Google's AI takes on champion in fresh Go challenge


Image copyright
Google

Image caption

The game is being analysed and live-streamed on YouTube

Google DeepMind’s AI system, AlphaGo, has won the first of three matches it is playing against the world’s number one Go player, Ke Jie.

It follows its historic win against Lee Se-dol last year, described by experts as a breakthrough moment for AI.

The AI won by just half a point in its latest match.

Ke Jie described the AI as “like a god of Go players”, while DeepMind co-founder Demis Hassabis thanked him for a hard-fought match.

Image copyright
Google

Image caption

Ke Jie and Demis Hassabis shook hands before the match

“It was a such close game, an exciting game and showed how much work Ke Jie put into preparing for the match,” said Mr Hassabis in a post-match press conference.

“It was interesting for us to see him using moves from AlphaGo’s previous games, and we were intrigued to see how AlphaGo deals with its own strategies used – huge respect to Ke Jie for pushing AlphaGo to its limits.”

He added that the ultimate plan for AlphaGo was a wider deployment “in areas of medicine and science”.

Media playback is unsupported on your device

Media captionA brief guide to Go

Of the match, Ke Jie said: “There were some unexpected moves and I was deeply impressed.

“I was quite shocked as there was a move that would never happen in a human-to-human Go match.”

He added that AlphaGo was a “wonderful player” and “completely different” from last year.

AlphaGo now has huge influence on the Go circuit, and was star turn at the Future of Go Summit, organised by Google, in China this week.

The second game will be take place on Thursday, with the final match on Saturday.

In Go, players take turns placing stones on a 19-by-19 grid, competing to take control of the most territory.

It is considered to be one of the world’s most complex games, and is much more challenging for computers than chess.

AlphaGo has built up its expertise by studying older matches and playing thousands of games against itself.



Source link

Apple and Nokia to 'co-operate' after settling patent row


Image copyright
PA

Apple and Nokia have settled a dispute over the use of patented technology in smartphones and agreed to “co-operate”.

In December, Nokia sued Apple claiming the company had breached 32 technology patents covering displays, user interfaces and video encoding.

The two companies have now signed a deal allowing Apple to use the technology, and Nokia will receive an up-front cash payment.

Apple will also stock Nokia’s health products in its retail stores.

The two companies have not revealed specific details of the financial agreement, but one analyst suggested it would be worth millions of dollars to Nokia.

“The agreement is per year, so it’s probably in the hundreds of millions of dollars range,” said Keith Mallinson, an industry analyst as Wiseharbor.

“That’s partly because it covers many patents, and Nokia has some very important ones, they were one of the pioneers of cellular standards.

“But looking at Apple’s business… one industry estimate is that they made $140bn (£107bn) revenue on iPhone sales in 2016.

“Even a small royalty against that – less than 1% – would be in the hundreds of millions of dollars.”

Nokia said it was “looking forward to supporting Apple”, while Apple’s Jeff Williams said the company was “pleased with this resolution of our dispute”.

Between 2009 and 2011, the two companies were locked in a series of legal battles over the patents for the technology they used in their mobile phones.

At the time, Nokia was still the world’s leading mobile phone manufacturer, but was being rapidly undermined by the rise of Apple’s iPhone.



Source link

WannaCry attack 'linked' to North Korea hacking group


Image copyright
Getty Images

Image caption

Sony was attacked for releasing The Interview, which involves a plot to kill the North Korean leader

A hacking group closely tied to North Korea was behind the massive WannaCry attack earlier this month, security company Symantec says.

The way the attack was set up made it “highly likely” that the Lazarus group was responsible, it said.

Lazarus has been blamed for a 2014 attack on Sony and the theft of $81m (£62m) from Bangladesh’s central bank.

In those attacks, the group is believed to have worked on behalf of North Korea’s government.

In a blog, Symantec said “substantial commonalities in the tools, techniques, and infrastructure used by the attackers” led it to conclude that the Lazarus group had instigated the WannaCry attack.

However, Symantec added that the character of the attack suggested it had not been carried out on behalf of North Korea.

Rather than being a nation-state campaign, it said, it looked more like a “typical” cyber-crime campaign that sought to enrich its operators.

North Korea has denied any involvement with WannaCry, branding any claims it was behind it “ridiculous”.

‘Error prone’

The virulent WannaCry worm is believed to have infected computers at more than 200,000 companies.

Victims included more than 60 NHS trusts in the UK as well as Fedex, Renault and Telefonica.

On compromised computers, the worm encrypted files and demanded a ransom of $300 (£231) in bitcoins to unlock them.

Symantec pointed to small-scale attacks carried out prior to the massive May event that used the same basic malware but also employed other technical tricks Lazarus is known to use.

The earlier attacks did not exploit the vulnerability that helped WannaCry spread so far, so fast but instead used six other malicious programs favoured by Lazarus.

Two of these are known to have been used in the Sony attack.

In addition, Symantec said, code inside WannaCry was shared with a separate program also linked to Lazarus.

Symantec’s analysis builds on work by other researchers who have studied WannaCry and found evidence that some of its core code is shared with other malicious programs Lazarus is believed to have used.

Despite Symantec’s lengthy analysis, some experts remained cautious about blaming Lazarus.

“Attributing hacking operations and malware to specific groups is an imprecise undertaking that’s frequently fraught with errors,” wrote Dan Goodin, security editor at Ars Technica.

So far, 300 victims are believed to have paid to have their files unlocked, generating a total ransom payment of $109,245.

The money is being paid into three separate bitcoin wallets that are being closely scrutinised for activity to see if they can help identify the criminals.



Source link

Amazon adds live TV channels to Prime Video


Image copyright
Amazon

Image caption

Amazon is adding live TV to Prime Video

Amazon has announced it will offer live television channels via its Prime Video service, for an extra fee.

People will be able to subscribe to popular channels such as Discovery and Eurosport individually, without paying for a bundle of channels.

Until now, Prime Video has offered only on-demand films and TV shows in the UK.

But one analyst said the launch line-up of channels was “not immediately desirable” and would struggle to attract satellite TV customers.

“Amazon launched a similar thing in the US, and the big selling point was that you could get HBO and Showtime programmes, all under one umbrella,” said Tom Harrington, an analyst at Enders.

“That’s not going to happen here. Sky have HBO and Showtime locked down, at least for now, and will hold on to them aggressively.

“When you look at what’s available in the UK, it does lack the wow factor.”

Image copyright
Amazon

Image caption

Viewers will be able to stream ITV’s free-to-air channels for £3.99 a month

Discovery Communications is providing the best-known pay-TV channels to the service, offering Eurosport for £6.99 a month and Discovery Channel for £4.99 a month.

Viewers must also pay for an Amazon Prime membership at £79 a year.

ITV will offer an ad-free version of its streaming service and access to its free channels – such ITV 2 and ITV Be – for a monthly fee of £3.99.

“This is a starting point,” said Alex Green, managing director of Amazon Video.

“We’re offering linear TV channels where it makes sense. We have a good spread of big partners and I’m sure that will only grow.”

As well as the traditional television channels, viewers will be able to pay for curated “channels” of programmes to stream on-demand, such as the Yoga Anytime Channel, and Horse & Country Play, which is billed as the “home of equestrianism”.

“The core of the experience on Prime Video is on-demand streaming, and that will still be the core of the experience,” said Mr Green.

Difficult market

Mr Harrington said it would be difficult for streaming services to offer traditional television services at a competitive price.

“In the US, YouTube, Amazon, Apple and Facebook have been vocal about getting TV bundles together, but YouTube is the only one to have done it so far,” he told the BBC.

“It’s very hard to build from all these different suppliers and put these channels together at a price that is compatible to a cable offering.”

Mr Green said Amazon wanted to offer customers more flexibility, by letting them subscribe to individual channels.

“Often people say they are subscribed to a big TV package but don’t watch a lot of the channels,” he told the BBC.

“Now people can try it out, pick and choose, and cancel at any time.”



Source link

Instagram 'worst for young mental health'


Image copyright
Getty Images

Instagram is rated as the worst social media platform when it comes to its impact on young people’s mental health, a UK snapshot survey suggests.

The poll asked 1,479 people aged 14-24 to score popular apps on issues such as anxiety, depression, loneliness, bullying and body image.

Instagram said keeping the platform a safe and supportive place for young people was a top priority.

Mental health charities urged companies to act to increase users’ safety.

