Archive for August 2016

Your Latest IT Newsletter

Google Algorithm Change Means Lower Ranking For Pop-Up Ad Pages.

In Google’s latest publicly announced algorithm change it has chosen to start punishing web pages on mobile search results with lower rankings if they have pop-up adverts on them.

<More>

Huge Rise in Ransomware and Whaling Says Report.

The latest report from security firm Trend Micro has shown that 2 types of cyber crime, ransonware and whaling, showed big increases over the first half of 2016 to the point where ransomware is now regarded as a ‘prevalent and pervasive threat’.

<More>

Warnings of Possible Lawsuits for Businesses When GDPR Comes Into Force.

In May 2018 the EU’s General Data Protection Regulation (GDPR) is due to come into force and some security experts are warning that this could bring with it the possibility of litigation from multiple sources for UK companies.

<More>

Website Security Scanning For Free From Mozilla.

Mozilla has built a free online scanner that can check whether your web servers have the right level of security in place. The tool was built by Mozilla security engineer April King and the company has now decided put the scanning tool online as a free resource for developers, system administrators, and security professionals to help configure their sites safely and securely.

<More>

Tech Tip – Printing Photos.

When it comes to printing photos or documents with photos in them on your inkjet printer have you ever wondered why the colours in the printed photos don’t match those on the screen?

<More>

Tech Tip – Printing Photos

When it comes to printing photos or documents with photos in on your inkjet printer have you ever wondered why the colours in the printed photos don’t match those on the screen?

If you want to improve the appearance of photos for printing try converting them to CMYK instead of RGB. This will give a better colour description to your printer. Your photo editing software should give you the option to convert to CMYK.

Website Security Scanning For Free From Mozilla.

Mozilla has built a free online scanner that can check whether your web servers have the right level of security in place.

Why Build It?

Here in the UK we know only too well about the dangers we face from cyber crime. According to Symantec’s figures the UK is now the most targeted nation in the world for spear phishing attacks and social media scams, and ranks second only to Germany for ransomware attacks.

Akamai figures show also that there was a huge increase in the first quarter of 2016 in distributed denial-of-service (DDoS) attacks. These attacks frequently overwhelm web servers and consequently bring down business websites.

With these kinds of threats in mind Mozilla built a scanning tool called Observatory for in-house use to help with its own security. The tool was built by Mozilla security engineer April King and the company has now decided put the scanning tool online as a free resource for developers, system administrators, and security professionals to help configure their sites safely and securely.

How Can You Use It?

To use the tool go to https://observatory.mozilla.org/ and type in the domain name of the website you would like to scan. The scanner gives your website a score from 0 to 130 depending of how well defensive security technologies have been configured and implemented on the web server. Some aspects of your security are awarded +5 or +10 points for going above and beyond the call of duty in defending your website.

The results of the Observatory test are presented in a user-friendly way and they link back to Mozilla’s web security guidelines. These have descriptions and implementation examples thus allowing website administrators to more easily understand the issues detected during the scan, and to be able to prioritize them.

What Sort of Things Does It Check For?

Mozilla says that Observatory checks for the presence of preventative measures against cross-site scripting attacks, man-in-the-middle attacks, cross-domain information leakage, cookie compromise, content delivery network compromise, and improperly issued certificates.

What Doesn’t It Check For?

Observatory does not scan for any vulnerability in the website code as there are already a large number of free tools available for that purpose.

What Does This Mean For Your Business?

Your business website administrator now has an extra free tool available to them which can help in the fight against cyber crime. This tool can not only offer real world defence tips and highlight potentially costly vulnerabilities, but it can also help developers and operators to become more familiar with the kinds of defensive security standards that are necessary today.

Huge Rise in Ransomware and Whaling Says Report.

The latest report from security firm Trend Micro has shown that 2 types of cyber crime, ransonware and whaling, showed big increases over the first half of 2016 to the point where ransomware is now regarded as a ‘prevalent and pervasive threat’.

What are Ransomware and Whaling?

Ransomware is a form of malware that typically encrypts the important files on your computer and you are then given a ransom demand, the payment of which should mean that your encrypted files can be released. In reality some types of ransomware deletes many important files anyway, and paying the ransom does not guarantee that you will get access to your files back.

