Joining the Dots to a Connected Car Future

Posted: February 17, 2017 | Author: | Filed under: Uncategorized | Tags: , , , , , , , | Leave a comment

connected carI’ve been prepping a new feature on the future of the connected car industry and one thing is pretty clear: things are moving faster than you think.

We’re currently working our way through three of the four stages of industry evolution mapped out by Gartner. It claimed in a December report that efforts to integrate mobile and cloud-based apps into the car are almost complete – that’s one stage down. Then, up until 2024 it’ll be all about “digital lifestyle convergence”.

The report explained:

“This convergence means that consumers want to be able to communicate with friends and family members, remain productive to their workplace, and to be entertained with the content that they also access outside of the automobile. Users will also expect an automotive connectivity experience that is similar to other device experiences they are increasingly accustomed to, such as remote, over-the-air software updates and content/services upgrades.”

Microsoft has a good chance to capitalise on this shifting focus, with its new Connected Vehicle Platform. One of the five main pillars outlined by EVP of business development, Peggy Johnson, at CES, is “improved in-car productivity” via tools like Cortana, Dynamics, Office 365, Power BI and Skype for Business.

“For instance, imagine that Cortana seamlessly connects you whether you’re at home or in your car,” she explained. “Let’s say you’re on your phone at home and tell Cortana to set up a meeting for you and your colleague the next morning at a coffee shop. The next time you get in your car, Cortana reminds you of the morning meeting and starts navigation to get you to that coffee shop.”

With its heritage in the office productivity space, Microsoft obviously has an edge in these scenarios over connected car rivals like Apple, Google and Amazon, although its Azure-powered platform will also cover predictive maintenance, advanced navigation, customer insights and autonomous capabilities.

The platform’s open, partnership-based approach could also play well with consumers who are sick of many current systems, according to Quocirca analyst Clive Longbottom.

“Users are increasingly frustrated with in-car technology,” he told me. “Even new models tend to be based on old, proprietary technology; technology that is impossible to swap out and replace with something more up to date and flexible.”

The Redmond giant knows the industry better than most, continued IHS Markit principal analyst Egil Juliussen.

“The auto industry is among those global industries which adds numerous requirements for how connected cars are treated (i.e. privacy, data storage locations, etc.),” he told me via email. “All of these complexities make it expensive and time-consuming for any auto manufacturer (even the largest) to develop, update and maintain cloud and software platforms to manage their network of connected cars.”

Partners on board

And therein lies the opportunity for Microsoft and others. The firm has also announced partnerships with Volvo, Daimler, Nissan-Renault, BMW and Toyota which will see each use its cloud-based tech to create their own unique platforms. This ability to customise is another obvious benefit of its platform for carmakers.

So where are we headed? Well, autonomous vehicles of course. Gartner reckons that by 2030 self-driving tech might even have created a new car ownership model – where we simply “hire” on-demand driverless cars for our journeys rather than own a vehicle outright. Already a third of Americans the analyst surveyed said they’d forgo purchasing a new vehicle if they could pay for such a service.

Apple CarPlay and Google’s Android Auto are certainly major contenders for the connected car crown, especially in terms of integrating the car into the whole mobile experience. But Microsoft’s cloud-based approach, which is flexible enough to incorporate new technologies as it goes, has a decent chance of winning more carmaker minds and driver hearts.

 

As Black Friday Approaches, Retailers are Braced for a Fraud Deluge

Posted: November 24, 2016 | Author: | Filed under: Uncategorized | Tags: , , , , , | Leave a comment

fraudLooking forward to Christmas? Spare a thought for the nation’s retailers, who will be battling as many as one million fraud attempts each day in the period following Black Friday, according to new estimates.

They come from ThreatMetrix, a fraud prevention company with good industry insight thanks to its Digital Identity Network platform which analyses over 20 billion transactions globally each year.

It predicted a 60% increase in fraudulent e-commerce transactions in Q4 2016 compared to the last three months of 2015.

