes that drones can help map routes in Nepal that could help if a disaster like last year's earthquake reoccurs

Parachute deliveries

Zipline's drones - called Zips - are small fixed-wing aircraft that are fired from a catapult and follow a pre-programmed path using GPS location data.

The advantage of the design over multi-rotor models is that the vehicles can better cope with windy conditions and stay airborne for longer. In theory, they can fly up to about 180 miles (290km) before running out of power, although Zipline tries to keep round trips to about half that distance.

Their drawback is that they require open space to land - in Zip's case an area about the size of two car parking slots.

Zipline gets round this issue by having its drones descend to heights of about 5m (16.4ft) when they reach their destinations and then release their loads via paper parachutes. Afterwards, they regain altitude and return to base before coming to rest.

Zip droneImage copyrightGETTY IMAGES

Image captionThe Zip drones can carry supplies weighing up to 1.5kg (3.3lb)

The aircraft fly below 500ft (152m) to avoid the airspace used by passenger planes.

Tanzania, Rwanda and Malawi - which uses a different type of drone for medical deliveries - all take a permissive approach to unmanned aerial vehicle [UAV] regulations, helping make them attractive places for such trials.

Earlier in the year, Tanzania also authorised the use of drones in its Tarangire National Park as part of an effort to deter animal poachers.

Saved lives

Dfid estimates that flying blood and medical supplies by drone from out of Tanzania's capital, Dodoma, could save $58,000 (£47,400) a year compared to sending them by car or motorcycle.

But a spokeswoman suggested that the time savings were more crucial.

"Flights are planned to start in early 2017, and when they do it is estimated that [the] UAVs could support over 50,000 births a year, cutting down the time mothers and new-borns would have to wait for life-saving medicine to 19 minutes - reduced from the 110 minutes traditional transport methods would take," she explained.

The Ifakara Health Institute - which specialises in treatments for malaria, HIV, tuberculosis as well as neonatal health issues - will be the local partner.


Media captionZipline already offers a medical supplies delivery service in Rwanda

The Humanitarian UAV Network and other non-profit bodies recently surveyed the use of drones to carry out human welfare tasks.

The study highlighted the work Zipline was doing, noting the firm was capable of setting up a new drones launch hub in as little as 24 hours, meaning it was well suited to rapid response efforts as well as longer-term projects.

But the study also noted that humanitarian cargos are often measured in tonnes rather than kilograms, and need to be transported across longer distances than a Zip can manage.

Zip droneImage copyrightREUTERS

Image captionThe Zip drones land on an inflatable pad

"Given these current trade-offs relative to manned aviation, the specific cases in which cargo drones can currently add value are particularly narrow in the context of the universe of needs that humanitarian organisations typically face," it said.

And it added that more research was needed to properly evaluate whether existing schemes were as reliable as claimed.

"Organisations considering the use of cargo drones need statistics on flights performed, hours logged, failure rates and other performance measures."

Source: bbc.co.uk
corner spacer corner

Posted by Damien Biddulph on Wed 11th Jan 2017

As I step into the hallway in Simon Daykin's New Forest home, his smartwatch goes into overdrive.

He is receiving messages from the house itself, warning him there is somebody inside it doesn't recognise.

"As you come in, you've already been spotted by some of our tech," he says.

"There are cameras in the burglar alarm sensors, and a facial recognition system in the house.

"If it's someone it 'knows', it will tell me. If it's someone it doesn't know, it will tell me."

He selects one of the CCTV images he has received and adds my name to it. That seems to satisfy the house - for now.

The combination of devices also enables him to talk to delivery drivers via his phone if the house is empty (and make sure they leave the parcels in the right place) - and was handy when his daughter had a fall and the family were able to share footage with hospital doctors to help them understand her injury.

sensors on the coffee table

Image captionMany of the sensors are discreet

It's one of many systems Mr Daykin has rigged up over the past four years years as he has painstakingly created his own unique smart home, using a combination of off-the-shelf kit, a few credit-card-sized Raspberry Pi computers and his own tech expertise.

He says the hardest part has been getting them all to coordinate with each other.

It's a labour of love and it hasn't all been cheap - but he says it is slowly paying for itself because of the savings on the household bills.

The house monitors everything and uses energy only where and when it needs to.

bathroom cable

Image captionThis small wire is the only evidence that the toilet flush is monitored

The Daykins also get a government incentive for using a wood pellet boiler, which is programmed to fire up just once a day, and have reduced their water costs by 40% through rainwater harvesting.

LED light bulbs have dramatically decreased the electricity bills.

Mr Daykin's primary motivation was to reduce his family's energy consumption, and he is very proud of the results.

He carries out data mining to fine-tune the house to ever greater efficiency - sensors monitor everything from humidity and air quality to temperature and toilet flushes.

Near the washing machine, in the spot where many people might keep their detergent, the Daykins have a hi-tech "nerve centre" where 2km (1.2 miles) of cabling feeds data to the home's central server.

"The house has modes," he says.

"It knows when you're awake, it knows when you're asleep, it knows when you're not here and it reconfigures security, heating, lighting."

If a room is empty, the electricity on a specially wired bank of plug sockets shuts off, and once the lights go off at night, the house goes into "sleep mode".

smart house nerve centre

Image captionWhere most people keep their washing powder, the Daykins have a technology hub

Family members have their own preferences pre-programmed - when Mr Daykin's mother-in-law arrives, the heating turns up because she feels the cold more.

At the moment, controlling this data requires his input - but with the rise of artificial intelligence, Mr Daykin hopes to reduce his own role in the proceedings.

"I get a lot of updates from the house, but it's very experimental and I like it because I know what's going on," he says.

"One of the big next steps is being able to talk to the house or use a digital assistant so you don't have to touch anything.