‘Inadequacy and anxiety’

The Royal Society for Public Health study says social platforms should flag up heavy social media use and identify users with mental health issues.

Instagram says it provides tools and information on how to cope with bullying and warns users before they view certain content.

The RSPH report says that “social media may be fuelling a mental health crisis” in young people.

However, it can also be used as a tool for good, the report said. Instagram, for example, was found to have a positive effect on self-expression and self-identity.

About 90% of young people use social media – more than any other age group – so they are particularly vulnerable to its effects, although it is not clear what these are on current evidence.

‘Deep depressive episode’

Isla is in her early 20s. She got hooked on social media as a teenager when going through a difficult time in her life.

“The online communities made me feel included and that I was worthwhile.

“However, I soon began to neglect ‘real life’ friendships and constantly spent all my time online talking to my friends there.

“I fell into a deep depressive episode aged 16, which lasted for months and was utterly horrible.

“During this time social media made me feel worse, as I would constantly compare myself to other people and make myself feel bad.

“When I was 19, I had another bad depressive episode. I’d go on social media, see all my friends doing things and hate myself for not being able to do them, or feel bad that I wasn’t as good a person as them.”

Image copyright
Isla Whateley

Social media has also been a positive in Isla’s life.

“I have blogged a lot about mental health and I’m quite open about it and have good conversations with people about it.

“I find it gives me a platform to talk and talking with people is something I find imperative to my own health.

“The online friends I made five or six years ago I’m still friends with to this day and have met many of them in person.”

The online survey asked participants a series of questions about whether YouTube, Instagram, Snapchat, Facebook and Twitter had an impact on their health and well-being.

Participants were asked to score each platform on 14 health and well-being issues.

Based on these ratings, YouTube was considered to have the most positive impact on mental health, followed by Twitter and then Facebook.

Snapchat and Instagram were given the lowest scores overall.

‘Wild West’

Shirley Cramer, chief executive of the RSPH, said: “It is interesting to see Instagram and Snapchat ranking as the worst for mental health and well-being – both platforms are very image-focused and it appears they may be driving feelings of inadequacy and anxiety in young people.”

In light of the findings, public health experts are calling for social media platforms to introduce a series of checks and measures to help tackle mental health, including:

  • Pop-ups warning people that they have used social media for a long time (supported by 70% of young people surveyed)
  • Social media platforms identifying users with mental health problems and “discreetly signposting places they can get support”
  • Platforms highlighting when photos have been digitally manipulated – for example, fashion brands, celebrities and other advertising organisations could sign up to a voluntary code, allowing a small icon to be displayed on digitally altered photos

Image copyright
Getty Images

The report also recommends that NHS England comes up with a vetting scheme for health and well-being information so young people are better able to judge whether information is trustworthy.

Ms Cramer added: “As the evidence grows that there may be potential harms from heavy use of social media, and as we upgrade the status of mental health within society, it is important that we have checks and balances in place to make social media less of a ‘wild West’ when it comes to young people’s mental health and well-being.”

Tom Madders, from mental health charity YoungMinds, said the recommendations could help many young people.

“Increasing safety within social media platforms is an important step and one we urge Instagram and other sites to act upon.

“But it’s also important to recognise that simply ‘protecting’ young people from particular content types can never be the whole solution.”

He said young people needed to understand the risks of how they behaved online and should be taught how to respond to “harmful content that slips through filters”.

Michelle Napchan, Instagram head of policy, said: “Keeping Instagram a safe and supportive place, where people feel comfortable expressing themselves, is our top priority – particularly when it comes to young people.

“Every day people from all over the world use Instagram to share their own mental health journey and get support from the community. For those struggling with mental health issues, we want them to be able to access support on Instagram when and where they need it.

“That’s why we work in partnership with experts to give people the tools and information they need while using the app, including how to report content, get support for a friend they are worried about or directly contact an expert to ask for advice on an issue they may be struggling with.”

Get news from the BBC in your inbox, each weekday morning



Source link

Bitcoin hits $2,000 trading high point


Image copyright
Getty Images

Image caption

Bitcoin’s value has fluctuated sharply over the last four years

The value of Bitcoin has hit a new high with each individual coin now worth more than $2,100 (£1,615).

The valuation caps a strong month for the virtual currency, with its value growing by more than 65% in a month.

The steady rise in value is believed to be linked to policy changes in Japan and China that have made it easier for speculators to trade in bitcoins.

Many other virtual currencies have also enjoyed a sustained rise in value over the last few weeks.

Bitcoin first broke the $1,000 (£768) barrier in November 2013 but its value has fluctuated wildly since then. For instance, in early 2014 one bitcoin was worth only $280 (£215).

And at the end of 2016, each one was changing hands for about $900 (£690).

Unsustainable bubble

Bitcoin emerged in 2008 and is a digital currency based around cryptography. Individual coins can be split into smaller denominations and many people involved with the currency use computers to verify the globally-held log, known as the blockchain, of who spent what where.

Verifying transactions involves solving a complicated mathematical problem and the first person to do so gets rewarded with bitcoins.

Rising interest in bitcoin has sparked the creation of many other crypto-currencies. These have proved popular as the technology underlying bitcoin has struggled to cope with its popularity and growth. One estimate suggests bitcoins now make up only 47% of all traded crypto-currencies.

Rivals such as Ethereum and Ripple have been gaining value far faster than bitcoin over the last few months.

The surging valuations has led some commentators to suggest that an unsustainable crypto-currency bubble is developing.

“The question is not if but when the market will turn,” said an editorial in The Economist.



Source link

Windows 7 hardest hit by WannaCry worm


Image copyright
Getty Images

Image caption

The WannaCry outbreak got started by infecting a small number of vulnerable machines

The majority of machines hit by the WannaCry ransomware worm in the cyber-attack earlier this month were running Windows 7, security firms suggest.

More than 97% of the infections seen by Kaspersky Lab and 66% of those seen by BitSight used the older software.

WannaCry started spreading in mid-May and, so far, has infected more than 200,000 computers around the world.

In the UK, some hospitals had to turn away patients as the worm shut down computer systems.

Many suggested that the reason UK hospitals suffered was because many of them still relied on programmes that required Windows XP – a version of Microsoft’s OS that debuted in 2001.

But infections of XP by WannaCry were “insignificant” said Costin Raiu from Kaspersky Lab.

Windows 7 was first released in 2009 and the most widely infected version was the x64 edition, which is widely used in large organisations, showed figures from Kasperksy.

Many organisations seem to have been caught out because they failed to apply a patch, issued by Microsoft in March. that blocked the vulnerability which WannaCry exploited.

Spanish telecoms firm Telefonica, French carmaker Renault, German rail firm Deutsche Bahn, logistics firm Fedex, Russia’s interior ministry and 61 NHS organisations were all caught out by WannaCry.

After encrypting files, the WannaCry worm demanded a payment of £230 ($300) in bitcoins before they were unfrozen. So far, a reported 296 payments totalling $99,448 (£76,555) have been made to the bitcoin wallets tied to the ransomware.

There have been no reports that anyone who paid has had their data restored by the gang behind the attack.

Security experts also found that the worm spread largely by seeking out vulnerable machines on the net by itself. Before now, many thought it had got started via an email-based phishing campaign.

Adam McNeil, a senior malware analyst at Malwarebytes, said the worm was primed to look for machines vulnerable to a bug in a Microsoft technology known as the Server Message Block (SMB).

“The attackers initiated an operation to hunt down vulnerable public facing SMB ports and, once located, used the newly available SMB exploits to deploy malware and propagate to other vulnerable machines within connected networks,” he wrote.

Mr McNeil said he suspected that whoever was behind the worm first identifed a “few thousand” vulnerable machines which were used as the launch platform for the much larger waves of infection.



Source link

Virtual rabbits 'culled' in Second Life


Image copyright
Ozimals

Thousands of rabbits have been “culled” in the Second Life virtual world.

The web server sustaining them has been deactivated after a legal threat from a company claiming to have designed them.

Added to Second Life in 2010, Ozimals bunnies were collectible pets that players could breed.

Some owners had secured an “everlasting timepiece”, giving their pets eternal life but preventing them from breeding. But the remaining rabbits entered “permanent hibernation” on Saturday.

They were designed to communicate with a web server to ensure they had not been tampered with, but the company that created them closed in 2016.

Since then, the server sustaining them has been run by a volunteer known by the pseudonym Malkavyn Eldritch.

