Archive for Networking

Worries About Huawei Persist

Security fears about Huawei products being used in the new 5G networks are still being expressed by the Trump administration, while Google has clarified its position on the matter.

What’s So Bad About Huawei?

Back in July 2018,  espionage chiefs from Australia, Canada, New Zealand, the U.K. and the U.S. (the so-called ‘Five-Eyes’), agreed at a meeting in July this year to try to contain the global growth of Chinese telecoms company Huawei (the world’s biggest producer of telecoms equipment) because of the threat that it could be using its phone network equipment to spy for China.  This led to the US, Australia and New Zealand barring Huawei Technologies Ltd. (with Japan more or less joining the ban) as a supplier for fifth-generation networks.

At the time, the Trump administration drew attention to the matter when Meng Wanzhou, the chief financial officer of Huawei, was detained in Vancouver at the request of U.S. authorities for violating US sanctions on Iran.

Since then, other countries have joined the ban and other allegations have been made against Huawei e.g. the US Department of Justice (DOJ) charged Huawei with bank fraud and stealing trade secrets back in January 2019.

What About The UK

As for the UK government, it will allow Huawei equipment to be used in the country’s 5G network, but not in core network functions or critical national infrastructure, and not in nuclear and military sites.  This has led to White House chief of staff Mick Mulvaney visiting just last week to help dissuade the UK from using Huawei’s products in phone networks.

Latest Warning From the US

The latest warning about Huawei products from the US has been voiced by Robert Strayer, who is the US deputy assistant secretary for cyber and communications. Mr Strayer, who is on a tour of Europe this week, warned that allowing Huawei to provide key aspects of the 5G network infrastructure could allow China to undermine it and to have access to “sensitive data”.  Mr Strayer piled on the pressure by warning that if the UK adopts Huawei as a 5G technology vendor it could threaten aspects of intelligence sharing between the US and UK.

Google Clarifies

As a US company, tech giant Google has been banned by the Trump administration since May 2019 from working with Huawei which last year led to Google confirming (via blog post) that it wouldn’t be working with Huawei on new device models or providing any Google apps (Gmail, Maps, YouTube, Play Store) for preload or download on Huawei devices.

In the light of more recent allegations and warnings about Huawei, Google has chosen to clarify its position in an article on its support pages (find it here https://support.google.com/android/thread/29434011?hl=en).  The article states that “To protect user data privacy, security, and safeguard the overall experience, the Google Play Store, Google Play Protect, and Google’s core apps (including Gmail, YouTube, Maps, and others) are only available on Play Protect certified devices”.

Google says in the article that sideloaded Google apps will not work reliably on Huawei devices.  Sideloaded apps are those which haven’t been through a certification process to appear in the Store and to run on a Windows device.  The fear is that sideloading apps could mean that apps could be installed which appear to be genuine and normal, but which may have been altered or tampered with in ways that could compromise user security.

What Does This Mean For Your Business?

The Trump administration in the US is keeping the pressure on as regards discouraging countries with which it has security and defence connections, and leverage as an ally or friend with to avoid installing Huawei products in networks, particularly in critical parts.  Clearly, a Republican administration (and in this case, and apparently inward-looking one championing US companies) in a country which has traditionally seen communist China as a threat is likely to be at least suspicious of Huawei products.  It is of course, unknown exactly what evidence exists to support the idea, and it should also be remembered that it is not long since President Trump launched a trade war with China, and may also be additionally conscious of spying issues from foreign powers after the allegations of Russian influence possibly influencing his own election as president.

For US, European, and other trusted tech network product companies from elsewhere, less for Huawei could mean more for them, and the rub-off bad publicity for Huawei also seems to have negatively affected Huawei’s sales of phone handsets, which has meant that US, Japanese and other phone suppliers have picked up more phone business.

In the run-up to next US presidential election, and with UK looking for trade deals outside the EU, it is likely that the US will continue to try and bring the UK and other countries round to its way of thinking about Huawei.

Apple’s Video-Calling ‘Eavesdropping’ Bug

Apple Inc has found itself at the centre of a security alert after a bug in group-calling of its FaceTime video-calling feature has been found to allow eavesdropping of a call’s recipient to take place prior to the call being taken.

Sound, Video & Broadcasting

As well as allowing the caller to hear audio from the recipient’s phone even if the recipient has not yet picked up the call, if the recipient has pressed the power button on the side of the iPhone e.g. to silence / ignore the incoming call, the same bug was also found to have allowed callers to see video of the person they were calling before that person had picked up the call. This was because pressing the power button effectively started a broadcast from the recipient’s phone to the caller’s phone.

