Author Archive for Andy Wilkinson

Your Latest IT News Update

Foldable Phones

After its official launch, planned for next year, it has been reported that the new Samsung Galaxy X smartphone (complete with foldable screen) could be priced at as much as £1,400!

<More>

Trump’s Tariff’s For Tech

While Apple Inc has had good news that it will not face traded tariffs on its iPhones assembled in China, Intel Corp may need to shift its assembly work away from China to avoid a big revenue hit.

<More>

Appeal Dismissed After Asylum Seeker Data Breach

An appeal by the UK Home Office to limit the number of potential claimants from a 2013 data breach has been dismissed on the grounds that an accidentally uploaded spreadsheet exposed the confidential information and personal data of asylum applicants and their family members.

<More>

Bank Uses AI To Screen Job Applicants

A Singapore bank is reported to be using an AI-based system to make savings in the process of recruitment by automating the pre-screening of job applicants.

<More>

AI Creates Phishing URLs That Can Beat Auto-Detection

A group of computer scientists from Florida-based cyber security company, Cyxtera Technologies, are reported to have built machine-learning software that can generate phishing URLs that can beat popular security tools.

<More>

Tech Tip – Improve Phone Speed With Lightweight Apps

If your phone has limited memory storage and you regularly use Facebook and Twitter, installing lightweight versions of these apps could help to speed up your phone.

<More>

Foldable Galaxy X Smartphone Could Cost You £1,400!

After its official launch, planned for next year, it has been reported that the new Samsung Galaxy X smartphone could be priced at as much as £1,400!

More Than The iPhone X

This will mean that the world-first flexible-screened, foldable smartphone will be entering the market with a price that’s one-third higher than even the Apple iPhone X which was criticised by some for its £999 price tag.

The high price is thought to reflect the high R&D budget that went into its development, and as a premium for its innovative features.

The Galaxy X has essentially been 7 years in the making, as a prototype version of the foldable phone was shown by Samsung back in 2011.

What’s So Special About It?

The Galaxy X has two inside panels and one outside panel with the two inside panels forming the 7.3-inch OLED screen when the phone is unfolded, thereby giving the user a much larger screen area. As well as having a large screen area, the resolution is expected to be 4K (3840×2160 pixels), thereby giving it high-res when folded.

It is also rumoured that the new phone will have a dual-camera at the rear with one of the latest Qualcomm Snapdragon processors.

LG Also Going Foldable?

There have been rumours that Samsung’s rival LG is also planning to release foldable devices that could feature more advanced outward folding tech than Samsung.

To Be Shown February 2019?

Even though Samsung investors were informed that the new Galaxy X would be launched in 2018, it now looks likely that it won’t actually be shown until the Mobile World Congress (MWC) in February 2019.

Production Problems

Part of the delay in the production of a commercial version of the Galaxy X from the first sighting of its prototype 7 years ago is thought to be down to production problems in the development of the flexible plastic screens.

What Does This Mean For Your Business?

So much of business is now conducted using smartphones, and innovative smartphones that provide the user with features that have a real value are likely to be popular. It seems that the main benefits of the Galaxy X are that it will offer flexibility and convenience to the user with a screen area between a phone and a tablet (that can be folded), and for the initial interest factor that being seen to own and use one will create.

For the manufacturers, Galaxy X also provides a way to compete with Apple and some of its other larger competitors such as LG, and to be first to the marketplace with a foldable, flexible smartphone.

Trump’s Tariff’s For Tech Firms With China Links

While Apple Inc has had good news that it will not face traded tariffs on its iPhones assembled in China, Intel Corp may need to shift its assembly work away from China to avoid a big revenue hit.

What Tariffs?

President Donald Trump’s administration’s focus on putting America first, its accusations that China has been unfairly benefiting from a trade imbalance with the US for years, and its plans to impose 25% tariffs on $50bn worth of Chinese goods (with the threat of an additional $200bn / £151bn of tariffs) have caused many companies that have a Chinese link in their production chain to fear being hit with tariffs along the way.

Apple Told Its OK

Tech giant Apple Inc, for example, has its iPhones assembled in China, and has, therefore, feared for some time that its phones would be hit by tariffs when being brought back into the US after assembly. This would, of course, mean a potentially large increase in costs, and possibly the need to re-organise production.

It has been reported, however, that Apple Inc Chief Executive Tim Cook travelled to the White House last month, and was reassured by Mr Trump that US government would not levy tariffs on iPhones assembled in China.