Product and data evangelist, Rebekah Moody, told me that this time of year usually sees an uptick in activity as dodgy transactions are less likely to be spotted, because retailers loosen fraud filters to let more transactions through.

“Transaction volumes are much higher – we saw huge daily peaks for some merchants in the same period last year. This means some merchants may choose to adjust their risk tolerance to ensure that more transactions can be processed with less friction,” she explained.

Cybercriminals also jump on the fact that average basket values are usually higher in the run up to Christmas.

“Fraudsters capitalise on this by trying to sneak through higher value transactions that are less likely to flag as unusual in amongst the sea of high value transactions,” said Moody. “Last year we saw the average basket value of rejected transactions was around 70% more than the overall average. We expect this trend to be mimicked this holiday season.”

The problem is compounded by current fraud prevention technologies, many of which have problems detecting some of the more advanced techniques used by the black hats, including device and IP spoofing and automated bots.

The latter threat is increasingly prominent to the point where, during attack spikes, bot traffic exceeds legitimate user traffic, according to the company’s latest Cybercrime Report for Q3.

It has the following:

“What might begin as a simple account validation using a basic bot evolves to using a complex bot to guess unknown passwords, to a bot that masquerades as genuine human traffic to trick unsuspecting businesses.”

Another tactic which makes fraud hard to spot is when the scammer manages to trick a victim into downloading malware onto their machine.

“For example, a fraudster convinces a customer to download some remote access software after playing to their worst fears that their account is being hacked following a data breach. They pretend to be from the consumer’s bank, and reassure them that they will protect their account from the impending hack,” explained Moody.

“In actual fact they manage to take over the consumers account after the consumer has legitimately logged in.”

Because there are no unusual log-in patterns, strange locations or hacked devices to monitor, it might look like a legitimate transaction.

“The key here though is that the remote access software was suddenly enabled, and then the fraud occurred,” Moody told me. “It’s not the fact that there was remote access software installed; many consumers use this legitimately. It was the change in behaviour. Unless a fraud system is advanced enough to detect this, it could be easy to see how this technique could cause huge issues.”

The best systems work in the background, using contextual data and real-time behavioural analytics in a way that is invisible to the user. But unfortunately they’re still not the norm. According to Barclays, two thirds of retailers (64%) are confident that their digital infrastructure will cope well with the Christmas rush. But if they prioritise up-time and sales over fraud prevention, there could be some nasty surprises down the line.

Trump on Cybersecurity – Where’s the Beef?

Posted: November 16, 2016 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , , , , | Leave a comment

trumpAs the dust settles on Donald Trump’s extraordinary ascent to the White House, what do we know of his plans for cybersecurity? I’ve been speaking to a variety of experts for an upcoming Infosecurity Magazine feature and, believe it or not, the majority are not particularly optimistic of the future.

His official website, outlining the Trump ‘vision’ for cybersecurity, focuses on some easy wins:

  • An immediate review of critical infrastructure and federal cyber “defences and vulnerabilities” by a Cyber Review Team comprised of members of the military, law enforcement and private sector
  • The same team to establish “protocols and mandatory awareness training” for all federal employees
  • DoJ to create Joint Task Forces to co-ordinate federal, state and local law enforcement cybersecurity responses
  • Defence secretary to make recommendations on enhancing US Cyber Command
  • Development of offensive cyber capabilities

Doug Henkin, litigation partner at Baker Botts, said the focus on awareness raising is a positive.

“This appears to be a good development for setting a positive tone to lead from above with respect to best practices for protecting against cybersecurity threats and is also essential for corporations seeking to ensure good cybersecurity preparedness,” he argued.

“It is essential to increase training as the new administration has recognised, while also remaining vigilant to how cyber attacks occur.”

That’s pretty much where the good news ends.

It might be too early to judge president-elect Trump on his cybersecurity credentials. But it must be remembered that, despite his bluster over ‘Crooked Hillary’ and her email blunder, his businesses were found to be a whole lot worse when it comes to security. Independent researcher Kevin Beaumont scanned publicly available records last month and found many of Trump organizations’ messaging servers are running the no-longer supported Windows Server 2003 and Internet Information Server (IIS) 6. He also found 2FA unsupported, meaning user accounts are vulnerable to password phishing or brute force attacks.