Data Privacy Day

Unfortunately for Apple, insult was added to injury as news of the bug was announced on Data Privacy Day, a global event that was introduced by the Council of Europe in 2007 in order to raise awareness about the importance of protecting privacy. Shortly before news of the Apple group FaceTime bug was made public, Apple’s Chief Executive, Tim Cook, had taken to Twitter to highlight the importance of privacy protection.

It Never Rains…But It Pours

To make things even worse, news of the bug was made public on the day before Apple was due to announce its reduced revenue forecast figures as part of its quarterly financial results. Apple has publicly reduced its expected revenue forecast by £3.8bn.  Apple’s chief executive put the blame for the revised lower revenue mainly on the unforeseen “magnitude of the economic deceleration, particularly in Greater China”.  He also blamed several other factors such as a battery replacement programme, problems with foreign exchange fluctuations, and the end of carrier subsidies for new phones.

Feature Disabled

In order to close the security and privacy hole that the bug created, Apple announced online that it had disabled the Group FaceTime feature at 3:16 AM on Tuesday.

Fix On The Way

Apple has announced that a fix for the bug will be available later this week as part of Apple’s iOS 12.2 update.

What Does This Mean For Your Business?

Apple has disabled the Group FaceTime feature with the promise of a fix within days, which should provide protection from any new attempts to exploit the bug. Those users who are especially concerned can also decide to disable FaceTime in the iPhone altogether via the phone’s settings.

Even though the feature has been disabled, the potential seriousness of allowing eavesdropping of private conversations and the broadcasting of video from a call recipient’s phone appears to have been a major threat to the privacy and security of some Apple phone users.  This has caused some tech commentators to express their surprise that a bug like this could be discovered in the trusted, trillion-dollar company’s products, and concern to be expressed that those users who, for whatever reason, don’t update their phones to the latest operating system, may not be protected.

Microsoft Introduces AI Automated Audio and Video File Transcription

Microsoft’s new AI tool in OneDrive and SharePoint automatically transcribes the contents of video, audio, and image files, thereby making it much faster and easier to find specific topics and references made in those files.

No More Lengthy Transcribing

The growth of digital content, particularly in rich file types such as image, video, and audio files has made things particularly challenging when trying to search through them to find specific references, details, topics or quotes.

Up until now, it’s been a case of physically watching and listening, and transcribing the file into to text to get what you want.

Also, if you need to track down lost screenshots, snapshots and receipts, or if you have to categorise images by keywording them, or if you’re trying to search for images relating to a certain subject, this too has been a time-consuming challenge, up until now.

Search Through Audio or Video By What’s Said

The new AI-based automatic transcription system that’s been added to OneDrive and SharePoint means that users can now search through audio or video by what’s said in the file, and users can quickly find images by conducting searches using keywords based on the content.

How Does It Work?

According to a post on the Microsoft website by Omar Shahine, Partner Director of Program Management for OneDrive and SharePoint, AI can be used to extract the content from an audio or video file, and provide a full transcript which is shown in a viewer, which supports over 320 different file types.

Where automatic photo transcripts are concerned, native, secure AI is used to determine where photos were taken, recognize objects, and extract text in photos and images.

What Does This Mean For Your Business?

With the web, email, text / comms and chat apps now being regularly used as part of businesses, and with digital files and rich format files being favoured, used / displayed, swapped / shared and stored, and with the rise of collaborative online working, this new feature could prove very useful to users of OneDrive and SharePoint.

The many benefits it could bring include saved costs and time in searching and having to physically transcribe, helping to leverage existing content and improve productivity, improving accessibility, and making make life a lot easier for anyone who regularly transcribes audio files e.g. content writers, journalists and anyone involved with archiving and categorising different media types. It’s only a matter of time until other technology will be bolted-on to features like this e.g. facial recognition.

Also, for Microsoft this is a feature that can help it to compete in the collaborative working platform market.

Misleading Broadband Adverts

The Advertising Standards Authority (ASA) has been criticised for a lack of regulation of the use of the term “fibre” in broadband adverts, which has meant that some consumers may have been misled.

Findings of Research

The findings of the research, commissioned by network provider CityFibre, appear to show that customers may be confused about the fibre aspect of the broadband service they have.

For example, of the 3,400 broadband customers surveyed, 65% believed that they had already upgraded to a fibre connection and theywere no longer on slower copper cables, even though copper is still the most common connection type in the UK.

Also, 24% of the broadband customers surveyed believed they purchased services that used fibre cables running straight to their front door (FTTP). The reality, however, is that only 3% of the UK population have FTTP connections.

The problem with this, apart from the fact that the UK is still lagging behind in fibre broadband provision, is that almost half of those customers surveyed believed that services advertised as ‘fibre’ delivered internet in this way as standard.