"My ultimate aim is that the house is so aware of what it wants and what you want it to be that it reacts to you without you having to tell it."

Personal data

The downstairs toilet flush is also kept track of (a double flush boosts the air circulation, for those with delicate noses); and in the process of monitoring the air quality, Mr Daykin has discovered some unexpected correlations between certain adult activities and the corresponding levels of carbon dioxide.

"Maybe in the future we'll be able to predict when we'll need midwives in the house," he says wryly.

It's certainly intensely private information. But if you install a smart home operated by a tech giant, it's exactly the sort of thing you could inadvertently be sharing.

"We are all generating huge amounts of data - and big companies are using that and exploiting that to give us better services and also create better advertising.

"The system I have created, the vast majority of the data never leaves the house unless I choose to access it remotely," he says.

"I am uncomfortable about giving data to other people unless I know how it is going to be used."

bath ducks

Image captionEven the bath ducks play their part

As a senior IT professional, it's not surprising that he takes cyber-security very seriously, and has invested in an expensive enterprise-grade firewall "as good as a bank would have".

"It's not just because I don't want people looking into my house," he says.

"I want to protect the data but also I don't want somebody taking control of my house or exploiting it to do something else as we've seen with recent botnet attacks. I won't let that happen to my house."

But he admits that his family has had to get used to the concept of being monitored - and that by mutual agreement the upstairs bedrooms are off-limits.

"I'm comfortable with [the monitoring], the family are getting used to it, it does worry some people. I think that's one of the biggest challenges that tech faces - how do you make these things accepted?"

'Stuck with it'

In fact, people in modern life are very used to being observed, says psychology professor Tim Buchanan, from Westminster University - whether that's through CCTV, smartphone use or even car registration.

"I think most people genuinely aren't aware of all the data that is collectible about them at any point in time or what the value of that data is," he says.

"I think there are many people who are uncomfortable with it - who go to great pains to try to protect their privacy - but even those people will surrender their privacy in order to access services that they need.

"Unless you were to completely strip technology out of your life, I'm afraid we are stuck with it."

Some tech has more longevity than others.

One of Mr Daykin's early experiments was a bathroom-based sound system controlled by rubber ducks that became magnetic controls when placed against the metal bath tub, allowing bathers to control the sound and change the music.

"It was good fun," he says.

"But these days they prefer watching the iPad."

Source: bbc.co.uk
corner spacer corner

Posted by Damien Biddulph on Mon 9th Jan 2017

Get your loved ones off Facebook.

 17 minute read

I wrote this for my friends and family, to explain why the latest Facebook privacy policy is really harmful. Maybe it’ll help you too. External references – and steps to get off properly – at the bottom.

A few factual corrections have been brought to my attention, so I’ve fixed them. Thanks everyone!

“Oh yeah, I’ve been meaning to ask you why you’re getting off Facebook,” is the guilty and reluctant question I’m hearing a lot these days. Like we kinda know Facebook is bad, but don’t really want to know.

I’ve been a big Facebook supporter - one of the first users in my social group who championed what a great way it was to stay in touch, way back in 2006. I got my mum and brothers on it, and around 20 other people. I’ve even taught Facebook marketing in one of the UK’s biggest tech education projects, Digital Business Academy. I’m a techie and a marketer – so I can see the implications – and until now, they hadn’t worried me. I’ve been pretty dismissive towards people who hesitate with privacy concerns.

Just checking…

Over the holidays, I thought I’d take a few minutes to check on the upcoming privacy policy change, with a cautious “what if” attitude. With our financial and location information on top of everything else, there were some concerning possibilities. Turns out what I suspected already happened 2 years ago! That few minutes turned into a few days of reading. I dismissed a lot of claims that can be explained as technically plausible (or technically lazy), based on a bit of investigation, like the excessive Android app permissions. But there was still a lot left over, and I considered those facts with techniques that I know to be standard practice in data-driven marketing.

With this latest privacy change on January 30th, I’m scared.

Facebook has always been slightly worse than all the other tech companies with dodgy privacy records, but now, it’s in it’s own league. Getting off isn’t just necessary to protect yourself, it’s necessary to protect your friends and family too. This could be the point of no return – but it’s not too late to take back control.

A short list of some Facebook practices

It’s not just what Facebook is saying it’ll take from you and do with your information, it’s all the things it’s not saying, and doing anyway because of the loopholes they create for themselves in their Terms of Service and how simply they go back on their word. We don’t even need to click “I agree” anymore. They just change the privacy policy and by staying on Facebook, you agree. Oopsy!

Facebook doesn’t keep any of your data safe or anonymous, no matter how much you lock down your privacy settings. Those are all a decoy. There are very serious privacy breaches, like selling your product endorsement to advertisers and politicianstracking everything you read on the internet, or using data from your friends to learn private things about you - they have no off switch.

Facebooks gives your data to “third-parties” through your use of apps, and then say that’s you doing it, not them. Everytime you use an app, you’re allowing Facebook to escape it’s own privacy policy with you and with your friends. It’s like when my brother used to make me punch myself and ask, “why are you punching yourself?” Then he’d tell my mum it wasn’t his fault.

As I dug in, I discovered all the spying Facebook does – which I double-checked with articles from big reputable news sources and academic studies that were heavily scrutenised. It sounds nuts when you put it all together!