On Tuesday, Eldritch said he had received a cease-and-desist letter, demanding he “cease all use of Ozimals intellectual property” from a company claiming to have designed the rabbits’ “visual assets”.

“I do not have the means to fight this in court, therefore I have no choice but to comply,” said Eldritch.

“I’m sorry.

“It was never my intention for the time we’ve all spent with the bunnies… to end like this.”



Source link

Leaks 'expose peculiar Facebook moderation policy'


Image copyright
Reuters

Image caption

The guidelines Facebook uses to decide what users see are ‘confusing’ say staff

How Facebook censors what its users see has been revealed by internal documents, the Guardian newspaper says.

It said the manuals revealed the criteria used to judge if posts were too violent, sexual, racist, hateful or supported terrorism.

The Guardian said Facebook’s moderators were “overwhelmed” and had only seconds to decide if posts should stay.

The leak comes soon after MPs said social media giants were “failing” to tackle toxic content.

Careful policing

The newspaper said it had managed to get hold of more than 100 manuals used internally at Facebook to educate moderators about what could, and could not, be posted on the site.

Facebook has not commented on the authenticity of the documents seen by the newspaper.

The manuals cover a vast array of sensitive subjects, including hate speech, revenge porn, self-harm, suicide, cannibalism and threats of violence.

Facebook moderators interviewed by the newspaper said the policies Facebook used to judge content were “inconsistent” and “peculiar”.

The decision-making process for judging whether content about sexual topics should stay or go were among the most “confusing”, they said.

The Guardian says its glimpse into the internal decision-making process at Facebook was likely to renew calls for the site to be more carefully policed and for more transparency on how it judges what people post.

‘Alarming’ insight

In a statement, Monica Bickert, Facebook’s head of global policy management, said: “We work hard to make Facebook as safe as possible, while enabling free speech.

“This requires a lot of thought into detailed and often difficult questions, and getting it right is something we take very seriously,” she added.

As well as human moderators that look over possibly contentious posts, Facebook is also known to use AI-derived algorithms to review images and other information before they are posted. It also encourages users to report pages, profiles and content they feel is abusive.

In early May, the influential Home Affairs Select Committee strongly criticised Facebook and other social media companies as being “shamefully far” from tackling the spread of hate speech and other illegal and dangerous content.

The government should consider making sites pay to help police content, it said.

Soon after, Facebook revealed it had set out to hire more than 3,000 more people to review content.

The NSPCC said the report into how Facebook worked was “alarming to say the least”.

“It needs to do more than hire an extra 3,000 moderators,” said a statement from the charity.

“Facebook, and other social media companies, need to be independently regulated and fined when they fail to keep children safe.”



Source link

General election 2017: Illegal content sanctions threat


Image copyright
Getty Images

Online companies could face fines or prosecution if they fail to remove illegal content, under Conservative plans for stricter internet regulation.

The party has also proposed an industry-wide levy, dubbed a “Twitter tax”, to fund “preventative activity to counter internet harms”.

Labour said it had “pressed for tough new codes” in the past but the government had “categorically refused”.

The Liberal Democrats said more needed to be done “to find a real solution”.

Voluntary contributions

The Conservatives said the levy, proposed in their election manifesto, would use the same model as that used in the gambling industry, where companies voluntarily contribute to the charity GambleAware to help pay for education, research, and treating gambling addiction.

All social media and communications service providers would be given a set period to come up with plans to fund and promote efforts “to counter internet harms”.

If they failed to do so, the government would have the power to impose an industry-wide toll.

The Conservatives say the exact details, including how long the industry will be given to comply and the size of the levy, will be consulted upon.

A Labour spokesman said: “If the Tories are planning to levy a new tax on social media companies, they need to set out how it will work, who it will affect and what it will raise.

‘Sanctions regime’

“Labour has pushed for a code of practice about the responsibilities of social media companies to protect children and young people from abuse and bullying.”

The Conservatives have also pledged to introduce “a sanctions regime” that would give regulators “the ability to fine or prosecute those companies that fail in their legal duties, and to order the removal of content where it clearly breaches UK law”.

Social media platforms and internet service providers would have clearer responsibilities regarding the reporting and removal of harmful material, including bullying, inappropriate or illegal content, and would have to take down material.

“It is certainly bold of the Conservatives to boast that they can protect people on the internet,” Liberal Democrat home affairs spokesman Alistair Carmichael said.

“Government and technology companies must do more to find a real solution to problematic content online.”

And Labour’s digital economy spokeswoman Louise Haigh said: “The Home Office were crystal clear they did not want to legislate and that they believed the voluntary framework was sufficient.

“The fact is that in government the Tories have been too afraid to stand up to the social media giants and keep the public safe from illegal and extremist content.”



Source link

FCC votes to overturn net neutrality rules


Image copyright
Reuters

Image caption

FCC chairman Ajit Pai said existing rules hampered the growth of the tech sector

The US Federal Communications Commission has voted to overturn rules that force ISPs to treat all data traffic as equal.

Commissioners at the agency voted two-to-one to end a “net neutrality” order enacted in 2015.

Ajit Pai, head of the FCC, said the rules demanding an open internet harmed jobs and discouraged investment.

Many Americans and technology firms filed objections to the FCC’s proposal prior to the vote.

“This is the right way to go,” said Mr Pai ahead of the vote on Thursday.

In a statement, the FCC said it expected its proposed changes to “substantially benefit consumers and the marketplace”. It added that, before the rules were changed in 2015, they helped to preserve a “flourishing free and open internet for almost 20 years”.

Equal access

The vote by the FCC commissioners is the first stage in the process of dismantling the net neutrality regulations.

The agency is now inviting public comment on whether it should indeed dismantle the rules. Americans have until mid-August to share their views with the FCC.

This call for comments is likely to attract a huge number of responses. Prior to the vote, more than 1 million statements supporting net neutrality were filed on the FCC site.

Image copyright
Getty Images

Image caption

John Oliver urged his viewers to post comments to the FCC, opposing the reversal of net neutrality rules

Many people responded to a call from comedian and commentator John Oliver to make their feelings known.

Separately, some protestors also used software bots to repeatedly file statements on the site.

Many fear that once the equal access rules go, ISPs will start blocking and throttling some data while letting other packets travel on “fast lanes” because firms have paid more to reach customers quicker.

US ISPs such as Comcast, Charter Communications and Altice NV have pledged in public statements to keep data flowing freely.

Despite this public pledge Comcast, along with Verizon and AT&T, opposed the original 2015 rule change saying it dented their enthusiasm for improving US broadband.

Facebook, and Google’s parent company Alphabet as well as many other net firms have backed the open net rules saying equal access was important for all.



Source link

BBC fools HSBC voice recognition security system


Image caption

The bank’s voice-based ID system was fooled by Dan and his twin

Security software designed to prevent bank fraud has been fooled by a BBC reporter and his twin.

BBC Click reporter Dan Simmons set up an HSBC account and signed up to the bank’s voice ID authentication service.

HSBC says the system is secure because each person’s voice is “unique”.

But the bank let Dan Simmons’ non-identical twin, Joe, access the account via the telephone after he mimicked his brother’s voice.

HSBC introduced the voice-based security in 2016, saying it measured 100 different characteristics of the human voice to verify a user’s identity.

‘Really alarming’

Customers simply give their account details and date of birth and then say: “My voice is my password.”

Although the breach did not allow Joe Simmons to withdraw money, he was able to access balances and recent transactions, and was offered the chance to transfer money between accounts.

“What’s really alarming is that the bank allowed me seven attempts to mimic my brothers’ voiceprint and get it wrong, before I got in at the eighth time of trying,” he said.

Image caption

HSBC advertises the system in its branches

“Can would-be attackers try as often as they like until they get it right?”

Separately, a Click researcher found HSBC Voice ID kept letting them try to access their account after they deliberately failed on 20 separate occasions spread over 12 minutes.

Click’s successful thwarting of the system is believed to be the first time the voice security measure has been breached.

HSBC declined to comment on how secure the system had been until now.

A spokesman said: “The security and safety of our customers’ accounts is of the utmost importance to us.

“Voice ID is a very secure method of authenticating customers.

“Twins do have a similar voiceprint, but the introduction of this technology has seen a significant reduction in fraud, and has proven to be more secure than PINS, passwords and memorable phrases.”

Account open

“I’m shocked,” said Mike McLaughin, a security expert at Firstbase Technologies.

