Archive for March 2016

Your Latest IT Newsletter

IT Contractors and Employers Face Government Tax “Disguised Employment” Clampdown

With the latest budget this week there is one piece of news for IT companies that is not going to be met with the joyous enthusiasm of an Apple product launch. In a bid to find £400 million it is reported that the Chancellor George Osborne will be turning the tax spotlight onto IT Contractors as part of what has been publicised as a wider move to close what has been seen in recent years as a tax loophole. This latest tax clampdown could in theory affect many freelancers.

The reported loophole that is about to be closed relates to those estimated 100,000 people in a variety of industries who have their salaries paid through what are known as ‘personal services companies’.

<More>

New ‘Outline’ Tool Speeds Up Google Docs Navigation

A recent IT World article has highlighted how the introduction of a new tool by Google could make life easier for those trying to navigate their way through a lengthy document in Google docs on the Web with a tablet and on Android.

One of the challenges for those of us who use Google’s online collaborative word processor ‘Google Docs’ is that navigation through documents, particularly lengthy ones, can be a slow process if its just a case of only being able to scroll through to find a specific section. The new ‘Outline’ tool from Google is designed to speed things up displaying a pane on the left hand side of the page that shows the features and headers of the document and allows you to jump quickly between each of the sections.

<More>

Concerns Over The Passing of New ‘Hacking on Demand’ Law

A recent article in Computer Weekly has highlighted how the Investigatory Powers Bill could see IT companies being forced by law to use hacking on demand to help the UK government with aspects surveillance or face serious criminal charges!
Most people in the UK would find it difficult to deny that we as a country face many different kinds of threats at home and worldwide. What is causing some surprise however is the extent, scope and potential impact of a new UK law that could grant the UK government unprecedented powers over IT Companies and their customers.

The Investigatory Powers Bill also known by its critics as “Snoopers’ Charter” is a new law that is has been introduced by the Home Secretary Theresa May. The government say that the legislation which will grant them an unprecedented amount of Internet surveillance powers will help them to fight terrorism, organised crime and paedophilia.

<More>

Concerns Over The Passing of New ‘Hacking on Demand’ Law

A recent article in Computer Weekly has highlighted how the Investigatory Powers Bill could see IT companies being forced by law to use hacking on demand to help the UK government with aspects surveillance or face serious criminal charges!
Most people in the UK would find it difficult to deny that we as a country face many different kinds of threats at home and worldwide. What is causing some surprise however is the extent, scope and potential impact of a new UK law that could grant the UK government unprecedented powers over IT Companies and their customers.

What Law?

The Investigatory Powers Bill also known by its critics as “Snoopers’ Charter” is a new law that is has been introduced by the Home Secretary Theresa May. The government say that the legislation which will grant them an unprecedented amount of Internet surveillance powers will help them to fight terrorism, organised crime and paedophilia. The new law which was passed on the 3rd attempt by the government to grant itself far reaching surveillance powers follows on from the rejected Communications Data Bill and the compromise version of the Data Retention and Investigatory Powers Act.
In the lead up to the law being passed in the House of Commons concerns had been expressed also that MPS were given only 2 weeks to read an additional 1,200 pages of accompanying documentation prior to having to vote on it

What Is The Problem?

Some of the main concerns that IT companies have with the legislation centre upon the fact that it could be used to force them to essentially hack on demand on behalf of the government. The legislation also includes some potentially serious penalties for individuals at IT companies who fail to co-operate with or disclose the fact that they have been given surveillance requests by the government. Some parts of the law that are causing concern among IT professionals include:

  • Any UK ICT business can be secretly forced to carry out equipment interference and make changes to their products and systems to allow security protection to be broken, and to allow their “bulk personal datasets” to be stolen and added to intelligence systems.
  • IT companies could be made to push malware code to devices e.g. disguised as fake updates.
  • Universities, schools and businesses could be served with hacking notices.
  • Simply disclosing the fact that you have received a notice by the government to act on their behalf in this way could result in maximum jail term of 5 years.
  • IT start-ups could be required to build in government hacking or interception systems from the start.
  • There may be no safeguards for companies or IT staff who take part in e.g. hacking or the planting of malware.

What Does This Mean For Your Business?