  • They have and continue to create false endorsements for products from you to your friends - and they never reveal this to you.
  • When you see a like button on the web, Facebook is tracking that you’re reading that page. It scans the keywords on that page and associates them to you. It knows much time you spend on different sites and topics.
  • They read your private messages and the contents of the links you send privately.
  • They’ve introduced features that turn your phone’s mic on – based on their track-record changing privacy settings, audio surveillance is likely to start happening without your knowledge.
  • They can use face recognition to track your location through pictures , even those that aren’t on Facebook. (Pictures taken with mobile phones have time, date and GPS data built into them.)
  • They’ve used snitching campaigns to trick people’s friends into revealing information about them that they chose to keep private.
  • They use the vast amount of data they have on you, from your likes, things you read, things you type but don’t post, to make highly accurate models about who you are – even if you make it a point of keeping these things secret. There are statistical techniques, which have been used in marketing for decades, that find correlating patterns between someone’s behaviour and their attributes. Even if you never posted anything, they can easily work out your age, gender, sexual orientation and political views. When you post, they work out much more. Then they reveal it to banks, insurance companies, governments, and of course, advertisers.

“I have nothing to hide”

A lot of people aren’t worried about this, feeling they have nothing to hide. Why would they care about little old me? Why should I worry about this when I’m not doing anything wrong?

One of the more obvious problems here is with insurance companies. The data they have on you is mined to predict your future. The now famous story of the pregnant teenager being outed by the store Target, after it mined her purchase data – larger handbags, headache pills, tissues – and sent her a “congratulations” message as marketing, which her unknowing father got instead. Oops!

The same is done about you, and revealed to any company without your control.

From the Terms Of Service (not the Privacy Policy – see what they did there?):

You give us permission to use your name, profile picture, content and information in connection with commercial, sponsored or related content (such as a brand you like), served or enhanced by us.

And later: > By “information” we mean facts and other information about you, including actions taken by users and non-users who interact with Facebook.

So this includes everything they’re collecting about you but not telling you. Everything you read online, everything someone ever posts about you, all your private financial transactions.

And, your data starts to get combined with your friends data to make these models more accurate. It’s not just about you and your data but what gets done with all of it put together.

The issue here isn’t what we have to hide, it’s maintaining an important right to our freedom – which is the right to privacy, and the right to have a say in how information about us is used. We’ve giving up those rights forever by using Facebook.

If you’ve ever admitted to something illegal in a private Facebook message, or even mentioned your support for a political cause, this can be used against you in the future, especially by another country’s governement. You may find yourself arrested for being at the wrong place at the wrong time, or just pulled aside at the airport one day, now facing jail time because you revealed you did something that government considers illegal 5 years ago. One New York comedian had a SWAT team break into his house based on a joke post. Law enforcement often acts in error, and you’re giving them more power and more chance of error. You’re loading the gun, pointing it at your head, and handing it to every trigger-happy “enforcer” who’s willing to buy your data.

There’s no need to talk hypothetically about government surveillance here. One of the first Facebook investors called Greylock has board connections to a CIA investment firm called In-Q-Tel. According to their website, it “identifies cutting-edge technologies to help the Central Intelligence Agency and the broader US Intelligence Community to further their missions”. And if you haven’t heard - it was revealed that Facebook data is delivered directly to the PRISM programme.

Commercial data brokers

And as I’ll explain later, most of this information finds its way into the public anyway. No need for NSA programmes because of marketing data companies who de-anonymise all your data to sell it again and again. This is done systematically and automatically. There’s an industry around this. There are marketplaces to buy and sell consumer data, orginally started around credit agencies and direct mail companies, then growing with the browser toolbar industry when Internet Explorer was big - now they’re filled with more information than ever before. A recent example is RapLeaf which collected and released personally identifiable information, including Facebook and MySpace IDs. They stopped after serious controversy, but not only was the damage done, there were other companies who escaped the bad PR and kept up the same practice. It’s not about how marketers target ads to you, it’s that your data is bought and sold to try.

Where might you travel in the future? Do you trust their law enforcement with this information about you? Because they’re buying it.

Intercepting your communication

The thing is that you don’t need a conspiracy theory to be concerned. Mark Zuckerburg himself has been public and consistent to his investors about his intentions:

1) To be the middle-man in all personal communication.

That’s why they made Messenger and bought WhatsApp, but don’t forget that they’ve tried worse. When they made Facebook email, they took advantage of users who were syncing their Facebook contacts. They made it so everyone’s @facebook.com address would be the default. Why? So that your friends would email you at your @facebook.com address instead, and they’d be able to read your emails too.

2) To make all personal communication public over time.

That’s why they slowly changed the default privacy settings to public, made privacy settings harder and harder to use, and now are pretending that their privacy helper will change this.

In reality, there a loads of privacy breaches you can’t turn off, like allowing advertisers to use your endorsement to your friends, turning off how Facebook tracks what you read on the internet, or disallowing Facebook from collecting other information about you. You can’t turn them off!

“I have something to share”

Even if you have nothing to hide, you have to worry about the opposite, what Facebook chooses to hide that you want to be shared. They filter you.

“I’ve been meaning to ask you why you’re getting off” usually comes after something like, “didn’t you see my post last week?”

If you’ve ever had that conversation, you’ve noticed that there’s a big disconnect between your expectations when you communicate on Facebook and what really happens. Basically, Facebook filters out your posts based on whether or not people will use Facebook more if they don’t see it.

It feels like Facebook is the only way to stay in touch. Through pictures and comments. It feels like everyone’s on there and you’re getting a good feed on their life.

In reality, lots of your posts are never seen by anyone! And you miss out on their stuff too. Even if your friends’ stuff gets to you fine, it doesn’t mean your stuff gets to them.

Private messages suck too. How many Facebook messages do you send with no reply? How many Facebook messages do you think you forget to get back to, or miss altogether? Is that how you want to treat your friends?

Facebook a really unreliable way to stay in touch.

In the last month, I simply stopped using Facebook. Something amazing happened. People phoned me, and we really caught up. My family was more in touch. My brother emailed me with updates. Friends popped into my place to say hi.