Whaling is also known as business email compromise (BEC) and CEO fraud. This is a type of crime whereby business email accounts are compromised so that funds can be transferred out of the business. It typically involves criminals impersonating people who have access to the company’s finances. These criminals also pretend to be someone in authority in the company such as a Chief Executive or Director in order to manipulate a staff member into transferring funds.

Big Ransomware Rise Shown in Report

The Trend Micro report shows that that the occurrence of ransomware was up by 172%, in the first half of 2016 compared with the whole of 2015. The report also identified 79 new ransomware families in the first six months of this year, with 58% of the attacks being launched via attachments in spam emails.

Ransomware is designed to attack all levels of a network and can effectively cripple an organisation. Examples of ransomware families that were prevalent in the first half of the year include Crypsam, Zcrypt, CrypJoker, Crypradam and Powerware.

UK Second on Most Whaling Attacks List

Although most whaling attacks occur in the U.S., the UK is now second on the list, followed by Hong Kong, Japan and Brazil. The Trend Micro report shows that the most targeted person in a company for whaling attacks in the first half of 2016 was the financial officer and their email account.

Why The Big Rise?

Cyber criminals are becoming more skilled and sophisticated, and they are now flexible enough to be able to alter the types of attack that they use so that an organisation can be attacked from multiple angles and at different levels.

What Does This Mean For Your Business?

In order to provide maximum protection against more prevalent and varied threats businesses should now adopt multi-layered security solutions. Businesses should accept that there is a real likelihood that they will be targeted and therefore prepare for this by implementing the most up to date security solutions, virtual patching, and education of employees in order to mitigate risks from as many angles as possible.

Warnings of Possible Lawsuits for Businesses When GDPR Comes Into Force.

In May 2018 the EU’s General Data Protection Regulation (GDPR) is due to come into force and some security experts are warning that this could bring with it the possibility of litigation from multiple sources for UK companies.

Why?

Some security experts believe that as soon as GDPR comes into force companies will face a large number of access, portability and right to be forgotten requests. When the Freedom of information Act (FOIA) came into force in the UK in January 2005 for example there were over a million information requests in the UK.

It may be reasonable therefore to assume that GDPR could prompt a larger number of requests on its introduction. These requests could come from privacy advocates, consumers and members of the media. If companies are not fully prepared for GDPR and fail to respond quickly enough or in a satisfactory way, these people could complain to the regulator.

Profiling could also be one of the areas that could attract litigation. Profiling as described in GDPR is “any form of automated processing of personal data consisting of using those data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.”

One of the dangers of this aspect of GDPR from a business point of view is that it is clearly complex and could therefore leave a company open to lawsuits if the subject is not fully addressed prior to the introduction of GDPR.

No Idea What To Do?

A recent survey by PwC for example showed that 98% of organisations have no idea what they are going to do to ensure they are GDPR compliant.

The Legal Profession Gearing Up

Some security commentators have also pointed out that the legal profession is already preparing itself for the introduction of GDPR in terms of how to build a market for litigation as well as ensuring that they fully understand the many different aspects of the Regulation and its implications.

What Does This Mean For Your Business?

In short, preparation is the key to protecting your business. Your organisation, right from the boardroom down should be fully aware of what GDPR means, and how your business practices and data security will need to be changed to ensure compliance.

Ensuring that your company’s profiling activities are not likely to leave you open to ‘data subject consent’ problems will be important. Profiling activities each need to be the subject of your own mini privacy impact assessment (PIA) to make sure that they fall under GDPR. If they don’t and can’t be modified, then there is an argument that they are not essential to the business.

Fewer profiling processes can mean that your company’s risk is easier to understand. Profiling should also be clearly described in your privacy notices.

Other preparations that your business could make to avoid litigation over GDPR include amending contracts or building consent mechanisms, and putting technologies and processes in place for dealing with objections to profiling and for responding to data subject access requests.

Google Algorithm Change Means Lower Ranking For Pop-Up Ad Pages.

In Google’s latest publicly announced algorithm change it has chosen to start punishing web pages on mobile search results with lower rankings if they have pop-up adverts on them.