“This should not be allowed to happen.

“Another person should not be able to access your bank account.

Image copyright
Thinkstock

Image caption

Twins are used to check that voice-based ID systems can pick out individuals

“Voices are unique – but if the system allows for too many discrepancies in the voiceprint for a match, then it’s not secure.

“And that seems to be what’s happened here.”

Prof Vladimiro Sassone, an expert in cyber-security, from the University of Southampton, said biometrics could, in general, be an effective security layer, but there were dangers if companies put too much faith in something that was not 100% secure.

“In principle there should be no room for error at all,” said Prof Sassone.

“It should be good at the first attempt.”

“Voice identification is not like a password system.”

“You can’t forget your voice or get the wrong one.

“After two attempts, systems should be able to say whether it’s a match or not and alert the bank and user if further attempts are made.”

Prof Sassone said using unique biometric traits as a verifier should make it harder for hackers – but if they should be copied by criminals, users could not then change their voice, face, or fingerprint as they would a password.

“If you have to prove it wasn’t you who accessed your account – that it was either a mimic or computer software – then how are you going to do that?” he asked.

“Especially if the bank is claiming the system is perfect.”

Image copyright
1joe

Image caption

HSBC said it used 100 different identifiers to fingerprint a customer’s voice

Security expert Prof Alan Woodward, from the University of Surrey, said it was dangerous to rely on one biological characteristic to authenticate someone, even if it was one unique to that person.

“Biometric based security has a history of measurements being copied,” he said.

“We’ve seen fingerprints being copied with everything from gummy bears to photographs of people’s hands.

“Hence, biometrics, just like other aspects of security, will always have to evolve as measures emerge to threaten them.

“Security is a story of measure and counter-measure.”

He said HSBC probably needed to reassess its technology and ideally add another “factor” alongside the voiceprint check to authenticate identity.

“As well as requiring something you are, it would require something you know or something you have, like a PIN,” he said.

“That makes it much more difficult to compromise.”

Image copyright
deepblue4you

Image caption

Fingerprints have been copied using moulds made from gummy bear sweets

It is not just the ability of humans to fool computers that is worrying some high-tech companies.

Start-up Lyrebird is working on ways to replicate a voice using just a few minutes of recorded speech.

Co-founder Jose Sotelo said there was no doubt this had “implications” for voice identification systems.

“We are working with security researchers to figure out the best way to proceed,” he told Click.

“This is one of the reasons we have not published this to the public yet.

“It’s a scary application but we believe that we should be careful and should not be scared of technology and we should try to make the best out of it,” he said.

“One idea we are considering is to watermark the audio samples we produce so we are able to detect immediately if it is us that generated this sample.”

You can see the full BBC Click investigation into biometric security in special edition of the show on BBC News and on the iPlayer from Saturday, 20 May.



Source link

Electoral Commission wants powers to tackle election meddling from abroad


Image copyright
Getty Images

A probe into the political use of private data has been opened by the information commissioner.

Elizabeth Denham announced the review amid concerns over allegations involving an analytics firm linked to a Brexit campaign.

It follows calls for an investigation into claims that Leave.EU had not declared the role of Cambridge Analytica (CA) in its campaign.

The Electoral Commission says its powers do not extend beyond the UK.

But Ms Denham said: “Having considered the evidence we have already gathered, I have decided to open a formal investigation into the use of data analytics for political purposes.

“This will involve deepening our current activity to explore practices deployed during the UK’s EU referendum campaign, but potentially also in other campaigns.”

The probe was sparked by Labour’s Stephen Kinnock, a remain campaigner, who called on the Electoral Commission to look into links between Leave.EU and CA.

Claire Bassett, the commission’s chief executive, said, while it had “very clear rules” governing the permissibility of donations and printed materials, such as campaign leaflets, it has no power to stop overseas individuals or governments using social media to influence British elections.

“At the moment the rules apply to print media – so if you get a leaflet through your door, that should have an imprint on it which makes it clear who’s produced that leaflet and where it’s come from so you know who’s campaigning for your vote,” she said.

“At the moment those rules don’t extend to social media and we’ve recommended that that should happen.”

High priority

But quizzed about how far the electoral watchdog could go to prevent individuals or governments attempting to influence British elections via data analytic companies which target voters, Ms Bassett said: “If something is happening outside of the borders of this country and is not part of any of the regime we’re responsible for, it’s not something we can cover within our regulation.”

Ms Denham said it was “understandable” that “political campaigns are exploring the potential of advanced data analysis tools to help win votes”, but said the “public have the right to expect that this takes place in accordance with the law”.

“This is a complex and rapidly evolving area of activity and the level of awareness among the public about how data analytics works, and how their personal data is collected, shared and used through such tools is low,” she said.

“What is clear is that these tools have a significant potential impact on individuals’ privacy.

“It is important that there is a greater and genuine transparency about the use of such techniques to ensure that people have control over their own data and the law is upheld.”

‘No involvement’

Ms Denham said the investigation was a “high priority for her team” and that she was “conscious” that it coincides with the general election campaign.

The probe follows an Observer investigation suggesting there were links between data analytics firms, a US billionaire and the Leave campaign in last year’s EU referendum.

A Cambridge Analytica spokesman said the firm was happy to help the watchdog with any inquiry into the use of data analytics in politics but that it had had “no involvement” in the EU referendum.

The Electoral Commission found the Tories spent £1.2m on Facebook campaigns during the 2015 election – more than seven times the £160,000 spent by Labour. The Liberal Democrats spent just over £22,000.

Leave campaigners spent £3.5m with a technology company called Aggregate IQ. Vote Leave said it allowed them to target swing voters online much more effectively and efficiently.

But BBC media editor Amol Rajan said that while huge amounts of money were being spent by political parties online, not everyone was “transparent about their ambitions online”.

“We know that millions and millions of pounds have been spent by various people – foreign forces, sometimes extremists – who are politically advertising online trying to influence elections and they are not regulated,” he said.

“The fact is the technology is changing very fast but the law hasn’t kept pace.

“When it comes to broadcast advertising, we tend to know who’s advertising, how much money they are spending and they tend to do it within certain social norms, but when it comes to political advertising online, it’s very unclear who is spending the money and to what end….

“The point is we simply don’t have clear regulations that require people to be transparent. The implication is that they might be foreign forces; they might be very wealthy individuals who are having a material impact on elections in western or non-Western democracies and we simply don’t know about it.

“It seems pretty obvious if we regulate political advertising in other spheres we need to think very hard about the impact of political advertising online too.”



Source link

App maker's code stolen in malware attack


Image copyright
Getty Images

The Mac and iOS software developer Panic has had the source code for several of its apps stolen.

Panic founder Steven Frank admitted in a blog post that it happened after he downloaded an infected copy of the video encoding tool Handbrake.

He said there was no sign that any customer data was accessed and that Panic’s web server was not affected.

Users have been warned to download Panic’s apps only from its website or the Apple App Store.

Panic is the creator of web editing and file transfer apps Coda and Transmit, and the video game Firewatch.

‘Entirely compromised’

On 2 May Handbrake was hacked, with the Mac version of the app on one of the site’s download servers replaced by a malicious copy.

The infected app was discovered and removed on 6 May.

In what Mr Frank called “a case of extraordinarily bad luck”, he downloaded the malicious version of Handbrake and launched it “without stopping to wonder why Handbrake would need admin privileges… when it hadn’t before”.

“And that was that, my Mac was completely, entirely compromised in three seconds or less.”

The attacker then used his password to access other private files and copy the source code for several of Panic’s products stored on the infected computer.

Ransom demand

The theft was confirmed when Panic received an email containing some of the files and demanding a ransom for the return of the complete code.

“We’re working on the assumption that there’s no point in paying,” Mr Frank wrote, saying that “the attacker has no reason to keep their end of the bargain”.

Image copyright
Handbrake

Image caption

Mac users were alerted to the issue with Handbrake on 6 May

The FBI is investigating the incident and Panic has been working with Apple to make sure that no malicious or fake versions of the apps get into the App Store.

“I feel like a monumental idiot for having fallen for this,” Mr Frank admitted.

“It’s a good reminder though — no matter how experienced you might be with computers, you’re human and mistakes are easily made.”



Source link

India's Zomato says data from 17 million users stolen


Image copyright
Zomato

Image caption

Zomato is active in 10,000 cities across 24 countries around the world

Global restaurant guide Zomato says hackers have stolen data on about 17 million users.