This could of course mean that, depending what kind or organisation you work for you could be asked to take part in hacking and surveillance activities. Your details could be collected covertly as part of this legally enforced surveillance, and you could be using IT products and software that could no longer be described as being completely secure. On the positive side of things, if the law is used well and successfully to counter e.g. terrorism and organised crime there could be wider benefits for all in our daily lives.

New ‘Outline’ Tool Speeds Up Google Docs Navigation

A recent IT World article has highlighted how the introduction of a new tool by Google could make life easier for those trying to navigate their way through a lengthy document in Google docs on the Web with a tablet and on Android.

The Outline Tool

One of the challenges for those of us who use Google’s online collaborative word processor ‘Google Docs’ is that navigation through documents, particularly lengthy ones, can be a slow process if its just a case of only being able to scroll through to find a specific section. The new ‘Outline’ tool from Google is designed to speed things up displaying a pane on the left hand side of the page that shows the features and headers of the document and allows you to jump quickly between each of the sections. To enable the tool to work for you even if you don’t have headers in your document, the Outline tool will intelligently set up headers for you to allow quicker navigation, and it will give you the option of removing these headers afterwards.

‘Handle’ For Android Phone and Tablet

For those using an Android phone or tablet to navigate their Google Docs document the Outline tool will display a small semi-circle-shaped navigation handle on the screen which allows you to move quickly between the various sections without having to rely on the normal ‘swiping’ means of navigation.

How To Access The New Feature

To load the new Outline Tool when using Google Docs click on Tools > Document Outline while in Docs on your computer or, if using Android select Document outline from the overflow menu.

For those who don’t want to wait for the update to be rolled out via the Google Play Store the android changes are available now on APK Mirror.

What Does This Mean For Your Business?

For those of us who need to store, share and collaborate on documents via the trusted Google Docs system this can only make life easier by saving time and reducing frustration and hassle. This saved time could ultimately translate into saved costs for your business, including opportunity cost savings. For Google this is in essence a change that could aid customer retention, increase the perceived value, and extend the lifecycle of the Google Docs service, thus helping it to compete with other collaborative working systems. It may be relatively small but helpful changes like these that help business customers to stay close to Google and could translate into the uptake of paid-for services as all of Google becomes amore monetised over time.

IT Contractors and Employers Face Government Tax “Disguised Employment” Clampdown

With the latest budget this week there is one piece of news for IT companies that is not going to be met with the joyous enthusiasm of an Apple product launch. In a bid to find £400 million it is reported that the Chancellor George Osborne will be turning the tax spotlight onto IT Contractors as part of what has been publicised as a wider move to close what has been seen in recent years as a tax loophole. This latest tax clampdown could in theory affect many freelancers.

What Loophole?

The reported loophole that is about to be closed relates to those estimated 100,000 people in a variety of industries who have their salaries paid through what are known as ‘personal services companies’. These are essentially limited companies that contract workers can use, one of the benefits being they cut their income tax and National Insurance bills. Although the use of personal services companies may have been intended to help temporary workers and those on short-term contracts, critics have highlighted how the practice could be a way ain which long-term workers for an organisation and the organisation itself can lower tax and costs.

The Chancellor’s reported justification for clamping down on this rests on fairness i.e. whether it is fair that 2 people who work alongside each other should be paying different rates of tax because one is paying more tax by being officially ‘on the books’, while another is paying less tax by using the personal services company route.

Not New

The desire by government to get more contributions from those being paid this way dates back as far as 1999 when Chancellor Gordon Brown introduced IR35 tax legislation to tax what has been described as “disguised employment” at a rate similar to actual employment.

In the light of the Chancellor being faced with lower economic growth than expected that produced an £18 billion black hole in the public finances that needs to be filled, and with the doors closing on some of the planned ways to raise money e.g. not being able now to draw upon the £34billion pot of tax relief for pensions savings, the Chancellor is now being forced to look elsewhere.

Losing Out On Other Benefits

Those contractors, including those in the IT sector who are once again finding themselves at risk of higher tax bills argue that although they pay less tax using personal services companies they don’t receive other benefits that full time employees receive such as Holiday Pay.

What Does This Mean For Your Business?