Why?

From a user’s point of view web pages with text content on them that doesn’t require zooming on a mobile device is a good thing, and pop up adverts (also known as or interstitials) that obscure this content are the stated target of this algorithm change. Google argues that a user’s experience of such pages will poorer and that pop-ups cause problems on mobile devices where screens are smaller.

Some IT commentators however have also noted that another possible reason for this change could be that there will be one less reason to use ad-blockers or to search within apps instead. Ad blockers for example are used on 200 million peoples’ computers and it is estimated that they are now preventing advertising worth billions in revenue from being seen. Google makes money of course from advertising / placing advertising on the mobile web.

What Kind of Pop-Ups Will be Punished?

Google’s blog states that from 10th January 2017 the algorithm change will be start to affect the rankings of web pages where:

  1. The pop-up adverts cover the main content of the web page that the user has clicked on.
  2. A standalone / intermediary web page (advert page) is displayed that the user has to dismiss before they are able to reach the content they wanted.
  3. The advert takes up the whole of the above-the-fold area of the page so that the user has to scroll down to find the content that they wanted to see.

Examples of Responsible Use

To clarify the situation the Google Blog also gives examples of the kinds of advertising / interstitial techniques that will not be affected by this latest algorithm change. These include:

  • Interstitials that are used in order to comply with legal obligations such as cookie warnings or age warnings.
  • Login dialogs where the content isn’t publicly indexable e.g. email or unindexable content behind a paywall.
  • Banner ads that only take up a ‘reasonable’ amount of space and can be easily be dismissed by the user.

What Does This Mean For Your Business?

If you advertise online for mobiles you will need to make sure that your ads and your web pages with adverts on them comply with Google’s new algorithm in order to retain rankings. Failing to do so could of course mean lost / reduced traffic and revenue. There is at least some time until the algorithm comes into force in January to ensure compliance.

Your Latest Newsletter

Uber & Volvo To Provide Robot Taxis.

People in Pittsburgh (U.S) will very soon have the opportunity to be picked up by autonomous ‘robot’ vehicles as a result of a new project involving mainly Volvo and some Ford cars.

For many people, the thought of ordering a taxi-style service in the normal way but ending up being the guinea pig in a real life road test of a driverless car sounds more than a little daunting, but for Pittsburgh’s Uber customers this could soon be their reality.

<More>

Slow Websites Stall Retailer Profits.

Research has shown that load times for shopping websites around the world has been getting longer over the past year and that potential customers have been lost as a result.

Where?

Dynatrace research has shown that despite a general increase in connectivity, retail websites globally have been loading more slowly. Australian websites, for example, have increased their load times by nearly 3 seconds from 2015 and now take an average of 8.2 seconds to load.

<More>

Windows 10 Update Kills Webcams.

The upgrades and updates for Windows 10 have certainly not been without their problems or critics, and it appears that the latest update has stopped many popular webcams from working.

What Update?

Update / version 1607 also know as the Anniversary Update because it was the first anniversary of the release of Windows 10 earlier this month is one of a series of frequent installations of feature updates that are now needed as part of the ‘Windows as a Service’ model.

<More>

Tech Tip : Connecting Your Laptop to Your TV.

If you have a HDMI port of your computer and an HDTV, you can connect the pair using a HDMI cable and you can then use the TV as a monitor. Using a slim HDMI cable can make things easier if you regularly travel and want to plug in to the HDMI port on hotel TVs.

<More>

Tech Tip – Connecting Your Laptop to Your TV.

If you have a HDMI port of your computer and an HDTV, you can connect the pair using a HDMI cable and you can then use the TV as a monitor. Using a slim HDMI cable can make things easier if you regularly travel and want to plug in to the HDMI port on hotel TVs.

It’s easy to set up:

  • Plug the cable into the HDMI port on your laptop and plug the other end of the cable into the specified HDMI port on the TV.
  • Turn the TV on and use the INPUT button on the TV / TV remote to select the matching input (it could be blank).
  • With Windows, configure Your PC to Use HDMI* by going to ‘Control Panel’, ‘Adjust screen resolution’. Click on the 2nd monitor and select “Extend the desktop onto this monitor” and click “Apply.
  • Adjust the screen resolution so that the Windows desktop background shown on the TV screen is big enough, un-mute the sound and you’re ready to go.