It was, like, social.

Political censorship

Facebook’s blocks posts based on political content it doesn’t like. They blocked posts about Fergusson and other political protests. When Zuckerberg alledgedly went a bit nuts and banned the word “privacy” from meetings at Facebook, it was also blocked from any Facebook post. You just got an error message about “inappropriate content”. Yeah, uh huh. Inappropriate for who?

We shouldn’t be surprised though. Facebook isn’t a neutral platform - we need be aware of the agendas of the people behind it. Zuckerberg’s been public about his intentions. So has the first board member of Facebook - the politically conservative Peter Thiel. In his younger years, he wrote a book challenging multi-culturalism at Stanford, and now promotes a theory called Memetic Desire which, among other positive things, can also use people’s social groups to manipuate their wants and intentions. (I’m a fan of Thiel when it comes to startups - but we often forget that everyone else out there doesn’t know this stuff.)

Facebook goes so far as to let political organisations block your communication. It just takes a few people to mark the same news article as offensive, and it drops from everyone’s feed. This is often abused. I can block any article from Facebook by getting a few friends to mark it as offensive. Cheap and easy censorship.

All this points to the fact that it’s bad to rely on Facebook to communicate with people who are important to you. Your Facebook habit means other people have to rely on Facebook.

It’s a vicious cycle.

It actually hurts your relationships with a lot of people because you think you’re in touch with them, but you’re not. At best, you’re in touch with a filtered version of your friends. Those relationships fade, while your relationships with people who make “Facebook-friendly” posts take their place.

Not only does Facebook want to read all your communication, it wants to control it too.

Ratting on your friends

Even if you’re sort of okay with this for you, by using Facebook, you’re forcing your friends and family to accept the same. Even the ones who aren’t on Facebook or go as far as to use fake names.

If you’ve ever used Facebook contact sync, or used Facebook on your mobile phone, Facebook took your complete contact list. Real names, phone numbers, addresses, emails, everything. They then use that to create “shadow profiles” of the people you know who aren’t on Facebook. Non Facebook users often see this in action, in the form of emails to them from Facebook, containing their personal information. Facebook users can see this when they upload a picture of a non-Facebook user, and they’re automatically tagged. My friend’s not on Facebook, but since me and a few friends used Facebook on our phones, Facebook has his name and contact information, plus knows who his friends are because it sees him in their address book and calling records. A couple of pictures uploaded with his face, and presto - they can identify him in pictures – adding location data from the pictures to his shadow profile. Lots of Facebook’s other techniques work on shadow profiles too. On top of all this, they can very accurately infer a lot about him based on statistical similarities to his friends.

So basically, we’ve all inadvertantly been ratting on our friends who wanted to remain private. Facebook tricked us.

But Facebook’s tricks go further.

“Privacy” doesn’t apply to what Facebook digs up

Like shadow profiles of people, Facebook can “infer a like” based on other information it has about you, like what you read all over the internet or what you do in apps where you log in with Facebook. Call it a “shadow like.” This allows them to sell you to more advertisers.

It’s already well-documented that Facebook collects this information. The “shadow like” technique is simply the standard use of statistical techniques in database marketing. If you read alot about a topic, you probably like it. That sort of thing. These techniques have used in marketing since the 80s, and you can hire university statistics students to do them, though of course, Facebook hires the best in the field and are looking to pioneer state-of-the-art artificial intelligence for this. In Europe, Facebook is legally oblidged to share exactly what information it has about you - but they refuse. So there’s yet another class action lawsuit against them.


Through it’s labyrinth of re-definitions of words like “information”, “content” and “data”, you’re allowing Facebook to collect all kinds of information about you and expose that to advertisers. With your permission only they say, but the definition of “permission” includes using apps and who knows what else.

And you thought those Farmville requests were annoying. Every time you saw one, that friend was revealing your information to “third parties.”

So effectively, all that stuff you marked as “friends only” doesn’t matter so much. By being on Facebook, there’s way more information about you that’s collected, combined, shared, and used.

They say they “anonymise” this, but in reality, it’s a simple step to de-anonymise it. A lot of the anonymous data, like what and when you posted, pictures of you, your location at a given time, is enough for a huge number of companies to tie that anonymous data back to you – and sell it on.

On top of this, they allow all the Facebook apps full access to your information - with your name and everything. And even if you never use any apps on Facebook, your friends do. When they use apps, your friends share all your information for you. There’s a whole industry behind this.

Some things DO have off buttons, but keep in mind they are temporary, and as Facebook has done in the past, it will switch them back on without letting you know. When Facebook started (and probably when you joined) it was clearly a safe place to share with your friends only. That was their big promise. Over time, they switched the default privacy setting to public so that if you still wanted to keep Facebook for friends only, you had to manually find over 100 settings on multiple hidden settings pages. Then, they started dropping those settings and forced information to be public anyway.

Why are you still punching yourself? :)

You might have noticed Facebook ads with your friends’ endorsement under it. Basically, Facebook gives advertisers the right to use you as an endorser, but you have no control over it. It’s not limited to when you’ve actually clicked a like button. There have been known cases of vegetarians endorsing McDonalds, a long- and happily-married woman endorsing dating sites, and even a young boy endorsing a sex club to his own mother!

Those cases were so embarrasing that the person found out. People called them up. But in most cases, these are endorsements that don’t get discovered – people assume them to be true. That’s even scarier because Facebook is used heavily for political advertising, and product endorsements. People know I raised money for kids with cancer before, so they might not be surprised if they see an ad where I’m endorsing a Christian outreach programme poor kids in Africa. But I categorically only support programmes that don’t have religious allegiances, since they’re known to bias their support to people who convert. Worse, a lot of people might assume things about my religious beliefs based on these false endorsements. Don’t even get me started on all the hypey startup stuff I don’t condone!