What’s more, as a briefing document from think tank the Information Technology and Innovation Foundation (ITIF) tells us, Trump has promised in the past to apply tariffs against China if it “fails to stop illegal activities” and to “adopt a zero tolerance policy on intellectual property theft.”

Given what we know about China, this is a dangerous game to play. Beijing will continue to pretend it is abiding by the agreement between presidents Obama and Xi to stop state-sponsored economic cybercrime.  And that could lead to heavy reciprocal penalties on US tech firms in China, such as Apple. The state-backed Global Times has already warned China will adopt a tit-for-tat approach if Trump plays it tough.

Silicon Valley scares

Trump’s election is also a disaster for Silicon Valley. The former reality TV star has expressed support in the past for the FBI’s stance in trying to force Apple into building a backdoor to unlock the San Bernardino shooter’s phone. He even called for a ban on Apple products in response to the firm’s refusal to do so. We can therefore expect more pressure on them to undermine encryption, which would be a disaster for businesses and consumers everywhere, as well as the American tech firms themselves.

As if that weren’t enough, he’s also a big fan of the Patriot Act and will inherit a fearsome surveillance apparatus from Obama. The Democrat is already being blamed for failing to overhaul the huge encroachment on civil liberties enacted by the Bush administration. Writing in the Guardian, Freedom of the Press Foundation executive director, Trevor Timm, had this:

“What horrors are in store for us during the reign of President Trump is anyone’s guess, but he will have all the tools at his disposal to wreak havoc on our rights here at home and countless lives of those abroad. We should have seen this coming, and we should have put in place the safeguards to limit the damage.”

Let’s hope he surprises us all.

 

Internet of DDoS: IoT Botnets Lend Urgency to Anti-DDoS Measures

Posted: September 29, 2016 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , , , , , | Leave a comment

cyber attackThe past few days have once again pushed that cybersecurity staple the DDoS attack (yawn) into the spotlight. First Brian Krebs suffered what was widely trailed as the ‘biggest attack ever’, topping out around 620Gbps, and then a French hoster claimed it was submerged by an attack topping 1Tbps. The interesting point of the second attack is that it’s said to have been carried out by an IoT botnet.

What does this mean for organisations across the globe? You’d better start budgeting for extra spending on DDoS mitigation services. I spoke to Arbor Networks principal engineer, Roland Dobbins, to find out more.

IoT botnets are nothing new, he claimed. In fact, they’ve been used to launch not only DDoS but send spam, launch MitM attacks and more for several years. Even as recently as August, experts reported an IoT botnet used to try and take organisations affiliated with the Rio Olympics offline prior to the Summer Games. Other examples include cyber extortionists trying to take gaming networks offline.

So exactly why are these embedded computing devices so attractive to cybercriminals?

“Because so many of these devices are shipped with insecure defaults, including default administrative credentials, open access to management systems via the internet-facing interfaces on these devices, and shipping with insecure, remotely exploitable code,” Dobbins told me by email.

“A large proportion of embedded systems are rarely if ever updated in order to patch against security vulnerabilities – indeed, many vendors of such devices do not provide security updates at all.”

Another problem is that IoT devices – which can range from webcams and DVRs to set-top boxes – aren’t typically things a user spends much time in front of, so it might not be obvious they’re being exploited, he said.

“There are tens of millions of vulnerable IoT devices, and their numbers are growing daily; they’re generally always turned on; they reside on networks which aren’t monitored for either incoming or outgoing attack traffic; and their networks where they’re deployed often are high-speed connections, which allows for a relatively high amount of DDoS attack traffic volume per compromised device,” explained Dobbins.

Fighting back

So what can be done to mitigate the risk to businesses?

Best practice includes hardening network infrastructure, improving visibility into traffic and having adequate DDoS mitigation capabilities – none of which is going to be cheap, unless you’re lucky like Krebs and get protected by Google’s Project Shield.