If the Chancellor’s plans go ahead as expected, as an employer the onus will be on you to determine whether those working for you are full time employees and to put them on the payroll accordingly. If you are a contractor this could cause complications in your relationship with that employer who may be reluctant to suddenly take more people onto the books, thus increasing that employer’s costs and responsibilities. If / when you are taken on as a full time employee it could mean that you will end up having to pay more tax than when you were a contractor, but also receive the benefit of things like Holiday Pay.

Your Latest IT Newsletter

Big Changes on Google’s Desktop SERPs Layout Prompts Concern and Speculation

The familiar text Adwords adverts have been moved from the prominence of the right hand side of the results page. They now fit almost discreetly in-line with the vertical list of results on the left hand side of the page, topping and tailing them with up to 4 adverts at the top and 3 on the bottom.

With speculation rife about the possible affects on our business websites and with mumblings about the boldness of Google’s apparent next big step to steering us all towards paid for services, a recent Search Engine Land article by Columnist Larry Kim gave us a good idea of who the likely losers and winners will be, and why now is not the time to panic.

<More>

Apple Mac Users Hit By Malware

There is a first time for everything, and for some Apple Mac owners, becoming the victim of a cyber attack that has allowed Malware known as ‘ransomeware’ to infect their beloved computers, this is a particularly unpleasant and unexpected first.

What Happened?

The extent of the spread of the malware among Apple Mac users is not yet known but the malicious program is thought to have been hidden in the client of a popular program that is used to download and share music and movie files. The malicious software, dubbed “KeRanger” by the researchers from Palo

Alto Networks who discovered its presence was hidden in an open source version of a BitTorrent client called ‘Transmission’ which could be downloaded from the Transmission website.

<More>

No Escape From EU Data Protection Rules With Brexit

Whatever you base your personal views on with regards to staying in or leaving the EU, a recent Computer Weekly article highlighted the inescapable fact that whether the UK stays in or leaves the EU, the new European General Data Protection Regulation (GDPR) will still apply to UK companies dealing with the EU.

GDPR will affect any businesses offering a service to the EU market regardless of where in the world your data is stored or processed i.e. it is about whether you have data that is about EU individuals or data that could identify individuals who find themselves in the EU.

<More>

BBC Reporter Demonstrates Ease of Hacking Bank Account

A reporter working as part of a popular BBC Radio 4 programme has caused a HSBC bank to issue a security warning to its customers after the reporter was able to hack in to the programme producer’s bank account and take money from it.

The widely reported hack was intended to demonstrate how mobile-based password resets can still be used with relative ease by fraudsters to commit cyber crime despite bank security measures being in place.

<More>

Email Pioneer Ray Tomlinson Dies

The sad news on 5th March for those familiar with the history of the Internet was of the death of the email pioneer Ray Tomlinson aged 74.

According to radicati.com around 200 billion emails are sent every day, and although Ray Tomlinson did not actually invent electronic mail, he was the person who was able to transmit the first message between terminals attached to separate CPUs (central processing units).

<More>

Email Pioneer Ray Tomlinson Dies

The sad news on 5th March for those familiar with the history of the Internet was of the death of the email pioneer Ray Tomlinson aged 74.

It is worth pondering for a moment just some of the ways in which the invention and widescale facilitation of the use of email has revolutionised how we are able to communicate with each other in terms of:

  • Scope – text and attachments (of many different kinds).
  • Scale – multiple recipients at once.
  • Speed – (almost) instantaneous wherever the recipient is in the world.
  • Cost – the huge cost savings compared to ‘snail mail’ for example.
  • Convenience – we can send emails from wherever we have an Internet connection, from our desktop at home to our multiple mobile devices.

According to radicati.com around 200 billion emails are sent every day, and although Ray Tomlinson did not actually invent electronic mail, he was the person who was able to transmit the first message between terminals attached to separate CPUs (central processing units).

Although Mr Tomlinson had not specifically been asked to create such a system, the fact that he did so and therefore affected so many lives since the later 20th century makes his contribution to our home and work lives incredibly important and significant.

Early ‘Forgettable’ Efforts

The first emails sent by Mr Tomlinson in late 1971 were of course sent by himself to himself on computers that were side by side connected by the Advanced Research Projects Agency Network (Arpanet). This was the early version of today’s Internet, and as such was the first packet switching network that used the protocol suite TCP/IP.