The Indian firm, which uses a digital platform to provide information, said the breach includes swathes of personal information, including email addresses and hashed passwords.

Payment-related information is safe as it was stored separately, Zomato said.

The firm said it had reset the passwords of affected users and logged them out of the app and the website.

More than 120 million users visit Zomato – an online and mobile service offering restaurant and nightlife information, including menus and photographs, in countries around the world – every month.

The firm said it had “recently” discovered that 17 million email addresses and hashed passwords had been stolen from its data base.

“The hashed password cannot be converted/decrypted back to plain text – so the sanctity of your password is intact in case you use the same password for other services,” the firm said in a security notice to its consumers.

“But if you are paranoid about security like us, we encourage you to change your password for any other services where you are using the same password.”

Zomato said “no payment information or credit card data has been stolen/leaked” as they were stored in “highly secure” digital vaults.

The firm said it appeared that “an internal (human) security breach” had led to the theft of the data.

Zomato is based in Gurgaon near Delhi and is active in 10,000 cities, including London and New York, across 24 countries around the world.



Source link

Cage director charged for failing to disclose passwords


Image copyright
Cage

The director of campaign group Cage has been charged under the Terrorism Act.

Muhammad Rabbani faces a charge of failing to disclose his password after being detained at Heathrow Airport under counter-terrorism stop-and-search powers, the organisation has said.

Mr Rabbani was stopped at Heathrow in November, but refused to give officers access to his phone and laptop.

Cage describes itself as an independent advocacy group “working for those impacted by the War on Terror”.

The Metropolitan Police confirmed that Mr Rabbani, 36, attended an east London police station on Wednesday.

A spokesman for Cage said Mr Rabbani was charged with wilfully obstructing or seeking to frustrate a search examination under Schedule 7 of the Terrorism Act 2000 over the incident at the airport in November.

That law gives officers special powers to question and detain for up to six hours any individual passing through a UK port, airport, international rail terminal or border area.

Cage, whose main role is to support those who have been affected by UK counter-terrorism legislation, said Mr Rabbani had been released on bail and would be challenging the charge.



Source link

Twitter user numbers overtaken by China's Sina Weibo


Image copyright
Getty Images

There are now more people using Sina Weibo, the Chinese micro-blogging platform, than there are using Twitter.

According to the Chinese company’s first quarter results, it has 340 million active monthly users, 30% up on the previous year.

About 154 million people use the site daily, 91% of whom access it via mobile.

By comparison, Twitter, which is blocked in China, has around 328 million active monthly users.

“Our relentless focus to build the best social media experience in China is reflected in Weibo’s strong performance,” Gaofei Wang, Weibo chief executive, said in a statement.

“Looking ahead, we continue to see strong momentum, as we further optimise Weibo to share, discover and consume information, especially for the mobile, social and video environment.”

Preferred platform

China has an estimated 731 million web users, more than 90% of whom can access the internet via a smartphone, according to the China Internet Network Information Centre.

Sina Weibo is the most popular of China’s micro-blogging services, and it is the preferred platform for most mainland Chinese newspapers and TV stations, which have millions of followers.

Last year, seeing how popular live streaming video was becoming, Sina Weibo launched its own live streaming app, Yizhibo, nicknamed “Yi”.


Analysis: Kerry Allen, BBC Monitoring

The success of mobile messenger WeChat (China’s answer to WhatsApp) has challenged Sina Weibo in recent years, with increased smartphone ownership in the mainland influencing social media users to read news on their phones, instead of computer screens.

But Sina Weibo has remained competitive by making a number of strategic partnerships that have given host to an array of new functions, many of which go even beyond those of Twitter – which is blocked in China.

In 2014, e-commerce giant Alibaba, which owns a 31.4% stake of Weibo, helped boost the platform’s e-commerce capabilities with the introduction of “Weibo Payment”, enabling users to shop online using the service.

But with WeChat heavily investing in similar capabilities last year, Weibo made a perhaps daring move to introduce live streaming capabilities to its platform.

It had earlier shied away from replicating Twitter in doing this, given that the Chinese government is nervous about politically sensitive issues reaching widespread awareness.


Twitter is blocked in China, along with Facebook, Google, YouTube and many foreign news websites.

The number of people actively using Twitter has continued to rise by about 6% each month, but in April it revealed that its revenue from advertising had fallen by almost 8% in the space of a year.

Chief executive Jack Dorsey said the company “continued to face revenue headwinds”, but that user numbers had increased in part because of measures to reduce abusive content.



Source link

DocuSign users sent phishing emails after data breach


Image copyright
Getty Images

Electronic signature service provider DocuSign has admitted customer emails were accessed in a data breach.

The addresses were then targeted in a series of phishing emails from “a malicious third party”.

The messages invited recipients to click on a link to a Microsoft Word document containing malware.

DocuSign says that no other information was accessed in the incident, and the e-signature service remained secure.

“No names, physical addresses, passwords, social security numbers, credit card data or other information was accessed,” the company said in a statement.

“DocuSign’s core e-signature service, envelopes and customer documents and data remain secure.”

The company has advised people to delete any suspicious messages immediately.

‘Temporary access’

The breach came to light when the company noticed an increase in phishing emails sent to some of their account holders last week.

According to a statement published on DocuSign’s website, “a malicious third party gained temporary access to a separate, non-core system that allows us to communicate service-related announcements to users via email”.

The emails included the DocuSign branding and appeared to come from addresses ending “docus.com”, a lookalike domain.

The subject line referred to either a wire transfer or an accounting invoice, saying: “Document Ready for Signature”.

A full copy of the email has been published on the TechHelpList website, which reported that the malware contained in the attachment could be used to steal passwords and banking credentials.

Image copyright
TechHelpList

Image caption

DocuSign users received emails asking them to review and sign a document

“Phishing is almost the default way of tricking people into giving away that information,” Keith Martin, professor of information security at Royal Holloway, University of London, told the BBC.

“Where it’s targeting a bank, for example, the senders are going to use headers and language that’ll make customers believe it’s their bank.

“With a generic phishing trawl, the message will go out and the more people who click the better – it’s literally like fishing, hoping to get some bites, chucking a message out there speculatively.

“With most, you don’t need a very high success rate to make money.”



Source link

Election candidates warned about phishing attempts


Image copyright
Getty Images

Image caption

Advice has been sent to general election candidates – including recent MPs

Candidates in the general election have been asked to look through their emails for signs that they have been targeted by a phishing attack.

The list of potential targets includes recent MPs.

The National Cyber Security Centre (NCSC), which is part of GCHQ, disclosed the request in a document released early on 16 May.

The BBC understands that the number of victims is currently understood to be in single figures.

Candidates have been asked to look for suspicious emails received after Jan 2017.

The NCSC declined to say if any data had been taken.

A report in the Financial Times said it was “likely” that the phishing campaign had been orchestrated by a state.

In a document titled Phishing: guidance for political parties and their staff, the centre says it has “become aware of phishing attacks to gain access to the online accounts of individuals that were MPs before dissolution of Parliament” and “other staff who work in political parties”.

Media playback is unsupported on your device

Media captionTechnology explained: What is phishing?

The NCSC said the attacks were likely to continue “and may be sent to parliamentary email addresses, prospective parliamentary candidates, and party staff”.

‘Personal emails targeted’

The BBC understands that so far victims’ personal emails have been affected but no successful phishing attempts have been made via parliamentary email addresses.

It is believed that the NCSC has contacted the Electoral Commission about the threat and that the commission will help to alert candidates.

The centre said that potential victims should look out for “unexpected requests to reset your password for online or social media accounts (such as Apple, Google, Microsoft, Facebook or Twitter)”.

“Or you might have been asked to approve changes to your account that you’ve not requested.”

The NCSC did not say whether it knew who was behind the phishing campaign.

Image copyright
Getty Images

Image caption

Concern about phishing attempts has been on the rise lately


Analysis by Gordon Corera, security correspondent, BBC News

The warnings to political parties come as cyber-security officials brace themselves for some kind of incident during the elections.

No-one can be sure that anything will take place, but the experience of the US and more recently France has led them to believe that some kind of theft and then dump of information is possible.

In both those cases, a Russian hand is suspected.

Intelligence agencies have historically kept their distance from the communication of politicians due to the doctrine that says MPs should not be monitored.