“In particular, ISP and MSSP network operators should ensure that they participate in the global operational community, so that they can both render assistance when other network operators come under high-volume DDoS attacks, as well as request assistance as circumstances warrant,” Dobbins told me.

It’s also important for operators to measure DDoS attack volumes against their baseline for normal traffic so as not to over or underestimate attacks.

“This is vital when determining which DDoS defence mechanisms and methodologies to employ during a given attack, as well as in providing accurate information to other network operators in the global operational community,” he concluded.

Stopping the attacks as they are fired out is all very well, but how about trying to shore up those pesky IoT devices which have become such a boon to cybercriminals? A new architectural approach has been proposed by a non-profit group known as the prpl Foundation. It suggests that a hardware-led approach is key to securing embedded computing devices. Its guidance document is a must-read for anyone interested in IoT security.

It sets out four key elements that are needed to improve IoT security:

Open source software which will improve the quality of code and increase the likelihood of timely security updates.

Interoperable standards to help to drive up the quality of engineering, especially in the connectivity layer which has frequently been exposed by researchers such as Miller and Valasek.

Secure boot based on a root of trust anchored in the silicon to prevent hackers from reflashing the firmware. This could have helped prevent the Ukrainian power outages of 2015 and potentially also SYNful Knock.

SoC virtualisation to containerise each software element running on the chip, keeping critical components safe, secure and isolated from the rest.

The prpl Foundation has already released its own hypervisor and other elements to make its Security Framework proposal a reality. But will the industry go for it?

Up until now the common perception has been that users prioritise usability and low cost over security. But according to a new report on the smart home by prpl, this isn’t the case. It polled 1,200 consumers across the globe and found that 60% thought the user should take control of securing the smart home. What’s more, a plurality (42%) claimed they would pay a premium for more secure devices.

So there it is IoT industry. Over to you.

The Singularity and the CIO: Discuss

Posted: August 26, 2016 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , | Leave a comment

terminatorSci-fi writers have been warning us about the coming of the singularity for a decade now. And while we’re some years away from having to contemplate such a future, AI, machine learning, big data and other technologies are developing at a pace which is already beginning to impact the global workforce.

I chatted to some experts on the subject for an upcoming feature to find out whether CIOs should be terrified or enthused by the prospect of robot workers.

The truth is that they’re already here, in many heavy industries like tech manufacturing. In May this year a local government official in the Chinese district of Kunshan announced contract manufacturing giant Foxconn was reducing “employee strength” from 110,000 to 50,000 workers, because of investments in robots. But what about when they spread into other industries? As far back as 2014, Gartner was predicting that as many as one in three jobs will be “converted to software, robots and smart machines by 2025” as software advances mean technology systems begin to replace cognitive tasks as well as factory jobs.

Meanwhile, a report from the Bank of England last year estimated up to 15 million UK jobs could be at risk of automation in the future. And a Deloitte/Oxford University study in January claimed 35% of today’s jobs have a “high chance” of being automated in the next 10-20 years.

For IHS Markit analyst, Wilmer Zhou, the coming robot hordes represent both a challenge and an opportunity to employers. Aside from manufacturing, he picked out several industries where jobs are potentially most at risk, including agriculture, logistics, and specialist domestic care. Most surprising for me was healthcare.

“It’s one of the industries with relatively high robot deployment such as surgical robots,” he told me via email. “IHS forecasts that robots in the medical industry will be one of the fastest growth sectors, with the decreasing of the average sale price of surgical robots and expansion of medical operation tasks.”

For CIOs looking to maximise the potential offered by these new automated workers, it will be important to create trust in the bots, argued Forrester principal analyst, Craig Le Clair.

“Cognitive systems can end up learning undesirable behavior from a weak training script or a bad customer experience. So build ‘airbags’ into the process,” he told me.

“Assess the level of trust required for your customer to release their financial details. Get compliance and legal colleagues on board as early as possible. Cognitive applications affect compliance in positive and negative ways. Be prepared to leverage the machines ability to explain recommendations in an understandable manner.”