Mr Tomlinson’s own comment about the content of the very first emails that he sent in this way was that it was “entirely forgettable” but most likely to have been “QWERTYUIOP or something similar”.

The @ Symbol

For many people, aside from the simple genius of the email system itself, a talking point has been the introduction of the @ symbol to popular language. Whereas the ‘at’ symbol had previously been used in the Spanish and Portuguese languages to abbreviate a indicate a unit of weight of 11 kg (an “arroba”) and in English to indicate a quantity of things at a particular price e.g. 5 things @ £2 each, Tomlinson’s use was or course different. He used it to indicate that a user was “at” some other host rather than being local i.e. it was used to separate a user’s login name from the host computer’s name.

What Does This Mean For Businesses?

Although many of us have used Web / WiFi based communications system such as Skype, instant messaging, Snapchat, Facetime, Facebook messages and posts, Twitter Tweets, and systems like Slack (instant internal messaging), e-mail is an enduring and still vitally important aspect of most businesses.

Our email is a familiar base. It’s a filing and storage system as well as a communication method. It is an ideal medium for business that now has the same clout and significance that handwritten communication had before it. It may have had its challenges (reducing junk mail and spam) but all the signs are that the system that Ray Tomlinson developed isn’t going anywhere soon.

BBC Reporter Demonstrates Ease of Hacking Bank Account

A reporter working as part of a popular BBC Radio 4 programme has caused a HSBC bank to issue a security warning to its customers after the reporter was able to hack in to the programme producer’s bank account and take money from it.

The widely reported hack was intended to demonstrate how mobile-based password resets can still be used with relative ease by fraudsters to commit cyber crime despite bank security measures being in place.

How Did They Do It?

A recent Computer Weekly article highlighted how the reporter found a way in to the account by contacting the ‘You and Yours’ programme Producer’s mobile phone provider and telling them they wanted to swap similar SIM cards.

The SIM swap service is a genuine service that allows customers to keep their phone number but to swap SIMs and phone providers. In this case however the SIM swap was used to take advantage of the two factor authentication of customer identities whereby banks often use the mobile phone number they have for the customer as part of that authentication. Customers wanting to reset their login are sent a code by text to the number that the bank has on file.

This allows the recipient of the text to get into the online account in order to re-set the login details. Since the SIM associated with the account had already been changed by the reporter, they were able to use the code to get in to the Producer’s account. This method also meant that the reporter was able to circumvent the usual secondary security checks such as answering questions about mother’s maiden name, pet names, first school etc.

Once in the account the reporter was able to change the PIN and actually transfer money (only £1.50 in this case) from the Producer’s account into their own account.

Warning Issued As A Result

As a result of the reporter’s actions and the impending publicity that they would cause, HSBC issued a statement to customers explaining what the “increasingly common” SIM swap is, and how it can be used by fraudsters and 3rd parties for dishonest means by giving them the ability to use your mobile phone number to receive and make calls, receive and send text messages, and use any provisioned data allowance.

What Does This Mean For Businesses?

As well as making you want to examine areas where this type of fraud could possibly be conducted against your business, and making yourself aware of the possible signs of SIM card fraud e.g. suddenly not being able to make or receive calls or texts on a business phone, it may also make you feel as though you could have cause for concern about the security of your business bank account.

Some banks and credit card companies however such as HSBC and Mastercard have already started, or are about to start using Biometrics for authentication / verification. This will take the form of fingerprints and even ‘selfies’ taken using special phone apps, and these methods are thought to be a much better safeguard than passwords, or as in this case, checks based on details that can be swapped at the other end.

No Escape From EU Data Protection Rules With Brexit

Whatever you base your personal views on with regards to staying in or leaving the EU, a recent Computer Weekly article highlighted the inescapable fact that whether the UK stays in or leaves the EU, the new European General Data Protection Regulation (GDPR) will still apply to UK companies dealing with the EU.

GDPR will affect any businesses offering a service to the EU market regardless of where in the world your data is stored or processed i.e. it is about whether you have data that is about EU individuals or data that could identify individuals who find themselves in the EU.

The New Regulation

The Network and Information Security Directive (NISD) is due to come into force this year closely followed by the General Data Protection Regulation (GDPR) in 2018. The much publicised GDPR is intended to provide a European data privacy law that keeps more up to date with the rapid changes of the digital age than the existing UK Data Protection Act 1998 and the EU Data Protection Directive (Directive 95/46/EC), established in 1995.