Abusing your friends’ trust in you

We can have no idea if our endorsement has been used to sell flakey crap in our name. I don’t want to think about my mom wasting her money on something she thought I was endorsing, or my startup founder clients seeing adverts for useless products with my face under them.

Using Facebook means this happens all the time. Advertisers can buy your endorsement on Facebook and your information from third-party data brokers. You never get to know about it, and you can’t turn it off.

The latest privacy change

Finally, I want to explain how this latest privacy change makes things way worse, and way more out of your control if you stay on Facebook.

Facebook is demanding to track what you buy, and your financial information like bank account and credit card numbers. You’ve already agreed to it in the new Terms Of Service. It’s already started sharing data with Mastercard. They’ll use the fact that you stayed on Facebook as “permission” to make deals with all kinds of banks and financial institutions to get your data from them. They’ll call it anonymous, but like they trick your friends to reveal your data to the third-parties with apps, they’ll create loopholes here too.

Facebook is also insisting to track your location via your phone’s GPS, everywhere and all the time. It’ll know extactly who you spend your time with. They’ll know your habits, they’ll know when you call in sick at work, but are really out bowling. “Sal likes 2pm Bowling at Secret Lanes.” They’ll know if you join an addict support group, or go to a psychiatrist, or a psychic, or a mistress. They’ll know how many times you’ve been to the doctor or hospital, and be able to share that with prospective insurers or employers. They’ll know when you’re secretly job hunting, and will sell your endorsement for job sites to your friends and colleagues – you’ll be revealed.

They’ll know everything that can be revealed by your location, and they’ll use it however they want to make a buck.

And – it’ll all be done retrospectively. If you stay on Facebook past January 30th, there’s nothing stopping all of your past location and financial data to get used. They’ll get your past location data from when your friends checked-in with you, and the GPS data stored in photos of you. They’ll pull your old financial records - that embarrasing medicine you bought with your credit card 5 years ago will be added to your profile to be used as Facebook chooses. It will be sold again and again, and likely used against you. It will be shared with governments and be freely available from loads of “third-party” companies who do nothing but sell personal data, and irreversibly eliminate your privacy.

This is irreversible now.

Location and financial data are not just really sensitive, they allow the “third-parties” de-anonymise information about you. This massively empowers these third-parties to collect all avaiable information about you, including calculated information that you never revealed. This is a situation where even Facebook itself will have trouble maintaining the privacy of its data – not that they care.

This is unprecedented, and just like you’d never have guessed that Facebook would sell your endorsements when you signed up in 2009, it’s too hard to predict what Facebook and those third-party data sellers will do with this new power.

This is simply a consequence of their business model. Facebook sells you out, because that’s exactly how they make money. And they’re under heavy pressure from their investors to make more.

What can you do about this? Facebook gives you two options: accept all of this, or get off the Facebook bus.

To be honest, this bus is getting loud, annoying and bit smelly, isn’t it? And the ticket is way too expensive in the first place. You know, I’m not even sure it’s heading in the right direction…

How to get out of this mess

According to the FTC settlement from a few years ago, after Facebook was sued by the US goverment for its privacy practices, Facebook is “required to prevent anyone from accessing a user’s material more than 30 days after the user has deleted his or her account;”

There are different interpretations of this. Some say you need to delete each post separately, others say delete your account, and some say they’ll still keep your data anyway – that all you can do is stop giving them more data.

I’m going to do both as a precaution. There are a few helpful browser add-ons that will delete your posts individually, which I’m running now but needs some baby-sitting to keep running. And some great instructions on actually deleting your account while Facebook tries to trick you into deactivating it instead.

Then there are all the apps you’ve used. This is one of Facebook’s best loopholes because they say they can’t control what the apps do with your data once you give it to them. So, I’ve saved the settings page that shows what apps I’ve used onto my hard drive, and removed access to each of them manually. Each of those apps have their own privacy policy – most of them are a lost cause, claiming unlimited rights to my data, so I’m just shutting them down and moving on.

To stop Facebook from tracking what I read on the web, (they do this even if you don’t have a Facebook account) I’ve installed ~~ Ghostery.~~ It’s been pointed out to me that Ghostery provides information to advertising networks if you enable GhostRank, and have been recommended Privacy Badger or disconnect.me instead. (And while you’re at it, the EFF made this great plugin that automatically chooses the most secure web connection, making it more difficult for governements and ISPs to snoop your web activity.)

I used Facebook’s archive found under general settings. (It includes pictures, but not full size.)

I also downloaded my friends page - just by scrolling to the bottom to load everyone, and hitting File -> Save. (Honestly, so far I haven’t needed the file yet.)

I considered a bunch of Facebook alternatives, and might end up on Diaspora but email and phone have actually been much better! After a month off Facebook, I don’t feel the need for a direct replacement. The phone - go figure. Everyone already has one, and we forget how super easy and convenient they are to use. I see fewer pictures, but I actually talk to people.

If you have any other ideas or advice, please get in touch. This is what I see as a responsible step to prevent myself, my family and my friends from having their freedom taken from them, and their personal relationships made to suffer.

Remember, this isn’t just about the technical stuff. By staying on Facebook, you’re granting them permmission to collect and use information about you, regardless of you even using the Internet. And by staying on, the data they collect on you gets used to create models about your closest friends and family, even the ones who opted out.

The Internet doesn’t equal spying

Lastly, the world is full of people who say “it’ll never happen”, and when it does, they switch to “there’s nothing we can do.” There is. The Internet was decentralised for 50 years, and is full of options, by design, that allow us to maintain privacy. We have a say in the world we want to live in – if we take action ourselves. Plus, we can help everyone understand, and help them make their own choices more informed.

