Tech Tip – Windows 10: Fix Search
If Windows Search can’t find files that you know are there somewhere, then you have the option to rebuild its index. Here’s how:
- Click on Start.
- Type index.
- Click on Indexing Options.
- On the Control Panel entry that opens, go to Advanced > Rebuild.
- Try searching again, once the index has been recreated.
Barclays Drops Kaspersky Over Security Fears
Barclays bank has emailed its 290,000 online banking customers to say that it will no longer be offering Kaspersky Russian anti-virus because of information and news stories about possible security risks.
Long-Running
Rumours and concerns about Kaspersky’s possible links with the Russian state are not confined to Barclays. Moscow-based software maker Kaspersky Lab, the largest Russian software agency operating in the UK, had its security products banned from U.S. government networks earlier this year and, back in July, security researchers claimed to have found a way to force the anti-virus product to assist snoops in stealing data from segmented networks (not connected to the wider internet).
Back in 2015, it was also reported that the US National Security Agency and GCHQ had sought to carry out reverse engineering of Kaspersky anti-virus as far back as 2008 to discover any vulnerabilities. Long-running fears about Kaspersky have also been fuelled by leaks from the NSA through Edward Snowdon (2013), Hal Martin (2016), and by allegations (printed in the Wall Street Journal) that a Vietnamese NSA contractor was hacked on his home computer by Russian spies via Kaspersky.
Announcement
The move by Barclays follows a warning in a letter by Director of the UK National Cyber Security Centre (NCSC), Ciaran Martin, to Whitehall chiefs that Russian software should be avoided in systems containing information concerning national security. Mr. Martin expressed fears about Russia itself as a cyber threat actor, and how Russian security software such as Kaspersky could be exploited by the Kremlin.
Free Trial
The Barclays customers who received the emails informing them of the bank’s decision to drop the software had downloaded Kaspersky over the past decade as part of a 12-month free trial offered by the bank on its website. The fear is that at least some of the customers who downloaded the software are / were likely to be / have been individuals employed by the UK government and, therefore, may have been targeted by Russian spies (if the allegations about Kaspersky are to be believed). Barclays customers are able to end the Kaspersky subscription after their free trial.
Evidence?
Actual publicised evidence of any state-sponsored wrong-doing by Kaspersky, or involvement with Russian intelligence agencies appears to be in very short supply. Some commentators have also pointed out that it may even have been the case that private company Kaspersky Lab’s product was compromised at some point without its knowledge or consent.
Kaspersky has denied any inappropriate ties to any government, and has put warnings about its products in the west down to the company being caught in the middle of a geopolitical fight, and has expressed disappointment about the recent decision by Barclays.
What Does This Mean For Your Business?
Warnings by the UK National Cyber Security Centre (NCSC) clearly need to be taken most seriously by those with links to government departments, but it is also important to factor in the context of a certain amount of paranoia and the recent focus in the media about Russia following allegations of interference in the US elections.
In the case of Barclays, it has been stressed by officials that they are not saying that members of the public or companies should stop using Kaspersky products, which are used by about 400 million people globally. It would also not be a good idea to remove Kaspersky anti-virus from a computer without immediately putting a suitable alternative in place. Anti-virus still forms an important part of a company / organisation’s basic cyber defences and this, and other software should be kept up to date with patches and updates to enable evolving threats to be combated as part of a wider strategy.
Police Web & Phone Snooping Powers Curbed
The need to comply with a European Court Ruling has meant that senior UK police officers are to lose the power to self-authorise snooping on personal phone and web browsing records.
What Ruling?
This latest development is the upholding of a ruling (after an appeal) that was sent to the European Court of Justice (ECJ) in 2016. The original ruling dates back to 2015 and relates to a case brought by Labour Party deputy Tom Watson (and Brexit Secretary David Davies, who later dropped out). The original case challenged the legality of core parts of the Data Retention and Investigatory Powers Act (DRIPA), which was a predecessor to the Investigatory Powers Act (also known as the ‘Snooper’s Charter)’.
In upholding the original ruling which went in favour of Tom Watson, the ECJ has said that the general and indiscriminate retention of data cannot be considered justified within a democratic society, and that a mass harvesting of data can only be lawful if it’s underpinned by stringent safeguards or independent oversight, and can only be accepted as part of investigations into ‘serious’ crime and terrorism.