Intel Not So Lucky

Unfortunately for chip maker Intel Corp the news has not been so good. Although chips were not a main target in the initial list of targeted goods released in April, U.S. trade officials have released a new tariff list of 284 products worth $16 billion that includes the processor and memory chips that are the ‘core’ of Intel’s business.

If there is no revision or change of heart by the US government over this new list, Intel may need to seriously consider shifting its production strategies to avoid putting its $12.5 billion revenue from the United States that is at risk. This could mean that, rather than sending chips to China for low-level assembly work and then bringing them back to be put into devices manufactured in the United States (which would attract a tariff), Intel may need to spread all aspects of production and assembly among its US and other tariff-safe plants.

Also, many of Intel’s customers, large computer brands or contract manufacturers who work Intel’s behalf are legally based in China because that is where most electronics are built. A tariff trade war with China would, therefore, be bad news for Intel, which made $14.8 billion from China revenue in 2017.

What Does This Mean For Your Business?

The tariff-based trade war that seems to be escalating between the US and this has fuelled fears that there could be a significant negative impact on the U.S. technology sector. When news of the tariffs on chips was announced, investor concerns meant that Intel shares dropped 3.4 percent to $53.22. Economists have noted that this kind of tariff war could mean that US consumers will have to pay higher prices for technology products, and this could actually hurt some of the businesses that Mr Trump’s administration says that it is trying to protect.

EU countries have also been hit with US tariffs on steel and aluminium, and have responded by producing a 10-page list of tariffs on US goods as part of a ‘re-balancing action’.

Appeal Dismissed After Asylum Seeker Data Breach

An appeal by the UK Home Office to limit the number of potential claimants from a 2013 data breach has been dismissed on the grounds that an accidentally uploaded spreadsheet exposed the confidential information and personal data of asylum applicants and their family members.

What Happened?

Back in 2013, the Home Office is reported to have uploaded a spreadsheet to their website. The spreadsheet should have simply contained general statistics about the system by which children who have no legal right to remain in the UK are returned to their country of origin (known as ‘the family returns process’).

Unfortunately, this spreadsheet also contained a link to a different downloadable spreadsheet that displayed the actual names of 1,598 lead applicants for asylum or leave to remain. It also contained personal details such as the applicants’ ages, nationality, the stage they had reached in the process and the office that dealt with their case. This information could also potentially be used to infer where they lived.

The spreadsheet is reported to have been available online for almost two weeks during which time the page containing the link was accessed from 22 different IP addresses and the spreadsheet was downloaded at least once. The spreadsheet was also republished to a US website, and from there it was accessed 86 times during a period of almost one month before it was finally taken down.

For those claiming asylum e.g. because of persecution in the home country that they had escaped from, this was clearly a very distressing and worrying situation.

Damages

In the court case that followed in June 2016, the Home Office was ordered to pay six claimants a combined total of £39,500 for the misuse of private information and breaches of the Data Protection Act (“DPA”). The defendants conceded that their actions amounted to a misuse of private information (“MPI”) and breaches of the DPA.

The Home Office did, however, lodge an appeal in an apparent attempt to limit the number of other potential claims for damages.

Appeal Dismissed

The appeal by the Home Office was dismissed by the three Appeal Court judges, and meant that both the named applicants and their wives (if proof of ‘distress’ could be shown) could sue for both the common law and statutory torts. This was because the judges said that the processing of data in the name of claimant about his family members was just as much the processing of their personal data as his, therefore, meaning that their personal and confidential information had also been misused.

Not The First Time

The Home Office appears to have been the subject similar incidents in the past. For example, back in January the Home Office paid £15,500 in compensation after admitting handing over sensitive information about an asylum seeker to the government of his Middle East home country, thereby possibly endangering his life and that of his family.

The handling of the ‘Windrush’ cases, which has recently made the headlines, has also raised questions about the quality of decision-making and the processes in place when it comes to matters of immigration.

What Does This Mean For Your Business?

In this case, it is possible that those individuals whose personal details were exposed would have experienced distress, and that the safety of them and their families could have been compromised as well as their privacy. This story indicates the importance of organisations and businesses being able to correctly and securely handle the personal data of service users, clients and other stakeholders. This is particularly relevant since the introduction of GDPR.