This post has been read by 1,000,000 people now. It’s a positive sign that we can inform and educate ourselves!

Please share this with people who are important to you. But to be honest, even though this post is really popular, it’s clear a lot of people are assuming what’s in it. Sharing a link isn’t as good as talking to someone.

If you got this far and want to share it with someone close, I suggest you do what I did – pick up the phone.

A question for you


A note on the quality of these sources: I tried to find references from major news outlets, with a range of political biases. These articles are less technically aware, but we can expect they’re more rigorous than blogs at checking their sources. For the more technical stuff, sources like The Register are known to be more credible, and Techcrunch is notoriously unreliable at fact-checking. I’ve included some of their articles though, because they’re good at explaining things.

Facebook likes reveal sensitive personal information eff.org

Private traits and attributes are predictable from digital records of human behavior pnas.org 
table of top likes

New Facebook Policies Sell Your Face And Whatever It Infers forbes.com

You are what you Facebook Like washingtonpost.com

Criticism of Facebook - Wikipedia, the free encyclopedia en.wikipedia.org

Facebook stallman.org

Forcing users onto Messenger huffingtonpost.com

Permissions telegraph.co.uk

WhatsApp hackread

Europe vs Facebook irishtimes.com



Facebook info sharing created Zoosk.com dating profile for married woman cbc.ca

@facebook.com e-mail plague chokes phone address books arstechnica.com

Facebook Knows Your Friends—Even if They’re Not on Facebook - IEEE Spectrum spectrum.ieee.org

Facebook Now Wants To ‘Spy’ On Android Phone Users! efytimes.com

Facebook adds naggy “ask” button to profile pages arstechnica.com

Facebook users unwittingly revealing intimate secrets, study finds theguardian.com

Facebook’s Generation Y nightmare theguardian.com

Facebook Knows Your Friends—Even if They’re Not on Facebook - IEEE Spectrum spectrum.ieee.org

Facebook’s New Privacy Rules Clear the Way for Payments Push and Location-Based Ads recode.net

Dutch Regulator Investigates Facebook’s Privacy Policy bits.blogs.nytimes.com

Facebook prunes its privacy policy, lays groundwork for location-based ads - GeekWire geekwire.com

Stalking on Facebook Is Easier Than You Think - IEEE Spectrum spectrum.ieee.org

Millions Will Flow to Privacy Groups Supporting Weak Facebook Settlement | WIRED wired.com

Facebook Is Recycling Your Likes To Promote Stories You’ve Never Seen To All Your Friends forbes.com

Is Facebook damaging your reputation with sneaky political posts? | ZDNet zdnet.com

Even Google won’t be around for ever, let alone Facebook theguardian.com

Facebook reforms user settings dailyemerald.com

Facebook Privacy: A Bewildering Tangle of Options - Graphic - NYTimes.com nytimes.com

Corrupt Personalization blogs.law.harvard.edu

Facebook is not your friend theguardian.com

Facebook violates German law, Hamburg data protection official says | Sci-Tech | DW.DE | 02.08.2011 dw.de

The World from Berlin: ‘Every User Can Decide Alone What Facebook Knows’ - SPIEGEL ONLINE spiegel.de

Q&A: Facebook privacy changes bbc.co.uk

Famous Facebook Flip-Flops pcworld.com

No Death, No Taxes - The New Yorker newyorker.com

Facebook censors political satire after complaint from JobCentre Plus tompride.wordpress.com

TED: The curly fry conundrum: Why social media “likes” say more than you might think tedtranscripts.blogspot.com

With friends like these … Tom Hodgkinson on the politics of the people behind Facebook theguardian.com

Facebook Must Face Lawsuit Over Scanning of Users’ Messages, Judge Says recode.net

How Target Figured Out A Teen Girl Was Pregnant Before Her Father Did forbes.com

War on General Purpose Computers is the difference between utopia and dystopia boingboing.net

Don’t Worry About Selling Your Privacy To Facebook. I Already Sold It For You | Just Well Mixed jasonlefkowitz.net

Facebook’s Hidden “Like” Isn’t Just Good For Mobile Developers, It’s Good For Facebook techcrunch.com

Mastercard to access Facebook data theage.com.au

Three transactions can reveal your identity pcworld.idg.com.au

Look who’s lurking around your Facebook page: Your insurance company! insure.com

NSA Prism program taps in to user data of Apple, Google and others theguardian.com

Everything We Know About What Data Brokers Know About You propublica.org

Source: salimvirani.com
corner spacer corner

Posted by Damien Biddulph on Mon 9th Jan 2017

News snippetsSliced and diced for your convenience

Person on computer sending emailImage copyrightISTOCK

1. Emails you send on Mondays contain more grammatical mistakes than those sent on other days.

Find out more (New York magazine)

2. The Queen of Sweden thinks her palace is haunted by ghosts.

Find out more (Foreign Policy)

3. You can use a display computer in an Apple store all day and no-one will ever ask you to leave.

Find out more (Refinery 29)

4. Gary Lineker and Jonathan Agnew regularly receive soiled loo paper in the post.

Find out more (Joe)

5. It's possible to travel by train all the way from Yiwu in eastern China to Barking in east London.

Find out more

6. The British government thinks people have £433m of pound coins stashed away in their homes.

Find out more (Yahoo)

7. In the US, at least one person a week is shot by a toddler.

Find out more (Press Union)

8. Only one member of the US Congress identifies as unaffiliated with any religion.

Find out more (The Atlantic)

9. There are 79 organs in the human body, one more than previously thought.

Find out more (The Independent)

10. The most popular condiment eaten with chips in Australia is chicken salt. Which contains no chicken.

Find out more (Mashable)

Seen a thing? Tell the Magazine on Twitter using the hashtag #thingididntknowlastweek

Source: bbc.co.uk
corner spacer corner

Posted by Damien Biddulph on Wed 4th Jan 2017

Setup or Configure Nokia Lumia to Sync with Microsoft Exchange Server

Nokia Lumia is the popular Smartphone series from Nokia which runs on the most popular Windows Phone operating system (OS). With Lumia series, Nokia scrapped the old Symbian platform and switched to Windows OS. This partnership with Microsoft made it feasible for the Lumia users to access their Outlook emails easily from their phone. Here are some quick steps to configure Microsoft Exchange Server with the Nokia Lumia phones.