What Does This Actually Mean?
In short, the upholding of the original verdict means that The Investigatory Powers Act will need to be changed to align it with the ECJ ruling.
Every year, there are 250,000 requests from police agencies and investigating public bodies to access personal communications data. Under current rules, senior authority figures such as police superintendents, inspectors, or similarly high ranking officials in the Department of Work and Pensions and Revenue and Customs can self-authorise data these harvesting requests.
Under the new ruling, harvesting of data requests will only be permitted in cases that potentially carry prison sentences of six months or more, and communication requests will only be authorised by a newly created Office for Communications Data Authorisation which will be overseen by the investigatory powers commissioner Lord Justice Fulford.
The change in the law will also mean that agencies won’t be able to collect data for things like collection of taxes or public health reports.
Although senior police will no longer be able to self-authorise access to our phone and web browsing records, the new rules won’t apply UK’s spy agencies e.g. GCHQ, MI6 or MI5 retaining or acquiring data, because the UK government says that national security is outside the scope of EU law.
Criticism
Criticisms of the government’s response to the ECJ’s ruling include:
- The definition of ‘serious crime’ is too broad and vague, appears to be window dressing, and fails to provide a robust system of independent oversight.
- Government proposals may not be enough to comply with European law.
The government has launched a 7-week public consultation to collect feedback about its proposals.
What Does This Mean For Your Business?
This is a time of flux and change where the UK is breaking away from the EU but is still affected by EU data laws, and is having to take account of EU laws and Regulations in its own Investigatory Powers Act (2016), with GDPR, and with trying to make the UK’s own law, the Data Protection Bill (DPB) is in line with GDPR.
Where the Investigatory Power Act is concerned, it is has been in force in the UK for a year and legal challenges (mainly on our behalf), and raising awareness of what the law entails and gathering large support to oppose certain elements are some of the only routes we have to seek changes to it.
National security is, of course, important, but so is privacy in a world where surveillance in all aspects of life is increasing. Some would say that if we’re doing nothing wrong we have nothing to fear, whereas others would say that this attitude simply makes it easy for hard-won freedoms and rights to be lost.
For businesses, security and privacy are vitally important issues where data protection is concerned going forward, and much of the focus in the news has been on how customer and employee data can be protected in a GDPR-compliant way going forward. For many businesses this is a more pressing issue than changes to the Investigatory Powers Act, although this story is a reminder that big brother is still watching, hopefully on our behalf to protect us and our businesses rather than to snoop unnecessarily.
Amazon Targets Businesses With Voice Activated Digital Assistants
Amazon with its best-selling digital voice assistant now has its sights set on a role for Alexa in the workplace with its plans to launch Alexa for Business.
Amazon Dominant
Amazon’s Echo dominates the voice-assistant market with a more than 70% share. 11 million Alexa devices have already been sold and last Christmas, Alexa-enabled devices emerged as the top-selling product across all categories on Amazon.com. Amazon Echo’s AI powered home voice-activated digital assistant looks set to be a popular present again this year.
Awareness and use of voice-controlled speakers is soaring, and in the US for example, an estimated 35.6 million people used one at least once a month in 2017, a 128.9% increase on the previous year (eMarketer).
Natural Progression – Into The Workplace
It is no surprise, therefore, that Amazon would want to move its digital assistant smart speaker into the workplace. With this in mind, Amazon has announced plans to release an enterprise-focused version called Alexa for Business.
Doing What?
For many home-based / small businesses, having an Amazon Echo around as part of the day’s organising / calendar scheduling and basic entertainment and information functions is becoming an increasingly common thing.
Tech commentators have noted that voice-activated digital assistants such as Amazon Echo are suited to workplace roles and specific tasks such as facilitating and activating conference calls, booking meeting rooms, reporting IT issues, providing directions around a building, answering questions about the business or even ordering new office supplies.
It is anticipated that the new Alexa for Business could be used by employees on their own personal devices to make calls, manage calendars, run to-do lists, set reminders, and to locate information stored in third-party corporate applications e.g. Salesforce, Concur or Splunk, and Microsoft Exchange. Business users could also pair their private accounts with their organisation’s Alexa for Business account.