It is tempting to say that this case illustrates that no organisation is above the law when it comes to data protection. However, it was announced in April that the Home Office will be granted data protection exemptions via a new data protection bill. The exemptions could deprive applicants of a reliable means of obtaining files about themselves from the department through ‘subject access requests’. It has also been claimed that the new bill will mean that data could be shared secretly between public services, such as the NHS, and the Home Office, more easily. Some critics have said that the bill effectively exempts immigration matters from data protection. If this is so, it goes against the principles of accountability and transparency that GDPR is based upon. It remains to be seen how this bill will progress and be challenged.

Bank Uses AI To Screen Job Applicants

A Singapore bank is reported to be using an AI-based system to make savings in the process of recruitment by automating the pre-screening of job applicants.

‘JIM’

The new AI screening platform, Jobs Intelligence Maestro (JIM) has been part of a pilot scheme that has been running at the DBS bank in Singapore since April.

JIM has been developed by Singapore start-up Impress.AI and DBS’ Talent Acquisition team, and has been used to support staff in the sometimes lengthy process of reviewing CVs, collecting responses to pre-screening questions, and conducting psychometric tests.

Savings

The main reason for the development of JIM is to save man-hours, to lighten the workload of the bank’s recruiters, and to enable the recruitment process to fit in more easily with the schedules of candidates who may be busy in normal office hours.

Wealth-Management Planning Roles

The AI system is intended to be used for screening candidates for wealth management planning roles in the bank in its main markets of Hong Kong, China, Taiwan, Indonesia and India. This will enable the bank to meet its target of target 40% growth in staff advising its high net worth customers.

High-Volume Roles

JIM will also be used in other ‘high-volume’ roles within the bank, such as the bank’s management associate and graduate associate programmes, where more than 7,000 candidates can apply for 20 just roles.

What Does This Mean For Your Business?

Up until now, banks have made the news for using AI bots to make savings in the customer service side of the business. Once again, but in a different role, AI is being deployed to essentially make savings in man-hours, and to enable the 24-hour provision of a service.

JIM the AI program is being used in a supporting, time-saving, pre-screening role, and it is in these types of roles that AI is making in-roads into the world of business, and providing cost savings for those companies / organisations that can afford to and need to deploy them to add real value areas of their business e.g. for high-volume, intelligent processing work.

Automation using AI-based systems is likely to be an increasing trend, and back in 2017 the EU even voted to give a Bill of Rights to ‘robots’ that will give them “electronic personhood” status in the eyes of the Law in anticipation of a new kind of industrial robot revolution.

AI Creates Phishing URLs That Can Beat Auto-Detection

A group of computer scientists from Florida-based cyber security company, Cyxtera Technologies, are reported to have built machine-learning software that can generate phishing URLs that can beat popular security tools.

Look Legitimate

Using the Phishtank database (a free community site where anyone can submit, verify, track and share phishing data) the scientists built the DeepPhish machine-learning software that is able to create URLs for web pages that appear to be legitimate (but are not) login pages for real websites.

In actual fact, the URLs, which can fool security tools, lead to web pages that can collect the entered username and passwords for malicious purposes e.g. to hijack accounts at a later date.

DeepPhish

The so-called ‘DeepPhish’ machine-learning software that was able to produce the fake but convincing URLs is actually an AI algorithm. It was able to produce the URLs by learning effective patterns used by threat actors and using them to generate new, unseen, and effective attacks based on that attacker data.

Can Increase The Effectiveness of Phishing Attacks

Using Phishtank and the DeepPhish AI algorithm in tests, the scientists found that two uncovered attackers could increase their phishing attacks effectiveness from 0.69% to 20.9%, and 4.91% to 36.28%, respectively.

Training The AI Algorithm

The effectiveness of AI algorithms is improved by ‘training’ them. In this case, the training involved the team of scientist first inspecting more than a million URLs on Phishtank. From this, the team were able to identify three different phishing attacks that had generated web pages to steal people’s credentials. These web addresses were then fed into the AI phishing detection algorithm to measure how effective the URLs were at bypassing a detection system.

The team then added all the text from effective, malicious URLs into a Long-Short-Term-Memory network (LSTM) so that the algorithm could learn the general structure of effective URLs, and extract relevant features.

All of this enabled the algorithm to learn how to generate the kind of phishing URLs that could beat popular security tools.

What Does This Mean For Your Business?

AI offers some exciting opportunities for businesses to save time and money, and improve the effectiveness of their services. Where cyber-security is concerned, AI-enhanced detection systems are more accurate than traditional manual classification, and the use of intelligent detection systems has enabled the identification of threat patterns and the detection of phishing URLs with 98.7% accuracy, thereby giving the battle advantage to defensive teams.