Broadband Providers & ASA To Blame

The report by CityFibre lays the blame for years of apparently misleading advertising information about what “fibre” actually means at the door of broadband providers for how they have used the word in their adverts, and the ASA for appearing to not regulate how the word has been used.

Stop Using The Word Unless…

CityFibre has called upon broadband providers to stop using the word ‘fibre’ unless it is describing a full-fibre connection, and has stated that it plans to take the “backward looking” ASA to court to dispute the ASA’s conclusion that ‘fibre’ is not a misleading term in advertising.

What Does This Mean For Your Business?

Many critics would say that years of misleading advertising of broadband speeds, as well as spurious use of the word ‘fibre’ without explaining what it really means, have left many domestic and business customers totally confused about what they are paying for. This has undermined trust in the industry.

The sad prevailing fact for UK businesses is that, according to a recent survey, the UK is now at 35th place in the global average broadband speed league tables. This is because it has been too late in embracing a full-fibre solution – FTTP (fibre to the premises). Many critics have pointed to UK infrastructure provider Openreach shying away from FTTP because of the perceived costs and level of difficulty of large-scale rollouts.

All this means that UK businesses still have to rely on the slower FTTC (fibre to the cabinet) alternative, which uses copper wires to carry broadband from street cabinets to their premises. This has put UK businesses at a competitive disadvantage with businesses in many other European countries.

Regardless of advertising claims, and despite government plans and announcements, it looks as though the UK may only actually have 7% full fibre coverage by 2020, with full coverage unlikely for another 15 years.

Slack ‘Actions’

Chat App ‘Slack’ has announced the introduction of a new ‘Actions’ feature that makes it easier for users to create and finish tasks without leaving by having access to more 3rd party tools.

What Is Slack?

Slack, launched way back in 2013, is a Silicon Valley-produced, cloud-based set of proprietary team collaboration tools and services. It provides mobile apps for iOS, Android, Windows Phone, and is available for the Apple Watch, enabling users to send direct messages, see mentions, and send replies.

Slack teams enable users (communities, groups, or teams) to join through a URL or invitation sent by a team admin or owner. It was intended as an organisational communication tool, but it has gradually been morphing into a community platform i.e. it is a business technology that has crossed-over into personal use.

In March 2018, Slack and financial and human capital management firm Workday formed a partnership that allowed Workday customers to access features from directly within the Slack interface. Slack is believed to have 8 million daily active users.

What Is ‘Actions’ and How Does It Help?

The new tool / feature dubbed ‘Actions’ will bring enterprise developers deeper into Slack, because it allows for better / more integration with enterprise software from third-party software providers e.g. Jira, HubSpot, and Asana.

Slack knows that many users now like to choose what software they use to get their job done, and the Actions feature will, therefore, be of extra value to the 90% Slack’s 3 million paid users who regularly use apps and integrations.

Actions can be accessed using a click or tap of any Slack message, require no slash commands, and are being made available to all developers using the platform to deploy bots and integrations. To begin with, Actions will be displayed based on what individuals use most frequently.

What Does This Mean For Your Business?

If you use / your business uses Slack, the interoperability of these systems resulting from integration between software from third-parties means that you have greater choice in what software you use to complete your tasks without having to leave Slack. This offers time and cost saving benefits, as well as a considerable boost in convenience.

Slack knows that there are open source and other alternatives out there, and the addition of Actions will help Slack to provide more valuable tools to users, thereby helping it to retain loyalty and compete in a rapidly evolving market.

How Dedicated Network Connections For The Cloud Could Save Businesses A Lot Of Worry

Whilst the cloud has been utilised by companies all over the world, many business owners are still left feeling a little uneasy with the idea of having important data on the wrong side of their own personal security protocols.

The hybrid-cloud, an alternative to standard cloud computing, allows companies to retain some of their vital digital information in house by having total control and utilising their own defences against any potential security threat to their stored data.

Despite this, companies need more from the cloud to have the assurance that they don’t have to look after their precious data themselves.

Cloud_computing

The answer could come from new network services, which are being offered by cloud-service providers to create a connection between the clients infrastructure and the PoP (Points of Presence) of the provider.

These dedicated connections, rather than the standard internet pathway, mean that clients would not have to share their bandwidth with anyone else, can increase and decrease their bandwidth as they please and benefit from easily-transferable data that eliminates internet insecurities.

These dedicated connections between provider and client are not new and are well tested, so companies can feel more assured about the data they store on the cloud by following up this type of data storage service.

For more information on Safe & Secure Cloud Storage Services, get in touch with Pronetic today and we’ll take you through our various technology options for your business.

Heartbleed – What Is It and What Should You Do?