Also important is to foster human and machine collaboration wherever possible, to reduce friction between the two.

“Rethink talent acquisition and your workplace vision,” Le Clair explained. “Some 78% of automation technologists foresee a mismatch of skill sets between today’s workers and the human/machine future, with the largest gaps in data, analytics, and cognitive skills.”

The bottom line is that robots and AI are here to stay. Whether they’ll have a net positive or negative impact on the workplace is up for discussion, but it may well hinge on how many so-called ‘higher value’ roles there are for humans to move into once they’ve been displaced by silicon.

Fear and Hacking in the South Cyber Sea

Posted: August 12, 2016 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , , , , , , | Leave a comment

south china sea mapThe South China Sea is an increasingly dangerous place to be in cyberspace. And as China is involved in territorial disputes over the area that bears its name with virtually all of its neighbours, there are no shortages of targets for its army of state-sponsored operatives.

F-Secure is the latest security vendor to confirm what most of us know already – that Chinese hackers, most likely working for the state, have been systematically stealing data from organisations with interests in the region for years now. It’s new report, NanHaiShu: RATing the South China Sea, details a new piece of information-stealing malware used in campaigns targeting government and private sector firms. Why? They were all involved, directly or indirectly, in a recent UN tribunal over ownership of a group of rocks in the South China Sea. Victims included the Department of Justice of the Philippines, the organisers of the Asia-Pacific Economic Cooperation (APEC) Summit and a major international law firm involved in the tribunal

F-Secure cyber security adviser, Erka Koivunen, told me he suspects a nation state was behind the attacks, although definitive attribution is always hard.

“Admittedly the malware itself may not be the most sophisticated piece of code there is. That doesn’t however mean that the operation wasn’t sophisticated,” he said via email. “The lack of zero-days and bleeding edge alien technology may admittedly seem a bit boring, but in fact is a sign of cold calculation and professionalism on the level of execution.”

This report is the latest of a long line of similar intelligence highlighting extensive cyber espionage in the region related to Beijing’s interests in the South China Sea and the rocks, reefs and islands that dot the landscape. Late last year a ThreatConnect report revealed an alleged PLA cyber espionage campaign dating back five years and targeting the Philippines, Singapore, Thailand, Vietnam and many others in the region. US interests have also been attacked.

William Glass, threat intelligence analyst at FireEye, believes this is just the beginning, as China begins to flex its muscles in the region.

“More recently, we have seen the list of targets expand to energy companies, legal firms, and even GitHub, targeted by China’s Great Cannon in March 2015,” he told me. “Beyond simply stealing information, Beijing has found there are benefits to using cyberspace to propagandise and attempt to influence behaviour.”

He claimed that the army’s new Strategic Support Force may see disputes in the area as the perfect opportunity to test its significant capabilities, which could range from range from “typical cyber espionage to learn of plans and intentions of commercial companies to efforts designed to influence companies’ decisions to invest or operate in the South China Sea.”

“Recently, the Chinese media has singled out Australia and Japan for particularly harsh criticism following the tribunal ruling,” Glass explained.

“It’s possible that China-based groups—with or without official government backing—will target Australian and Japanese commercial interests in retaliation for perceived interference or in an attempt to force Canberra and Tokyo to more carefully consider any follow-on action.”

For starters, firms working in the energy, logistics and shipping, and political and legal advocacy sectors in the region would do well to redouble their cyber security efforts. But the truth is that any organisation that deals with China or works in an industry where Chinese companies have interests – which is virtually every organisation – should consider the threat of state-sponsored attacks from the East. Yes, it’s more likely they’ll encounter ransomware than an info-stealing RAT guided by the PLA. But the threat is there, and as UK organisations increasingly look to the Middle Kingdom in this post-Brexit world, it’s one they should all take seriously.

Minecraft: Microsoft’s Best Ever Acquisition?

Posted: July 20, 2016 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , | Leave a comment

minecraft logoConfession time: I’m one of the few people on the planet who hasn’t played Minecraft yet. But researching the digital Lego phenomenon for an upcoming feature yielded some interesting analyst insights I thought I’d share.