However, it has been feared for some time that if cyber-criminals were able to use a well-trained and sophisticated AI systems to defeat both traditional and AI-based cyber-defence systems, this could pose a major threat to Internet and data security, and could put many businesses in danger.

The tests by the Florida-based cyber-security scientists don’t show very high levels of accuracy in enabling effective defence-beating phishing URLs to be generated. This is a good thing for now, because it indicates that most cyber-criminals with even fewer resources may not yet be able to harness the full power to launch AI-based attacks. The hope is that the makers of detection and security systems will be able to use AI to stay one step ahead of attackers.

State-sponsored attackers, however, may have many more resources at their disposal, and it is highly likely that AI-based attack methods are already being used by state-sponsored players. Unfortunately, state-sponsored attacks can cause a lot of damage in the business and civilian worlds.

Tech Tip – Improve Phone Speed With Lightweight Apps

If your phone has limited memory storage and you regularly use Facebook and Twitter, installing lightweight versions of these apps could help to speed up your phone.

Facebook Lite, for example, works just as well as the full version yet uses a fraction of the resources of the full app. The Facebook Lite app is small and allows you to save space on your phone and use Facebook in 2G conditions. To use it:

– Go to play.google.com

– Locate the app, and install it.

– n.b. Google also has lightweight versions of YouTube

Also, Twitter has a lightweight client which you can find at mobile.twitter.com.

Your Latest IT News Update

Domain Names & GDPR

A recent ruling by a German court about GDPR also applies to personal information held in the worldwide whois service, and could mean that domain name admin and tech contact details may no longer be needed because of the GDPR ‘data minimisation principle’.

<More>

Fruit Robots

Tests are being completed of ‘robot’ fruit-picking machines that can pick strawberries as carefully and quickly as humans, and can help growers solve the labour shortage challenge next growing season.

<More>

Smart Solar Power Savings From Google

Google, in partnership with energy supplier Eon, with help from German software firm Tetraeder, has released an online tool called ‘Project Sunroof’ that uses Google’s Earth and Maps apps to estimate how much money homeowners could by switching to solar power.

<More>

1 – 0 In England Vs World Cup Hackers

It has been reported that the England football team will be briefed before flying out to their World Cup base in St Petersburg about how they and UK fans can avoid falling victim to Russian hackers.

<More>

Two More Security Holes In Voice Assistants

Researchers from Indiana University, the Chinese Academy of Science, and the University of Virginia have discovered 2 new security vulnerabilities in voice-powered assistants, like Amazon Alexa or Google Assistant, that could lead to the theft of personal information.

<More>

Tech Tip – Alexa Skills Commands That Could Help At Work

Amazon’s Echo speakers may be used mainly in the home, but putting the listening / privacy fears aside, they can be useful in a business setting, particularly in small business settings / home offices. With this in mind, here are four skills commands that could help you:

<More>

Domain Names & GDPR

A recent ruling by a German court about GDPR also applies to personal information held in the worldwide whois service, and could mean that domain name admin and tech contact details may no longer be needed because of the GDPR ‘data minimisation principle’.

Up Until Now

Laws up until now have required ICANN, the Internet Corporation for Assigned Names and Numbers, to ask its accredited domain registrars to collect and store certain details of people who register / purchase domain names. These details include the owner’s name and address, and the name, postal address, e-mail address, telephone number, and (where available) fax number of the domain’s technical and administrative contacts. Many of these may, in fact, be the same person.

No More Collecting and Storing Details of Owners

The recent German court ruling came about because German registrar EPAG Domain services thought that one important aspect of GDPR, which came into force on May 25th, is the principle of data minimisation.

Under this key GDPR principle, personal data collected by companies should be adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed. In other words, under GDRR, companies should only collect the personal data that is absolutely necessary to provide the service.

The German registrar EPAG Domain services used this GDPR principle to argue that it no longer needed or wanted to collect the personal details for the technical and administrative contacts of domains, although it would still be happy to collect the personal details of the actual domain name owners.

ICANN Still Wanted Details Collected

ICANN didn’t agree with EPAG, and pushed for an injunction to ensure that EPAG either continued to collect administrative and technical contact details, or pay a €250,000 (US$291,000) fine!

The court came down on EPAG’s side, and refused to grant the injunction on the grounds that there was no evidence that the extra information was needed, especially since the same person could be listed as the owner, technical, and administrative contact.