The GDPR will place a number of obligations upon organisations to fulfil a number of rights under the far reaching regulations.

These include:

  • Being accountable by demonstrating compliance with DP requirements through adopting and implementing policies and procedures such as Privacy Impact Assessments, designing privacy in e.g. by using encryption to protect personal data, and keeping records of personal data use within an organisation.
  • Allowing individuals the “right to be forgotten” (the right to erasure) by erasing all of an individual’s personal data asap on request.
  • Restrictions on profiling of individuals e.g. the right for an individual not to be subject to a decision based on automated profiling. Individuals for example could currently be evaluated / profiled based on work performance, behaviour health or location.
  • Making sure that an individual’s data is freely given, requested in clear and plain language, and allowing individuals to see a copy of the data you hold about them.
  • Reporting any serious data breaches to the Information Commissioner’s Office (UK, mandatory) within 72 hours.

What Does All This Mean For Your Business?

Clearly, a popular suggestion that simply gambling on Brexit is a viable strategy for avoiding getting to grips with the regulations or implementing some significant changes in data security is wrong.

Some of the implications of the changes for your business could be:

  • The costs and complication of ensuring compliance.
  • The challenge of actually being able to delete all data about an individual in a digital age where this is becoming more and more difficult.
  • Possible negative impacts on your business if you use data analytics, credit scoring and employee monitoring because of the need to comply with the profiling regulations.
  • The possibility of receiving significant fines if you don’t report data breaches quickly enough plus the cost and time spent trying to minimise the risks of data breaches and planning for how one could be dealt with.
  • The need for business leaders to quickly learn more about what kinds of cyber security risks they could be facing.
  • The possible damage to more company reputations as they are forced to report all breaches, and the risk of even more serious damage if news of an attack is not publicly handled well by the company.

Apple Mac Users Hit By Malware

There is a first time for everything, and for some Apple Mac owners, becoming the victim of a cyber attack that has allowed Malware known as ‘ransomeware’ to infect their beloved computers, this is a particularly unpleasant and unexpected first.

What Happened?

The extent of the spread of the malware among Apple Mac users is not yet known but the malicious program is thought to have been hidden in the client of a popular program that is used to download and share music and movie files. The malicious software, dubbed “KeRanger” by the researchers from Palo Alto Networks who discovered its presence was hidden in an open source version of a BitTorrent client called ‘Transmission’ which could be downloaded from the Transmission website.

What Does It Do?

This type of ‘ransomware’ is one of the fastest growing kinds of malware programs.

Once a computer is infected with it, the program encrypts data on that computer, effectively locking the encrypted computer files away from user. The next step is to ask for a fee from the user in exchange for a software key that can release those files – hence the ‘ransome’. The perpetrators typically ask for payment using digital currencies because they are harder to trace back.

In the case of KeRanger it is reported to have been designed to encrypt files on an infected Mac 3 days after the original infection, thereby causing maximum disruption to the efforts of those trying to stop it from spreading.

The Reaction

The reaction from Apple upon being informed of the presence of KeRanger in Transmission was to stop any further spread by quickly preventing Transmission from being installed on any more computers by revoking the developers’ certificate. The developers at Transmission then released a new, clean version of the software, and placed a notice on their website requesting customers to upgrade immediately.

Why Such A Shock?

The reality of cyber crime is that nothing appears to be completely safe and if the motivation is strong for the criminals and if the challenge is tempting enough, a committed cyber criminal can usually summon up the creativity to find a way.

Recent high profile cyber crime victims e.g. TalkTalk and JD Wetherspoon mean that we should not really be surprised by the latest cyber crime report. The shock with the Apple attack however is that Apple’s Mac operating system the Mac OS X is considered to be very secure, and this kind of ransome malware infection is a first for Apple. The fact that Apple Macs have kept such an unblemished record so far could in itself have provided some of the motivation for this attack.

What Does This Mean For Your Business?

In the broadest sense this should act as a warning to all businesses that we are all at risk of cyber attack, and that taking as many precautions as you can now is a way to at least act as a deterrent, and is the only real way to reduce the risk.