Security and Privacy Fears
One of the potential challenges to introducing digital assistants to the workplace is the widely publicised security and privacy fears. Security commentators have pointed to the fact that Amazon Echos are always listening, and while they don’t ordinarily collect information until activated with the “Alexa” wake word, it can happen by accident, and Amazon stores recordings to make its cloud-based AI service more ‘intelligent’. This also represents a security threat.
Also, back in August for example, UK security expert Mark Barnes made the news by saying that anyone could install malware on an Amazon Echo, along with his proof-of-concept code that would silently stream audio from the device to a remote server. This would enable a criminal to listen-in on private conversations and private / personal information that could be used to e.g. steal money, steal business secrets, or burgle premises. This kind of vulnerability could also lead to the disclosure of personal details of customers or employees which could jeopardise data security compliance, and expose a company to the risk of fines or blackmail.
What Does This Mean For Your Business?
Voice activated, AI-based digital assistants appear to be very well suited to many organisational and instant information-dispensing tasks that could make them very useful in the modern workplace to help boost employee productivity, improve efficiency, and to perform some very specialised tasks. It was almost an inevitability that the next step for them would be the workplace, and Amazon’s dominance in the market also made it inevitable that it would want to be first in with a business-focused offering.
Amazon and other voice-activated digital assistant companies (Microsoft, Google and Apple) will, however, need to convince businesses that the devices are secure and that they don’t represent the same IoT security threat that they’ve been reading and hearing about.
Facebook For Children Launched
Facebook has launched ‘Messenger Kids’. The standalone app on a ring-fenced network is targeted at young people for use on their tablets or smartphones but can be controlled from a parent’s Facebook account.
Challenge
The challenge identified by Facebook is that young people are being given access to tablets and smartphones, but their parents are concerned about (and can’t always monitor) how their children are using them and which apps are appropriate. Also, even though Facebook is strictly for those 13 and over, it would not be difficult for younger children to set up and use an account, and it is thought that as many 20 million under-13-year-olds may currently be using the network.
Next Generation of Facebook Users
Although Facebook’s primary stated motive for the new junior version of its platform is to provide a safer, more age-appropriate version, some tech and business commentators have suggested that it may also be an ideal way for Facebook to recruit its next generation of users, and to capture the attention of 6 to 12-year-olds before Snapchat or a similar social network competitor.
What’s Different About It?
Messenger Kids is different from the main version of Facebook because:
- It puts parents in control. If two children want to be friends on Messenger Kids, that friendship must first be approved by a parent for each child. Approved adults can also contact their children through the app.
- It has appropriate, targeted content. There is a library of child-appropriate and specially chosen GIFs, frames, stickers, masks and drawing tools that enable children to decorate content and express their personalities.
- It is ad-free. Also, targeting ads e.g. to parents based on what their children are talking about in Messenger Kids, or using what was discussed in Messenger Kids to target adverts at teens as they graduate into over the age of 13 to a normal Facebook account will not be possible. The app doesn’t know exactly how old the children signing up are anyway.
- It is a simplified, locked-down / ring-fenced version.
Data Sharing Concerns
Some concerns have been raised about privacy, and what data will be collected about the young users of the accounts. Facebook will collect data such as the child’s name, the content of the messages, and typical usage reports for how the app is being used. It is understood that Facebook will only share that information with third parties who have data protection policies that comply with Coppa, the Children’s Online Privacy Protection Act in the US (Messenger Kids is being launched in the US first).
What Does This Mean For Your Business?
From a business perspective, it is understandable that Facebook needs to find a way to bring a new, young generation of users to its platform, to find a way to compete with other platforms for the attention of other users, and to do so in a way that has the approval and involvement of parents, particularly if children are going to use social networks anyway. For businesses that want to target children with advertising, Messenger is not going to be a good route for doing so, although it remains to be seen how popular the uptake of Messenger Kids will be. It may also be of some reassurance to current Facebook advertisers with young target audiences that Facebook is seeking to bring new targets through the door, and therefore looks like a promising advertising channel to continue with in the future.