But parties and politicians themselves have been asking for advice and guidance in recent months amid growing concerns.


Concern about elections being targeted by hackers has been running high, following the attack on the Democratic National Committee during the US presidential election.

US authorities attributed that incident to Russia and said that a significant component of the attack involved phishing.

More recently, the electoral campaign of President Emmanuel Macron in France was targeted by a similar campaign.

The NCSC has said the UK has “systems in place to defend against electoral fraud at all levels and [we] have seen no successful cyber-intervention in UK democratic processes”.

The BBC understands that since last month, the NCSC has delivered cyber-security seminars to the UK’s political parties, with the aim of helping them reduce the risk of succumbing to an attack.

Advice has also been offered to local authorities and the electoral commission.



Source link

Net neutrality 'bots' spam US regulator


Image copyright
Getty Images

Image caption

The FCC is currently proposing to go back on rules that safeguard net neutrality

Bots appear to be spamming a US regulator’s website over a proposed reversal of net neutrality rules, researchers have said.

According to three separate analyses, a flood of automated comments to the Federal Communications Commission (FCC) was detected over the weekend.

More than 400,000 comments with remarkably similar wording have been detected in recent days.

Net neutrality proponents argue that all internet traffic should be equal.

This means that no content provider should be able to, for example, charge more for faster access to certain data.

One expert described bot activity as a new form of protest.

“Someone has gone out of their way to make these seem like real submissions,” wrote Chris Sinchok in a blog post about the apparently automated activity.

Having downloaded the comments and associated data, Mr Sinchok noticed that the names and email addresses associated with thousands of them also turned up in lists of personal data stolen from websites.

Using ‘breached data’

He told the BBC that this suggested someone might be using information collected from breached databases to make the submissions look more authentic.

“It really seems like this is getting pooled from some place in an automated fashion and it’s coming in at unreasonable rates,” he said.

He added that the uniformity of the data was also a possible giveaway.

For example, many comments are essentially identical save for the occasional, small difference – such as the exact same sentence appearing in multiple comments, but with different letters capitalised each time.

And the rate at which comments were posted also seemed suspicious, starting and stopping in bursts, he added.

Other watchers, including a graduate student at the Massachusetts Institute of Technology (MIT) and another at Harvard University, have also tracked a boom in apparently automated activity directed at the site in recent days.

Image copyright
Getty Images

Image caption

John Oliver urged his viewers to post comments to the FCC, opposing the reversal of net neutrality rules

Earlier this month, the FCC said it had been targeted by a distributed denial of service (DDoS) attack that led to downtime for the comments system.

This followed a television appearance by comedian John Oliver in which he urged people to post comments against the proposals on the FCC’s website.

“Net neutrality is such a hot-button issue and it’s one of the few examples of online activism that’s actually amounted to something,” noted Prof Phil Howard at the Oxford Internet Institute.

He cited the 2014 online protests, after which President Obama stepped in to recommend that the FCC drop earlier proposals to curtail net neutrality.

“This is how people protest these days,” said Prof Howard, referring to the apparently automated comments.

He also pointed out that a growing number of people had the necessary programming skills to do it.

However, Mr Sinchok is concerned that the bot activity will create the impression that genuine opposition to the FCC’s current proposals does not really exist.

“There are people that care about this issue a lot,” he told the BBC.

“Activity like this is really muddying the waters – and I don’t want it to give [the FCC] an excuse to say, ‘Hey, there’s mixed support for this.'”

The FCC has not yet responded to a BBC request for comment.



Source link

Two Britons arrested in Thailand over football streaming


Image copyright
Getty Images

Image caption

The men have been accused of running an online service that sold access to unlicensed football broadcasts

Two British men have been arrested in Bangkok for allegedly selling online access to streaming football broadcasts illegally.

A complaint from the Premier League to local authorities was reported to have led to the arrests on 11 May.

The men were named as William Lloyd, 39 and William Robinson, 35.

They are accused of causing damages worth more than 100 million baht (£2.2m) to the broadcast rights holders.

A third man, who is Thai, was also arrested and named as Supatra Raksasat, 33.

Agents for the Department of Special Investigation (DSI) also seized nine computer servers, nine computers, 49 set-top boxes and three mobile phones.

The three men allegedly sold illegal broadcasts of football matches on the 365sport.tv website, which is currently offline.

Customers of 365sport.tv have discussed problems accessing the site in recent days via online forums.

Deputy chief of the DSI, Suriya Singhakamol, said the suspects may also have been involved in transmissions broadcast via Thaiexpat.tv, Hkexpat.tv, Indoexpat.tv, Vietexpat.tx and Euroexpat.tv.

According to local reports, the two British men were handed over to the British embassy in Bangkok.

The BBC has contacted the Foreign and Commonwealth Office and the Premier League for confirmation.



Source link

The secret yearnings of pro-Tory Facebook groups


Image copyright
Getty Images

What’s happening inside hidden Facebook groups devoted to Conservative die-hards?

They are sceptical about the snap election, but willing to go along with it. They’re scathing about their opponents on the left – including one prominent Labour MP in particular. And above all, they celebrate a female Conservative Prime Minister – just not the one currently in office.

Welcome to the community shaped by pro-Conservative groups on Facebook. They’re much smaller in size compared to Jeremy Corbyn’s Facebook “army”, despite a historical push by Conservatives on Facebook advertising (they reportedly outspent Labour in 2015) – but the Tories of Facebook are a highly active group, including party staff and grassroots members.

As part of BBC Trending’s exploration of the impact of social media on the General Election, we’ve gained access to “Conservatives Online”, which has roughly 9,000 members, and its sister page, the “Conservative Debating Forum”, which has more than 2,000 members. There are a number of other Conservative groups of similar size.

An administrator of Conservatives Online told BBC Trending that the purpose of the group is to “act as a national online network for Conservative supporters all over the country” while occasionally engaging in “a little gentle activism.”

A striking feature of both these groups is the sheer amount of admiration that members hold for Margaret Thatcher, who was Prime Minister from 1979 to 1990. One member of “Conservatives Online” summed up the general mood, by saying that he “worships” Thatcher “to this day.”


Filter Bubble Britain: General Election coverage from BBC Trending

Over the course of the 2017 General Election campaign, BBC Trending will be delving inside “filter bubbles” – tight online communities created by algorithms and the way we all use social media.

If you’d like to help report on online communities, email the to express interest. We have a number of tools which will allow us to examine your own “filter bubble” on social media – but there’s no commitment, all information will be anonymised, and we’ll keep all of your personal information private.

Read our previous report: Inside the Corbynista Facebook ‘army’


Even when compared to more recent Conservative leaders, including the current prime minister, Thatcher comes out on top. In a snapshot poll conducted within the “Debating Forum”, Thatcher’s famous quote “There is no such thing as society”, ranked well ahead of slogans such as Theresa May’s “One Nation Society” and David Cameron’s “Big Society”.

When it comes to economics, there is added gusto for Thatcher’s policies. Asked whether Thatcher’s economic policies should be resurrected, more than two-thirds of voters in the “Debating Forum” gave their full endorsement.

The administrator of “Conservatives Online”, who didn’t want to be named, told Trending: “Margaret Thatcher was one of our strongest, most determined and most fearless Conservative Prime Ministers… Her speeches and her policies are often looked back at with nostalgia.”

“I believe [Thatcher] took us out of the dark days of the 1970s,” says Frazer Brooks, an administrator of the “Debating Forum” group. “We were the sick man of Europe, going through the winter of discontent and a bit of a laughing stock really. She transformed us back into a world power.”

Another striking feature of these groups is how dead set many members were against a snap vote, at least before the election was called (and many remain sceptical now). In a poll posted on the “Debating Forum” on 20 March, 83% of voters said that it would not be wise to call a general election.

One popular post in “Conservatives Online” on 10 March asked “Should Mrs May Call an Election before the summer? My own opinion is NO”:

Interestingly, despite the perception of fox hunting being popular among the Tory base, there is also scepticism in these groups about May’s support for a free vote on whether to strike down the 2004 ban on fox hunting, with many members opposed to a rethink on the issue. One poll on the “Debating Forum” showed two-thirds against the legalisation of fox hunting – about the same proportion among Conservative voters as a recent ComRes/Daily Mirror poll on the issue.

On 10 May, one user of “Conservatives Online” noted that re-visiting fox hunting does not chime with the Conservatives’ key campaign messages. “This is not our priority” said the user. Another commented: “This is a very bad decision… which will do nothing but cost us votes, gaining us nothing.”