In relation to this malware attack on Apple, if your business has Apple Macs and if Transmission has been / is being used, sites like Macworld give advice on how to remove the KeRanger malware here: http://www.macworld.co.uk/how-to/mac-software/how-remove-mac-malware-for-free-viruses-keranger-3594625/

You can also find answers on the Apple Discussions thread here https://discussions.apple.com/thread/7485717 including information about how you can download and install Transmission v2.92 from the developer.

Big Changes on Google’s Desktop SERPs Layout Prompts Concern and Speculation

Change is afoot in Google’s search engine rankings for those using a desktop computer.

The familiar text Adwords adverts have been moved from the prominence of the right hand side of the results page. They now fit almost discreetly in-line with the vertical list of results on the left hand side of the page, topping and tailing them with up to 4 adverts at the top and 3 on the bottom.

With speculation rife about the possible affects on our business websites and with mumblings about the boldness of Google’s apparent next big step to steering us all towards paid for services, a recent Search Engine Land article by Columnist Larry Kim gave us a good idea of who the likely losers and winners will be, and why now is not the time to panic.

Change as Usual

The article reminded us that constant change is normal for Google and that we are probably all well used to the many less painful 500 or so tweaks per year punctuated by the occasional seismic shifts (algorithm changes like Penguin, Pigeon, Panda and Mobilegeddon) that may be bad news for some and good news for others.

Why This Change?

The current change is simply the latest step in a gradual strategy that dates back 6 years. It was first noticeable when Google started putting 4 adverts above the organic search engine results for mortgage-related queries.

This became 4 adverts for other kinds of queries and a removal of right hand side adverts last year, and now we see  4 adverts at the top for “highly commercial queries” i.e. those that show intent to purchase, and an almost disconcertingly blank right hand side of the page. This latest change is being rolled out worldwide on Google.com and search partners.

Putting The Change in Context

To help put the change in context, it only affects desktop searches and thanks to our love of mobile devices, desktop searches now account for less than half of all searches. Combine this with the fact that 3 Adwords Adverts will be shown at the bottom of each SERP (along with up to 4 at the top) and estimates of the number of total search queries affected by the change as being probably less than 7%.

Any Other Changes?

For desktop Google searches, as well as those changes already mentioned the maximum number of text adverts than can appear on a search engine results page (SERP) will go down from 11 to 7, and Product listing ad blocks and Knowledge Panels will be displayed on the right hand side for some queries.

Who Look Like Being The Winners?

The short answer of who will be the real winners is Google, PPC marketers, those businesses whose advert is in the top 4, and specifically the advertiser who gets position 3 at the top.

It’s early days of course but search engine experts have already been monitoring and studying the early affects of the change on search engine results and user clicks.

We know thanks to Alistair Dent’s study of iProspect UK clients, adverts in the top positions get 14 times higher click-through rates than those on the right hand side.

What is particularly interesting though is that according to data from Wordstream, those whose PPC advert is at position 3 of the 4 positions at the top of a SERP could see anything up to a 15% increase in click through rates!

Those with Product Listing Ads (PLAs) could also benefit from the lack of text adverts on the right hand side.

Who Look Like Being The Losers?

The short answer here appears to be losses for those with high organic search rankings, and (according to Wordstream data) those PPC advertisers with ads in positions 5 to 11.

Those who have been relying heavily on high rankings in the Google organic / natural listings have become used to being pushed down the page and crowded out with the noise of adverts on the side, so this change marks another in as series of losses for them.

This change looks set to shunt them even further ‘below the fold’ where we know searchers are less likely to focus their attention, and are therefore less likely to click. From a visual point of view the adverts now appear to blend in more with the organic search engine results. This apparent lessening of the difference between the two can only be bad news for those who rely heavily on their organic listings.

Ads in positions 5 to 11 have so far been shown to be receiving less impressions and a lower share of all paid clicks.

What Does This Mean For Your Business?

Apart from some initial worry and mild panic about the news of the change, it is unlikely to have a dramatic change on your traffic right now because it only affects desktop searches. It does however mean another turn of the screw to motivate businesses to invest more in PPC on Google, and possibly to feel pressure to spend more to get the top spots. It could also mean that you should give more serious consideration to other or additional paid for advertising channels e.g. Facebook.

Keeping a close eye on the stats is advisable in the short term to see just how much of an affect it is having on your particular business.