Chances are you’ve been made aware of the threat posed by a rather troublesome online bug titled “Heartbleed”. Before you start rushing frantically about the office wondering if you need to sort out your antivirus settings or possibly even protect your bank account details, here’s where Google and other major online companies are at so far with regards to this worrying development.

download (2)

Heartbleed came to light a couple of weeks back after OpenSSL (a piece of software that deals with security purposes throughout the web) was compromised through one of its built-in features, known widely as heartbeat. Heartbeat exchanges data between website and PC to give your computer assurance that the site is active. Whilst the feature should only ever send back the same amount of data as it receives, hackers have found a way of requesting increased amounts of data that could potentially include passwords, cookies, logins and other personal information.

It’s understood that just under 20% of internet servers have the heart bleed bug, which is a scary amount despite the fact that this figure had been inflated in the past to as much as 60% of all servers. Whilst OpenSSL has since been patched, it’s important that you do change your passwords for the services that have been affected. Google was affected but has since been fixed, though you should still look to change your passwords as soon as possible.

Don’t panic. The chances of hackers getting hold of your personal information through heart bleed are incredibly small, so all you have to do is take the necessary precautions and keep up to date with what’s going on.

Windows XP Security Updates Stopping From Today

Today is the last day we’ll be seeing support arriving for Windows XP, with the final security patch arriving to the operating system in the early hours of the morning. It’s a significant day for those who have decided to stick with XP until the very end, and there are plenty of them.

a_windows_xp_wallpaper_by_tharunnamboothiri-d4djhvn

It’s believed that nearly 20% of PC’s on a global scale are still operating Windows XP. This is a huge amount considering Microsoft released their warning about security updates many months beforehand, giving individuals and businesses plenty of time to make the change.

Ultimately, anyone who continues to use Windows XP will have to cope with the higher threat of online attacks, viruses and malware. There’s no doubt that some people will hold on to XP despite the lack of security, so it might be interesting to see just how damaging a decision that could turn out to be.

It’s always important to receive regular security updates to enhance online security for businesses and homes alike, despite the fact Windows XP has aged incredibly well. It might be quite surprising for some to learn that flaws can still be found in XP’s system despite its longevity. Unfortunately, hackers can always find new ways of gaining access to bugs that crop up, and it’s the defence against this type of attack that will no longer be provided.

Facebook Splash Out $2 billion On Oculus Rift – Is This Good News?

Facebook recently decided to splash out on Oculus’ virtual reality system, the Oculus Rift. The question is, have Facebook got it in them to take virtual reality to the next level, and is the $2 billion purchase really worth it for a company that knows next to nothing about gaming?

OLYMPUS DIGITAL CAMERA

Tech experts and various critics have criticised the purchase, mainly because they felt the Kickstarter campaign was something that could succeed on its own. However, the benefits of Facebook’s acquisition have also been recognised.

Good

  • More money for Oculus. Better chance of going the distance and achieving great things.
  • Technology that can provide for multiple industries and not just for gaming.
  • It will get the reception it needs to succeed on the release date

The Bad

  • Facebook aren’t a trusted company when it comes to online security. Are consumers going to be happy with Facebook taking over a gaming platform after their history with user privacy?
  • Developers don’t like working with Facebook due to unfriendly business terms.
  • Will Oculus still be recognised for their achievements once Facebook starts advertising?

Pronetic know all about online security, but we’re also experts in providing our clients with IT Security Services. Get in touch today and discover how we can improve the security of your online business.

 

Turning Google Chrome into a Security Fortress With Add-Ons

A lot of people have identified Google Chrome as the ideal browser thanks to its speed, expansion options and multi-platform opportunities. As it’s now being widely used, the security aspects of the browser have come under scrutiny.

Adblock_logo_&_wordmark

So what can you do to enhance Chrome and make it a fortress against any unwanted intrusions? Here are some of the enhancements available to download that can really make an impact on the overall security of your browser.

Adblock Plus is a really useful tool that gets rid of the constant barrage of advertisements we often sift through when searching the web. It also provides a malware protection service and keeps your surfing private and protected.

HTTPS Everywhere is a must if you’re a regular user of the internet (who isn’t). Your surfing will be automatically navigated, giving you the simplest route to a safe and secure Chrome experience.

If you’re just looking for something that tells you which search results can be trusted, Chrome has Web of Trust available for installation. You’ll know a site is safe to use if it has the Web of Trust logo next to it. Simple.

There you have it. Getting hold of these useful add-ons can really improve the security of your web searches, so make sure you get hold of them as soon as you declare Chrome your browser of choice. If you’d like any more advice on keeping your surfing safe and secure, please get in touch with Pronetic and we’ll be happy to help.