How to synchronize Nokia Lumia with Microsoft Exchange Server?

  • In order to synchronize Nokia Lumia with Microsoft Exchange Server, the first step is to get in touch with the IT administrator in order to get assistance with server credentials and other information related to it.
  • Account synchronization may take several minutes.

1.? From the Start screen, choose the Arrow icon on the right side of your phone screen.


2.? Click on the Settings option.


3.? Choose the email + accounts option.


4.? Choose the add an account option.


5.? Click on the Outlook option.


6.? Feed in the correct information into the fields shown below:

  • Email address
  • Password

7.? Then click on the Sign in option.


8.? Add the User name, Domain if your device prompts for it.

9.? Then click on the sign in.

Note: If your device doesn?t detect the settings, then select the ?Advanced Set up? option.


Once you select the ?Advanced set up? option, do the following:

1.? Select advanced.


2.? Select the Server name then choose the ?show all settings? option.


3.? Make sure the following setting is set up properly.

  • Check the ?Server requires encrypted (SSL) connection? box.


4.? Add the Account name.


5.? Further choose one of the following from the ?Download new content? option.

  • as items arrive
  • every 15 minutes
  • every 30 minutes
  • hourly
  • manually


6. Choose one of the following from the ?Download email from field?

  • the last 3 days
  • the last 7 days
  • the last 2 weeks
  • the last month
  • any time


7. Further in the ?Content to sync? option, check the content boxes that you want to sync:

  • Contacts
  • Calendar
  • Tasks


8.? Finally click on the sign in.


Source: apps4rent.com
corner spacer corner

Posted by Damien Biddulph on Tue 3rd Jan 2017

Amazon EchoImage copyrightAMAZON

Image captionAmazon refused to share data captured by one of its Echo speakers

US police investigating a murder have tussled with Amazon over access to data gathered by one of its Echo speakers.

The voice-controlled device was found near to a hot tub where the victim was found dead amid signs of a struggle.

According to court filings, Amazon was issued with two search warrants but refused to share information sent by the smart device to its servers.

However, the police said a detective found a way to extract some data from the device itself.

The accused killer has yet to be put on trial and it is not clear whether that information proved useful to the investigation.

The prosecutor in the case told the BBC he was still hopeful Amazon would share some further details.

"While many privacy advocates have expressed interest in this case due to the technology involved, this case is really about seeking justice for the victim, who was a husband and a father," Nathan Smith told the BBC.

"The application for a search warrant based on probable cause and approved by a judge is the constitutionally authorised means for law enforcement to conduct lawful searches of homes, property or computer devices like the Amazon Echo.

"Since law enforcement officers followed the constitutionally mandated procedures to obtain a lawful search warrant in this case, I am confident that Amazon will comply."

Blood spots

Details of the case were first reported by the Information news site.

But it dates back to November 2015, when the suspect, James Bates, called the Bentonville, Arkansas police department to say he had found the body of a friend, Victor Collins, face down in water.

The court records say one of deceased's eyes and lips appeared to be swollen and suspected blood spots were found around the rim of the hot tub.

Detectives say they learned that music had been streamed to the back patio at the time of death, which they thought might have been controlled via the Echo's smart assistant Alexa.

Amazon EchoImage copyrightAMAZON

Image captionAmazon's range of Echo speakers have proved popular gifts over Christmas, potentially opening the door to further privacy clashes

The "always on" machine makes recordings of audio it hears from a fraction of a second before it detects a wake word - either Alexa or Amazon - until it judges the command to be over.

This audio is then transmitted to Amazon's computer servers, which interpret the request and tell it how to respond.

Although no recordings are meant to be made at other times, the device often becomes activated when it misinterprets speech as being its wake command.

Any captured audio might therefore have identified who was active in the early hours of the morning when the alleged murder is thought to have taken place, as well as what was said. Mr Bates claims to have been asleep at the time.

'Overbroad demands'

The case has echoes of Apple's refusal to help the FBI bypass the security code of an iPhone used by a gunman in 2015.

In that case, the authorities were ultimately able to extract information without Apple's aid.

"Amazon will not release customer information without a valid and binding legal demand properly served on us," a spokesman for retail giant told the BBC.

"Amazon objects to overbroad or otherwise inappropriate demands as a matter of course."

The spokesman added that utterances are not stored by Echo devices, and the associated audio is only accessible via the cloud and can be deleted by relevant account holders.

HuaweiImage copyrightHUAWEI

Image captionDetectives were unable to view the contents of the murder suspect's mobile phone

Bentonville's police force said it had also managed to extract data from Mr Collins' LG smartphone.

But it added that it had been unable to access Mr Bates' Huawei Nexus handset because it had been "encrypted at the chipset level" and was protected by a passcode lock.

However, the court papers indicate that the property's smart water meter may have yielded the most useful evidence.

The police say it showed that 140 gallons (636 litres) of water was used around the time of the alleged killing. They suggest this was down to Mr Bates using a garden hose to wash away evidence from his porch before he alerted them to the death.