Minecraft hit 100 million users recently – not bad for a title many thought Microsoft was a little ill-advised to pay $2.5bn for two years ago.

For IDC gaming research director, Lewis Ward, the purchase was made with one eye on showing off the Windows 10 OS – then in development.

“The ulterior motive was the idea of Windows 10-based Universal Apps, and this idea of Xbox Play Anywhere (XPA) games on Windows 10,” he told me. “Minecraft is a living example of how Microsoft’s new OS can support apps with the same codebase that works on multiple terminals, including PCs, game consoles and mobile devices. So it’s become Microsoft’s poster child in gaming for these types of apps and I think that was a big part of what led Microsoft to buy the company.”

There’s also plenty of debate at the moment about the future of Minecraft. Redmond recently signed a deal with Netease to license its mobile and PC versions, which could increase the game’s user base exponentially. There are also major opportunities in the AR and VR space. The synergies with Microsoft’s HoloLens AR platform and its ambitions in the education sector are obvious, according to Ward.

“If Lego helped me learn as a kid how to build stuff with others while having fun and being creative, and I remember playing with Lego all the time in first grade and crying when my parents forced me to sell my big bag of Lego around fourth grade, then Minecraft is the modern day equivalent and has a place in early education,” he argued.

“It’s a very accessible game and one that stresses the positive things in life; one that has truly universal appeal. I’m sure there are lots of great minds up in Redmond thinking about how the franchise can be used in certain vertical markets and business-centric scenarios.”

Microsoft released an Education Edition of the game earlier this year – a statement of intent if ever there was one. Minecrafters will be watching eagerly to see what it’s next play will be.

 

The British People Have Spoken … and That’s Bad News for Tech

Posted: July 15, 2016 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , , , , | Leave a comment

european unionIt’s hard to find an optimist in the cyber security industry in these post-referendum days. I spoke to a fair few for an upcoming feature for Infosecurity Magazine and the consensus seems to be that a Brexit will be bad for staffing, the digital economy and the financial stability of UK-based security vendors.

That’s not even to mention the legal and compliance implications. Chatham House associate fellow, Emily Taylor, recommended firms continue on the road to compliance with the European General Data Protection Regulation. Aside from the fact that any firms with EU customers will still need to comply with the far-reaching law, she reckons that if we want to protect the free flow of digital information between the EU and UK, we’ll need to continue following European laws in this area.

Snoopers gonna snoop

However, a Brexit would cause other problems, notably in that the current Snooper’s Charter looks like it will enshrine in legislation the principle of bulk surveillance – the very thing which effectively led to the scrapping of the Safe Harbour agreement between the US and EU. If this bill goes through as is and we go out of Europe but stay in the single market, we’ll have to change that bit, Taylor told me.

“A case brought by David Davis and Tom Watson questioning the legality of bulk surveillance powers under the old DRIPA laws is currently being considered by the CJEU,” she explained.

“It’s not clear which way the CJEU will go on this, because many member states have lined up to support the British approach. However, if CJEU follows its recent decisions, it could strike down bulk data collection. If we wanted to stay in the single market, we’d have to amend our IP Bill in response.”

Even if we broke away from Europe completely and adopted the status of a “third country” like the US, we’d still have to adopt measures “to give equivalent protection to EU citizens’ data as they enjoy within the EU,” she argued. And bulk surveillance would certainly be a no-no in this scenario.

The uncertainty – which could continue potentially for years while Brexit deals are worked out – is also viewed by many as damaging to the cyber security industry, and tech in general. Immigration lawyer and partner at MediVisas, Victoria Sharkey, claimed firms may be unwilling to employ skilled workers if there’s a chance they might have to leave in a couple of years’ time.

“This is certainly going to be the case where significant training and investment is involved,” she added.

In fact, EU nationals are apparently already packing their bags.

“I am already seeing EU nationals who have been here for years make plans to leave and either go home or go to another EU country.  They are worried for their jobs, are worried that they will be told to leave and so would rather leave on their own terms, and they are also being made to feel unwelcome,” Sharkey continued.