For many parents and interest groups dealing with parental concerns, it may still be a worry that with Messenger Kids there are still no totally clear policies about data collection, what happens to the content children post or any plans for the future. Parents may simply and naturally feel as though they don’t trust Facebook (or other social networks) anyway for use by children until the parent feels they’re old enough.
There has also been some concern recently in the media about the results of research showing that children may be seeking too much online peer validation through ‘Likes’ on social media – Likes will be included in Messenger Kids.
For now, it’s a case of wait-and-see, and hope that all the safeguards, testing and targeting provide the safety and positive experiences for users that Facebook intends in a world where cyber-crime levels are high.
Trump’s New FCC Chairman Pushes To End Net Neutrality
After the Net Neutrality regulations from 2015 were partially overturned in May 2017, Donald Trump’s new chair of the Federal Communications Commission (FCC) is pushing to end net neutrality after a final vote this month.
What Is Net Neutrality?
In short, Net Neutrality means that ISPs (who control the data pipeline) treat everyone’s data (emails, digital audio files, and digital video) equally, whether it’s from companies or individuals, or whether its popular streamed TV episodes e.g. Netflix and Amazon being able to compete with established broadcasters. With Net Neutrality, ISPs don’t get to decide whose data is sent more quickly e.g. data from private individuals (more slowly), data from a business because it’s been paid for by a business (more quickly), and which sites get blocked or throttled e.g. the streamed delivery of a TV show from a competitor of the ISP.
The idea of having an Open Internet means that individuals and organisations should be able to easily access and use all of its resources, and to ensure that this can happen, certain principles need to be adhered to e.g. open standards, transparency, no Internet censorship, low barriers to entry, and ‘Net Neutrality’. The idea is that Net Neutrality can help to enhance innovation and trade in a fair way.
What’s Happened?
On 18th May the FCC voted two-to-one in support of a new proposal that would repeal the existing Net Neutrality regulations, and start a 90-day period of public comments before a final vote in December. The FCC, led by Ajit Pai also released a 210-page (pdf) document on 22nd November essentially outlining how a greater reliance on business competition and anti-trust laws to regulate ISP charges for their services plus a requirement to provide “transparency” to consumers could work as a replacement for the Net Neutrality regulations that are being overturned.
What’s The Problem?
For many, the push by the FCC to effectively end Net Neutrality has sparked concerns about a market-driven agenda which could mean that smaller or more diverse web services that won’t be protected for ISPs slowing their traffic or pricing them out of the market, and a situation where the scales are tipped in the favour of big telecoms providers such as AT&T and Verizon rather than other technology companies and social platforms.
Nature of The Markets Have Changed
Some are of the opinion that the move by the FCC is also simply an attempt to loosen restrictions on other types of gatekeepers e.g. cable TV operators and telecoms companies to allow them to compete more fairly with new competitors that were created by changes in the market brought about by Net Neutrality. For example, it was not necessarily foreseen that Facebook would grow bigger than traditional media or that Amazon would move into films, thereby changing the nature of the market and requiring a new kind of regulation.
Fake and Stolen Identities For Comments
One alarming aspect of this latest development is the allegation that, of the record number of the 23 million comments filed with the FCC as part of the public consultation process about possibly repealing the Net Neutrality regulation, many used faked or used stolen identities. This has prompted accusations that the comment process is corrupt.
Other Regulations Removed
As well as attempting to remove Net Neutrality regulations, the FCC also appears to be trying to remove regulations around other restrictions on media ownership e.g. reducing / revising the cap on how many homes in the US a single broadcaster can reach, and allowing TV stations to use different frequency channels that count less against this overall cap on broadcasting reach.
What Does This Mean For Your Business?
To allow fair competition and equal opportunities, there must be something that looks like an ‘equal playing field’ in place, and it often takes rules imposed by authorities outside an industry rather than just market forces and industry bodies to make sure that happens.
There is an argument that the evolution of the online data market makes it complicated to regulate, but the removal of Net Neutrality looks likely to be bad news for smaller and more diverse companies and for those outside of the current mainstream media.
There is also a danger here that market-driven and political agendas are being given greater value than the civic service or cultural good that an equal / neutral situation would allow.