As much as the members of these groups love Thatcherism, they – unsurprisingly – hate what might be called Corbynism and current Labour policies. But their harshest criticism is reserved not for the Labour leader, but one of his key allies, shadow home secretary Diane Abbott:

On 2 May, after Abbott got in a muddle over the cost of the party’s pledge to hire 10,000 more police officers, an administrator of “Conservatives Online” even asked members to stop posting about the incident, because they thought the number of comments was excessive.

On occasion, posts against Abbott have made use of crude racial stereotypes. Commenting on a “Debating Forum” post, one member used an image which portrays Abbott as an orangutan, with the message: “Get the Diane Abbott look”. The Conservative Party itself has condemned this image, describing it as “unacceptable” when shared by a local party activist who was suspended from the party.

Images like this are also condemned by other members of the “Debating Forum,” despite not being taken down yet. When one individual posted a Photoshopped picture of Abbott with the strapline “Corbyn’s big mama,” another user responded by saying: “These horrid memes and photoshopped images are lowering the tone and turning me off this group”.

Brooks, administrator of the “Debating Forum”, told Trending that, “Racist comments are against our rules and we try to delete them when we see them.”

Blog by Sam Bright

You can follow BBC Trending on Twitter @BBCtrending, and find us on Facebook. All our stories are at bbc.com/trending.



Source link

Indian teen builds world's 'lightest satellite'


Image copyright
Twitter/@Rifarh_Shaarook

An Indian teenager has built what is thought could be the world’s lightest satellite, which will be launched at a Nasa facility in the US in June.

Rifath Shaarook’s 64-gram (0.14 lb) device was selected as the winner in a youth design competition.

The 18-year-old says its main purpose was to demonstrate the performance of 3-D printed carbon fibre.

Rifath told local media his invention will go on a four-hour mission for a sub-orbital flight.

Image copyright
Facebook/RifathShaarook

Image caption

A beta version of the satellite illustrates just how small the device is

During that time, the lightweight satellite will operate for around 12 minutes in a micro-gravity environment of space.

“We designed it completely from scratch,” he said. “It will have a new kind of on-board computer and eight indigenous built-in sensors to measure acceleration, rotation and the magnetosphere of the earth.”

The satellite has been named KalamSat after former Indian president Abdul Kalam, a pioneer for the country’s aeronautical science ambitions.

His project was selected in a challenge called Cubes in Space, organised by education company idoodle with support from Nasa and the Colorado Space Grant Consortium.

Newcomer scientist Rifath comes from a small town in Tamil Nadu and now works as lead scientist at Chennai-based Space Kidz India, an organisation promoting science and education for Indian children and teenagers.

The KalamSat is not his first invention: at the age of 15, he built a helium weather balloon as a part of nationwide competition for young scientists.



Source link

HPE unveils 'world's largest' single memory computer


Image copyright
HPE

A prototype computer with 160TB of memory has been unveiled by Hewlett Packard Enterprises.

Designed to work on big data, it could analyse the equivalent of 160 million books at the same time, HPE said.

The device, called The Machine, had a Linux-based operating system and prioritised memory rather than processing power, the company said.

HPE said its Memory Driven Computing research project could eventually lead to a “near-limitless” memory pool.

“The secrets to the next great scientific breakthrough, industry-changing innovation or life-altering technology hide in plain sight behind the mountains of data we create every day,” said HPE boss Meg Whitman.

“To realise this promise, we can’t rely on the technologies of the past, we need a computer built for the big data era.”

Prof Les Carr, of the University of Southampton, told the BBC The Machine would be fast but big data faced other challenges.

“The ultimate way to speed things up is to make sure you have all the data present in your computer as close to the processing as possible so this is a different way of trying to speed things up,” he said.

“However, we need to make our processing… not just faster but more insightful and business relevant.”

“There are many areas in life where quicker is not necessarily better.”



Source link

Tinder fights one-man dating platform


Image copyright
Shinder

Image caption

The Shinder app was built with one man in mind

Tinder has filed a legal objection to a dating platform created by a British man on which he is the only male date.

Shed Simove called the app Shinder and said he built it to find himself a partner.

However, when he tried to trademark it, a Notice of Threatened Opposition was filed to the Intellectual Property Office by dating giant Tinder.

He also received a letter from lawyers representing the elevator firm Schindler.

Schindler asked him to commit to refraining from entering the elevator or escalator market.

Both firms were contacted by the BBC for comment. Tinder said it was aware of the situation.

Its filing means that it could formally oppose the trademark at a later date.

Mr Simove said that while he had no interest in the elevator industry he didn’t believe he was a threat to Tinder either.

“I think it’s a case of a big corporate giant looking at an entrepreneur who sees the world differently and being punitive,” he said.

“It’s unlikely that the female population will stop using Tinder and start using Shinder.”

Image copyright
Image 1st

Image caption

Shed Simove has been on three dates since launching his app

The Shinder platform invites people to register via Facebook, and after a few questions, decides whether the potential date is a match with Shed Simove.

Mr Simove, a serial inventor and speaker, said he had received 150 matches and been on three dates.

However, he also said he had heard from others who wanted to create a similar platform for themselves which was why he decided to trademark it.

“I think there might be commercial possibilities for it,” he said.

“I have to keep my eye on that. If it was ‘white label ‘ – that would mean if I chose to I could take the raw guts of the code and allow people to have their own versions. Jane could have Jinder, and so on.”

He added that he had not decided whether he would be able to fund a court case.

In 2016, Tinder, which is owned by Match Group, sued UK platform 3nder (pronounced Thrinder) – an app for non-monogamous couples – for copyright infringement because of its name.



Source link

ARM to provide chips for brain injury implants


Image copyright
ARM Holdings

Chip design giant ARM has teamed up with US researchers on a project to develop chips that can be implanted in the human brain.

The chips are designed to help people with brain and spinal injuries, and will sit inside the skull.

The aim is to develop a system that not only allows people to carry out tasks, but to receive sensory feedback.

But it will be some time before we start to see the benefits of the 10-year project.

ARM is providing the processors for the implants being developed at the Center for Sensorimotor Neural Engineering (CSNE), at the University of Washington.

The researchers have already developed an early version of the technology.

“They have some early prototype devices,” ARM’s director of healthcare technologies, Peter Ferguson, told the BBC.

“The challenge is power consumption and the heat that generates. They needed something ultra-small, ultra-low power.”

‘Far vision’

The first stage is to design a “system on a chip” that can transmit signals from the brain to a stimulator implanted in the spinal cord, allowing those with spinal or neurological conditions to control their movements.

A team including researchers at Case Western Reserve University in Cleveland, Ohio, recently became the first to restore brain-controlled hand and arm motion in a person with complete paralysis.

But CSNE also wants the device to be able to receive information sent back in the other direction, providing sensory information to the brain.

“Not only are they trying to read the signals from the brain, but to feed something back into it”, Mr Ferguson explained.

This would allow people to gauge how tightly they are holding an object, or get a sense of its temperature, for example.

Research suggests that this feedback may also help the brain rewire itself, which could help the recovery of people with certain conditions – such as those who have suffered a stroke.

“When you think about people with spinal cord injuries, the ability to use technology to bridge the spinal cord to get muscles groups to move again and more – that’s the far vision,” Mr Ferguson said.

In the meantime, he said, the technology could be used to help treat stroke patients, those with Parkinson’s, and possibly Alzheimer’s.

ARM Holdings, which is based in Cambridge, was sold to Japanese firm Softbank last year for £24bn.

In March this year, Softbank was reported to be considering selling a 25% stake in ARM to a Saudi-backed investment group.



Source link

WannaCry and the malware hall of fame


Image copyright
AFP/Getty

Image caption

The demand for Bitcoin appeared on departure screens at a Frankfurt station

The WannaCry worm has wrought havoc around the world for days but it is not the first to spread so far, so fast. The history of technology and the net has been regularly punctuated by outbreaks and infections.

The Morris worm

In 1988, just as the internet was starting to catch on, computer science student Robert T Morris was curious about just how big it had grown. He wrote a small program that travelled around, logging the servers it visited.

Bugs in his code made it scan the net very aggressively so every server ended up running multiple copies of the worm. Each copy used up a little bit of processing power so the servers gradually slowed to a halt.

The scanning traffic clogged the net making it almost unusable. It took days to clean up the infection.