“I feel that when we do leave that it is going to become significantly harder for UK employers to encourage the best in their industry to come and work in the UK.”

This, for an industry which has always struggled with skills gaps and shortages, is potentially catastrophic.

Can we overcome?

Philip Letts, CEO of global enterprise services platform blur Group, has run businesses in Silicon Valley and the UK. He also pointed out the potential damage that political and financial uncertainty could have on the industry.

“The politicians are in unchartered territory. We don’t yet have a clear timetable for the triggering of Article 50, nor the trade deals that are going to have to be negotiated. There is a political vacuum. Business confidence is low and many will hunker down, try to avoid risk and wait for this to play out,” he told me.

“Globally, the US tech heavyweights will want to remain in the UK and the EU, and they will do both, operating across different European centres. But the EU market is more lucrative than the UK, so things may shift over time.”

So is the tech and cyber security sector really doomed? Not so, according to KPMG UK head of technology, Tudor Aw.

“I believe the resilient UK tech sector can withstand the challenges of Brexit and thrive,” he told me.

“Technology is increasingly a key sector that underpins all other sectors – whether it be back office systems or strategic enablers such as IoT and data analytics. Companies will need to invest in technology to drive efficiencies and strategic growth – one only has to look at developments across a diverse range of sectors such as healthcare, automotive, property, retail and the military to see that technology spend will only increase regardless of Brexit.”

It’s a moot point now, but I wonder how much better it could have thrived had we not voted out on 23 June.

China’s Censorship Supremo is Gone, But Little Will Change

Posted: July 8, 2016 | Author: | Filed under: Uncategorized | Tags: , , , , , , , , , , , , , , , , | Leave a comment

great wall chinaChina’s head honcho when it comes to censorship recently stepped down. This being China, no-one seems to know whether he was effectively sacked, or asked to move to a new bigger and better role. But what we do know is that things aren’t going to get any better for those inside the Great Firewall.

Over the past three years, Lu Wei has been a constant thorn in the side of rights groups, diplomats and Silicon Valley bosses. His aggressive defence of China’s sovereign right to do with its internet what it sees fit – most notably at the laughably titled World Internet Conference in Wuzhen – has been jarring at times. The Cyberspace Administration of China (CAC) he headed up also runs root CA and .cn operator the Chinese Internet Network Information Center (CNNIC). As such, it was blamed by Google last year for issuing unauthorized TLS certificates for several of its domains, which were subsequently used in man-in-the-middle (MITM) attacks.

Even more damning, the CAC was accused of launching Man in the Middle attacks on Outlook users last year in response to its migration to HTTPS, which the authorities can’t monitor. And then it was pegged for a DDoS attack on anti-censorship organisation Greatfire.org – a constant thorn in the side of the authorities in Beijing.

I spoke to Greatfire.org co-founder Charlie Smith about the reasons for and implications of Lu’s departure.

“If it ain’t broke, don’t fix it, right? We probably just had the quietest anniversary of Tiananmen [Square massacre] yet, in terms of online dissent and discussion. There is more censorship in general. Less circumvention because of a crackdown on VPNs. And fewer foreign companies are trying to challenge the status quo,” he told me via email.

“We know controlling the medium is pretty near the top of [president] Xi Jinping’s agenda. So why make a change now? The timing likely indicates that this was a planned and not a rash decision. There was no need to unsettle things before the 4 June anniversary and the change happens well before the next ‘World’ Internet Conference in Wuzhen.”

Smith went on to argue that, even though Lu presided over an unprecedented crack down on internet freedom – primarily through a new regulation banning the spread of “rumours” online – he didn’t go far enough.

“Lu was not perfect. As we have shown, it is impossible to completely block all information for those inside China,” Smith continued. “Maybe in this regard, Lu was being blamed and Xi decided he wanted somebody who can get the job done. Maybe Xi was upset about being ‘vilified as a murder suspect’ and could not comprehend why Lu Wei was unable to scrub information from the Chinese internet.”