Uber & Volvo To Provide Robot Taxis.

People in Pittsburgh(U.S) will very soon have the opportunity to be picked up by autonomous ‘robot’ vehicles as a result of a new project involving mainly Volvo and some Ford cars.

Order as Normal – Rewarded With a Free Ride.

For many people, the thought of ordering a taxi-style service in the normal way but ending up being the guinea pig in a real life road test of a driverless car sounds more than a little daunting, but for Pittsburgh’s Uber customers this could soon be their reality.

The scheme, soon to be launched in the city combining 100 of the latest technology Volvo XC90s (and some Ford Focus cars) and Uber’s popular ferrying service will see customer cars arrive and reach their destination in the same way, but with a few big differences.

If the customer is picked up by the autonomous vehicle the ride will be free as a reward an incentive for taking part of the scheme.

Autonomous But Not Unmanned.

Even though the custom, self-driving vehicles will be fitted out with all the technology to go about their work without human help, for the introductory scheme at least they will have someone in the front seat. This person will be there to satisfy safety regulations which currently don’t allow totally driverless vehicles on the public roads, and to and take notes about how the cars are used. It is also very re-assuring for passengers who are unlikely to have complete trust in this brand new type of service to have a person on hand to potentially take charge should anything go wrong.

The details observed by the person / engineer in the front seat will be combined with computer measurements and recorded data from the special cars to ensure that safety and service levels are maximised.

First Step To Uber Job Losses?

Although the announcement of the real life use of this technology has caused much excitement in technical circles, some commentators have pointed out that could be the first step to Uber driver job losses around the globe, thereby going against one of the things that Uber was very proud of.

What Does This Man For Your Business?

Although this scheme is unlikely to have any direct effect on the vast majority of people reading this, it shows how quickly ideas that seemed part of a distant future can be developed and incorporated into businesses today. It could also have implications for and open up business opportunities in countries around the world if it is rolled out on a large scale and if enough passengers become used to and comfortable with computers rather than people being in charge of land based public and private vehicles.

Windows 10 Update Kills Webcams.

The upgrades and updates for Windows 10 have certainly not been without their problems or critics, and it appears that the latest update has stopped many popular webcams from working.

What Update?

Update / version 1607 also know as the Anniversary Update because it was the first anniversary of the release of Windows 10 earlier this month is one of a series of frequent installations of feature updates that are now needed as part of the ‘Windows as a Service’ model.

Windows 10 updates are cumulative so each one contains all previously released fixes, and if earlier updates have been installed only the new fixes that are contained in each new update package are downloaded and installed on to the user’s computer.

The Latest Problem With 1607.

One of the more obvious problems that users have noticed with the latest update that was released at the beginning of August is that it affected web cam use. Reports to Microsoft’s support site indicated that the update has caused either frozen images or streaming problems in webcam images, whether the webcams were connected via USB cables or on the same network.

The problems are even reported to have affected webcams working with platforms from companies owned by Microsoft such as Skype and Lync.

Why?

There has to date been no official word from Microsoft as such about the problem, although there have been some comments on Microsoft support threads from engineers who are reported to be working on a fix for the problem.

Although the exact nature of the cause of the problem is still therefore largely a matter of speculation, some commentators have suggested that the fault may be due to the update ending support for 2 widely used video encoding systems that Windows 10 has been using.

The Fix.

Current indications are that the fix for the problem may not be ready for at least another week. It has also been noted by some commentators that changes to the way in which Microsoft handles updates could have made the fix more complicated. For example, prior to this update, Windows 10 users could roll-back to a previous version within 30 days of it being installed. With the latest update reducing this to 10 days it is unlikely that users can roll back to a version where the webcam was working.

What Does This Mean For Your Business?

If your business has been affected by this latest problem it  now (unfortunately) means that there will be a wait until a fix has been found.

It is worth noting however that although there have been some inevitable teething problems with and some criticism about the introduction of Windows 10 and the new ‘as a service’ model there are many more positive features, benefits and opportunities that the OS offers businesses.