ICANN’s Own Policy Proposal

ICANN had already published its own temporary policy to cover how information gathered by registrars should be made publicly available through the global whois service. ICANN’s policy was for tiered / layered access to personal information, limiting it to users with a legitimate and proportionate purpose e.g. law enforcement, competition regulation, consumer protection or rights protection.

Irony

One ironic aspect of the court’s ruling is that ICANN itself doesn’t register any personal details for administrative and technical contacts, and only lists a single number for both contacts’ phone and fax, which turns out to be the main number for its network operations centre. It could be argued that this is data minimisation in action from a company that appears to have argued against it.

What Does This Mean For Your Business?

This story is a practical example of how GDPR could affect aspects of company operations that may not have really been considered until now. It shows how current ways of doing things can be, relatively easily challenged in some courts, the results of which could spread across a whole industry.

If the ruling, in this case, is taken on board in other European countries e.g. most other EU countries, it could save domain registrars some time, and could cut through bureaucracy while protecting privacy at the same time.

It is still early days for GDPR, and there are likely to be many different challenges and changes to come across many industries as a result.

Fruit Robots

Tests are being completed of ‘robot’ fruit-picking machines that can pick strawberries as carefully and quickly as humans, and can help growers solve the labour shortage challenge next growing season.

Belgian Prototype Very Promising

European strawberry growers in Spain, Belgium and the UK are welcoming tests of robotic prototypes that can harvest soft fruit mechanically.

One example that has enjoyed some publicity is the ‘Octinion’ robotic arm on a self-driving trolley. Produced by a Belgian start-up, it is claimed that the Octinion can compete with a human in terms of price and speed as it is able to pick one strawberry every four seconds, collect between 70% and 100% of the ripe fruit, and leave the berry with only the calyx (and not the stalk), which is the way European consumers are used to buying their berries.

The success of this robot, which can grip and turns the fruit by 90 degrees to snap it off its stalk just like a human, means that it is now completing final tests in partnership with real-world growers in the UK and continental Europe, and looks like being a realistic option for next season.

Dogtooth From Cambridge

Another soft fruit-picking robot prototype that looks like being a serious competitor is the ‘Dogtooth’ which has been produced by a Cambridge-based start-up, has recently been tested in Australia, and is also made up of a robot arm mounted on a self-driving trolley.

The Dogtooth has been designed to be able to pick strawberries the way UK retailers prefer, by leaving around a centimetre of stem still attached, because it has been found to extend shelf life.

Unlike the Octinion’s machine which has been built to work on fruit grown on raised platforms in polytunnels, Dogtooth’s machine has been designed to be able to pick traditional British varieties in the field.

Genuine Labour Shortage

Some commentators have suggested that the motivation for producing the robots is simply to replace migrant labour with a cheaper, more efficient alternative, but strawberry producers across Europe and the US have insisted that they face a genuine shortage of workers to pick their fruit.

In the UK for example, the value of sterling following the Brexit vote has made it difficult to recruit overseas workers, and UK-based workers don’t appear to find seasonal picking work attractive or practical.

What Does This Mean For Your Business?

This is an example of how a range of technologies have been combined to produce a tool that can meet very real agricultural challenges, and could revolutionize a whole industry across the world. Although these machines may be expensive to buy, they can pay for themselves over time because, unlike humans, they don’t require wages, can work any number of hours, and they don’t take holidays, get sick or leave. They also mean that growers can plan their production with more certainty and don’t have to expend time, effort, and money on recruitment.

Automation, aided by huge technological advances, is a growing trend across most industry sectors. For example, a report by PwC from March 2017 claimed that over 30% of UK jobs could be lost to automation by the year 2030. According to the report, 44% jobs in manufacturing (where there are already many robots e.g. car manufacturing), especially those involving manual work, look likely to go to AI led software or robots. Transportation jobs are also in the high-risk category for robot replacements, and according to the report, 56% of jobs could be lost to autonomous vehicles. Jobs in the UK’s largest sectors, wholesale retail jobs, also look vulnerable to automation into the future.

AI and robotics will alter what jobs look like in the future, but it is also important to remember that, as with the strawberry-picking robots, they could provide huge advantages and opportunities for businesses.

Workers can only really try to insulate themselves from the worst effects of automation by seeking more education / lifelong learning, and by trying to remain positive towards and adapting to changes. How much automation and what kind of automation individual businesses adopt will, of course, depend upon a cost / benefit analysis compared to human workers, and whether automation is appropriate and is acceptable to their customers.