Lu’s removal, if that is what it was, may also have been an attempt by Xi at curbing his growing influence – after all, propaganda is at the heart of the Party’s power and everyone inside knows it. His replacement, Xu Lin, is a Xi Jinping acolyte and one time deputy secretary of  Tibet’s Shigatse Prefecture who will certainly toe the presidential line.

As Smith put it, “if Xu Lin fails to quell ‘rumours and slander’ Xi does not have to second-guess whether or not Xu is doing everything within his power to stop these attacks.”

So what prospects for the future? Pretty grim if you’re inside China and are a fan of human rights and internet freedom.

Beijing was one of a few countries – Russia, India, Indonesia included – that voted against a non-binding resolution at the UN this week stating all individuals must be afforded the same rights online as offline and that the universal right to freedom of expression should be upheld online.

As Smith said, if Xu Lin “handles information control on the Chinese internet the same way the authorities handle information control in Tibet then the situation could even get worse.”

There is some hope for businesses and individuals which need to leap the Great Firewall.

Greatfire.org itself this week launched Circumvention Central, a new site designed to provide real-time info on which VPN is the best performing and most stable in your area.

The hope is that it will encourage greater use of VPNs and help developers improve their circumvention products, as well as provide a much needed additional source of revenue for Greatfire.

The concern is that if it gets popular enough, Beijing will do all it can to put it out of action.

Foxconn and the Bot Army Ready to Go to War with the UK Workforce

Posted: June 21, 2016 | Author: | Filed under: Uncategorized | Tags: , , , , , , , | Leave a comment

terminatorNews emerged a few days ago that Foxconn had effectively laid off 60,000 workers in China and replaced them with robots. “So what?” you might think. And to be honest, if it keeps the cost of our tech devices down, then good for Foxconn, right? Well, unfortunately it’s not that simple.

The changing dynamics of the Chinese labour market could have a profound effect on us here in the West, and even portend similar disruption to our own workforce in the not-too-distant future.

These stories have been doing the rounds for years because – well – contract manufacturers like Foxconn and others have been investing significant sums into robotics for years. Why?  The answer’s pretty simple, according to IHS analyst, Alex West.

“Robots don’t need to stop working, but they don’t get drowsy, distracted or depressed either, so quality and consistency of manufacturing is enhanced. With the developments in AI and predictive analytics, robots are also far less likely to get ‘sick’, reducing downtime,” he told me.

To that I’d add that they don’t go on strike, commit suicide or complain to the papers about poor working conditions – all problems Foxconn for one has encountered. But robots can also add value in other ways, such as helping firms win business from their rivals, according to West.

“Robots are evolving, becoming more intelligent as AI solutions help them to ‘learn’ on the job, but also becoming far easier to program and integrate on production lines,” he continued. “Collaborative robots are also making robotic solutions safer and easier to install without the additional safety concerns and equipment.”

There’s clearly a drive for this in China, the tech manufacturing centre of the world. The Chinese government has made investment in robotics a priority in its 13th Five-Year Plan, with IHS forecasting a 30% CAGR. But this threatens to create social instability as human workers are shelved in favour of machines. Foxconn and others claim bots are only used for repetitive tasks that humans don’t want anyway. But there’s no guarantee that there are enough skilled roles to fill the gap.

“Dull, repetitive jobs on the plant floor will be replaced by a range of higher-skilled positions such as robot/systems integrators, programmers, and data scientists supporting enhanced AI,” argued West.

“However, there will be less of these more advanced roles, and some of the type that existing workers will not have the skillsets to be able to transition to.”

This might seem a long way from the UK. But our workforce is also facing a robot invasion – not from these industrial bots, but service robots like Softbanks’ Pizza Hut-serving Pepper. In fact, a Deloitte study has claimed that 35% of UK jobs have a high chance of being automated in the next decade or two.

Robots still only account for 0.3% of all machinery produced in China last year, according to West, so there’s still a long way to go. But it’s probably time to start getting nervous in the UK.

← Older Entries
Newer Entries →