Source: bbc.co.uk
corner spacer corner

Posted by Damien Biddulph on Tue 3rd Jan 2017

Britney SpearsImage copyrightGETTY IMAGES

Sony Music has said sorry to pop star Britney Spears, after an official Twitter account suggested the pop star had died.

The entertainment firm quickly removed the hoax tweets, saying its global account had been "compromised" but that the situation had "been rectified".

Sony added it "apologises to Britney Spears and her fans for any confusion".

The 35-year-old did not react directly to the tweet, but her manager confirmed the singer was "fine and well".

TweetImage copyrightTWITTER

Image captionThe tweets were quickly dismissed as a hoax

As well Sony's Twitter account, the official account of Bob Dylan also appears to have been hacked. It tweeted: "Rest in peace @britneyspears" around the time of the fake Sony tweets.

After the tweets were published, a group called OurMine appears to have gained access to the Sony Music account and pointed out the security breach. It is not clear whether it was also responsible for the original false messages.

Just a few days ago, it appeared to have hacked into the Twitter accounts of Netflix US and Marvel Entertainment.

And it has also been linked to compromising the Twitter accounts of top executives including Facebook's Mark Zuckerberg and Google chief executive Sundar Pichai.

Hollywood hack

While the latest incident is potentially embarrassing to Sony Music, it is not likely to have the same repercussions as another cyber-security breach that Sony suffered in 2014.

That hack, which targeted Sony Pictures, resulted in unreleased films and the script for the next James Bond movie being leaked online.

Details of corporate finances and private emails between producers and Hollywood figures were also released.

North Korea was accused by the US of orchestrating the move and the eventual fallout saw Sony cancel the Christmas release of a comedy called The Interview, a film depicting the assassination of the North Korean leader.

Source: bbc.co.uk
corner spacer corner

Posted by Damien Biddulph on Tue 3rd Jan 2017

Poorly secured webcams and other Internet-connected devices are already being used as tools for cyberattacks. Can the government prevent this from becoming a catastrophic problem?

growing mass of poorly secured devices on the Internet of things represents a serious risk to life and property, and the government must intervene to mitigate it. That’s essentially the message that prominent computer security experts recently delivered to Congress.

The huge denial-of-service attack in October that crippled the Internet infrastructure provider Dyn and knocked out much of the Web for users in the eastern United States was “benign,” Bruce Schneier, a renowned security scholar and lecturer on public policy at Harvard, said during a hearing last month held by the House Energy and Commerce Committee. No one died. But he said the attack—which relied on a botnet made of hacked webcams, camcorders, baby monitors, and other devices—illustrated the “catastrophic risks” posed by the proliferation of insecure things on the Internet.

For example, Schneier and other experts testified that the same poor security exists in computers making their way into hospitals, including those used to manage elevators and ventilation systems. It’s not hard to imagine a fatal disaster, which makes it imperative that the government step in to fix this “market failure,” he said.

The problems with IoT devices are worsening because manufacturers lack incentives to prioritize security. Even if consumers wanted to assess the relative security of Internet-connected thermostats and other devices, there are no established ratings or other measures.

There is little disagreement that the government should do something about this, since so many critical systems are vulnerable to attacks like the one that hit Dyn. Exactly how the government should handle the situation, however, is a subject of an intensifying debate in Washington—one that won’t be settled before President-elect Donald Trump takes office. Business groups such as the U.S. Chamber of Commerce and the Consumer Technology Association argue that new regulations on IoT devices could hinder innovation.

Schneier argues that we need a new agency in charge of cybersecurity rules. This seems unlikely, given that Trump campaigned on a broad promise to roll back regulations, and Republicans generally oppose expanding the government. But if something catastrophic were to happen, a frightened public would probably ask that something be done, and the government should be prepared for that, he warned the committee members.

How big is the risk? Massive and growing, says Kevin Fu, a University of Michigan professor of computer science and engineering who specializes in cybersecurity. Not only are IoT devices being added in “sensitive places that have high consequence, like hospitals,” Fu said, but millions of them can be easily hacked and gathered into huge botnets, armies of zombie computers that adversaries can use to debilitate targeted institutions.

Fu, who also testified in the House hearing, believes that without a “significant change in cyber hygiene” the Internet can’t be relied on to support critical systems. He recommends that the government develop an independent entity in charge of testing the security of IoT devices. The process should include premarket testing along the lines of the automotive crash testing done by the National Highway Traffic Safety Administration, post-attack testing similar to what the National Transportation Safety Board does after car crashes, and “survivability and destruction testing” to assess how well devices cope with attacks, says Fu.

We don’t know yet whether the Trump administration or the next Congress will make addressing IoT-related risks a priority. So what can the government do in the meantime? Last month, the Department of Homeland Security released a set of “strategic principles for securing the Internet of Things,” and suggested that the government could sue manufacturers for failing to “build security in during design.” On the same day, the National Institute of Standards and Technology, which publishes industry standards for many areas of technology, issued voluntary guidelines for engineering “more defensible and survivable” connected systems.

Meanwhile, every additional connected computer—whether it is in a car, drone, medical device, or any one of countless other gadgets and systems—is exposed to these risks. That’s why centralized regulatory authority is needed, according to Schneier: “We can’t have different rules if the computer has wheels, or propellers, or makes phone calls, or is in your body.”


Source: technologyreview.com
corner spacer corner

Veeam Specialist Microsoft Small Business Specialists Birmingham Microsoft Gold Certified Partner Birmingham Siemens Solution 1 Reseller Birmingham Sonicwall Specialists Birmingham Business Link Approved Birmingham Fujitsu Primergy Certified Partner Birmingham Facebook Follow us on Twitter ESET NOD32 VMWare
IT Support
IT Services
IT Solutions
Get Support Now
© 2018 Discus Systems plc. All rights reserved. Content Management by Verve Digital