Mr Morris was caught and found guilty of computer fraud and was fined $10,050 (£7,785).

These days, he is a computer scientist at the Massachussetts Institute of Technology (MIT).

The Morris worm has one strange parallel with WannaCry. Mr Morris was the son of the NSA’s chief scientist and the WannaCry worm is based on code stolen from the NSA.

ILOVEYOU

Image copyright
Getty Images

Image caption

Unromantic.

In May 2000, millions of Windows users found endless copies of an email bearing the subject line ILOVEYOU in their inboxes.

It spread so far and so fast thanks to the booby-trapped file attached to it. Opening the file fired up the small program it contained which sent a copy of the same message to all the addresses found in a victim’s address book.

It was also helped to spread because all those messages appeared to come from someone a recipient knew. And the subject line made people curious too.

ILOVEYOU rattled around the world for almost two weeks racking up more than 50 million infections. High-profile victims included the CIA, Pentagon and UK Parliament.

Philippine students Reonel Ramones and Onel de Guzman were found to be the creators of ILOVEYOU. They escaped prosecution because there were no computer misuse laws in the Philippines at that time.

Code Red

Image copyright
Getty Images

Image caption

A warning about the worm was issued at Carnegie Mellon University

Active in July 2001 and named after the fizzy pop being drunk by the researchers who found it, this worm targeted web servers running Microsoft IIS software.

It caused severe disruption and many websites, small businesses and larger firms were knocked offline for a while.

No-one has ever been named as Code Red’s creator although on servers it compromised it displayed a message suggesting it originated in China.

Like Wannacry, Code Red exploited a known bug and caught out servers that had not been updated with a patch.

SQL Slammer

Image copyright
Getty Images

Image caption

This internet cafe in South Korea was practically empty after an SQL Slammer infection in 2003

This worm emerged in January 2003 and was so virulent that it is believed to have slowed down traffic across the entire net as it spread.

Slammer was a tiny program, roughly 376 bytes, that did little more than create random net addresses and then send itself to those places. If it hit a machine running a vulnerable version of Microsoft’s SQL server, that machine got infected and then started spraying out more copies seeking more victims.

The slowdown was caused by net routers struggling to cope with the massive amounts of traffic Slammer generated while seeking out new hosts.

Again, a patch was available for the bug it exploited but many people had not applied it despite it being available for six months.

MyDoom

Image copyright
Getty Images

This Windows email worm from January 2004 is believed to hold the current record for spreading fastest – hardly surprising given that it was reputedly created by professional spammers.

It worked so well thanks to a clever bit of social engineering. The email bearing the worm was designed to look like an error message. This fiction was aided by the message’s attachment which purported to hold a copy of the email that did not arrive.

Opening the attachment kicked off the malicious code that re-sent the same message to everyone in a victim’s address book.

Conficker

Image copyright
Getty Images

November 2008 saw the arrival of this virulent worm which hit up to 15 million servers running Microsoft software. It ran rampant and caught out hospitals, governments, the armed forces and many businesses.

The outbreak was so bad that Microsoft offered a $250,000 reward for any information leading to the identification of the worm’s creator. No-one has ever been identified as its originator.

A patch closing the loophole it exploited was released by Microsoft about a month after it appeared. Even today, 10 years on, data traffic generated by machines infected with Conficker regularly turn up.



Source link

Google DeepMind patient app legality questioned


Image copyright
DeepMind

Image caption

The Streams app is saving nurses hours each day says the Royal Free hospital

The head of the Department of Health’s National Data Guardian (NDG) has criticised the NHS for the deal it struck with Google’s DeepMind over sharing patient data.

In a letter dated February and leaked to Sky News, Dame Fiona Caldicott throws doubt on the legality of sharing 1.6 million patient records.

Patients should have been informed about the deal, she says.

Google said that the deal was covered by “implied consent”.

This rule exists to allow the NHS to share medical data with third parties for direct patient care, without informing patients about each deal.

In the case of the partnership with DeepMind, data was collected from patients at the Royal Free Hospital Trust in London in order to test an app to help doctors and nurses identify those who might be at risk of acute kidney disease.

Implied consent

In her letter to Prof Stephen Powis, medical director of the Royal Free Hospital in London, Dame Fiona said: “We keenly appreciate the great benefits that new technologies such as Streams can offer to patients, in terms of better, safer, more timely care.”

But she added: “It is absolutely paramount that this is done in a transparent and secure manner, which helps to build public trust, otherwise the full benefits of such developments will not be realised , and indeed harm may be done.”

She questioned the use of “implied consent” as the legal basis for the transfer of identifiable patient records, because the data was initially used just to test the app.

“My considered opinion therefore remains that it would not have been within the reasonable expectation of patients that their records would have been shared for this purpose,” she says.

She has written to the Information Commissioner’s Office (ICO), which is currently investigating the data-sharing deal and is due to report its findings imminently.

In response to the leaked letter, a Royal Free London representative said: “The Streams app was built in close collaboration with clinicians to help prevent unnecessary deaths by alerting them to patients in need in a matter of seconds.

“It is now in use at the Royal Free, and is helping clinicians provide better, faster care to our patients. Nurses report that it is saving them hours each day.”

DeepMind said: “We’re glad the NDG has said that further guidance would be useful to organisations which are undertaking work to test new technologies.”

“The data used to provide the app has always been strictly controlled by the Royal Free and has never been used for commercial purposes or combined with Google products, services or ads – and never will be.”



Source link

Ukraine's Petroshenko to block Russian social networks


Image copyright
AFP

Image caption

VKontakte alone is thought to have some 15 million users in Ukraine

Ukraine’s President Petro Poroshenko has imposed a ban on Russia’s biggest social media networks and internet services popular with millions.

His decision is a significant ramping up of sanctions on Ukraine’s neighbour for its annexation of Crimea and the continuing conflict in eastern Ukraine.

Those targeted include social networks VK.com and Odnoklassniki, search engine Yandex and the Mail.ru email service.

Ukrainian service providers have been ordered to block access to the sites.

The companies’ offices in Ukraine will also face asset freezes and other restrictions although it was not immediately clear how the ban on the services would come into force.

The president’s decision to push through a decision by Ukraine’s national security council could prove controversial domestically, as VK (VKontakte) alone has an estimated 15 million users in Ukraine and Odnoklassiki (which translates as Classmates) is also widely popular.

Several other Russian companies also face sanctions, including cyber-security company Kaspersky Lab, Doctor Web, and Aeroflot, as well as several TV companies including NTV and RT and news agency Ria Novosti.

When Ukraine’s President, Viktor Yanukovych, was deposed in 2014, Russian troops moved into Crimea and the government in Moscow annexed the Ukrainian peninsula.

Conflict broke out in eastern Ukraine as pro-Russian separatists launched an insurgency against the government in Kiev. Since the conflict began, some 10,000 people have died.

A tentative ceasefire is in place but there are regular violations and 13 people were killed last month, mainly by shelling or landmines.

The European Union and US imposed sanctions on a number of Russian companies and individuals linked to the Russian involvement, and Moscow responded with its own measures.



Source link

Facebook misses Thai deadline to remove critical content


Image copyright
AFP

Image caption

The authorities are particularly sensitive of content about the new King Vajiralongkorn

Facebook is still accessible in Thailand despite a deadline passing for it to remove material the authorities had deemed critical of the monarchy.

The social media giant had been given until 10:00 local time (04:00 GMT) to remove 131 pages that Thailand said violated its strict lese-majeste laws.

More than 100 people have been charged under the law since the military coup three years ago.

Authorities had threatened legal action and a complete shutdown of Facebook.

After the deadline, the secretary-general of the Thai telecom regulator Takorn Tantasith told reporters that criminal court orders had already been issued for 34 pages and authorities were seeking court orders for the other 97 web pages.

However, the documents have not been sent to Facebook yet, added Mr Takorn from the National Broadcasting and Telecommunication Commission (NBTC), which means the pages are still accessible in Thailand.


Analysis: Jonathan Head, BBC News, Bangkok, Thailand

Image copyright
AFP

Thais are among the biggest users of Facebook in Asia, with thousands of small businesses here relying on it as their main marketing tool.

If the government carries out its threat to prosecute Facebook, and even to force local internet service providers to block it, there will be a public outcry.

However, the government seems determined to ensure that no material it deems damaging to the monarchy is visible in Thailand, despite the challenge of doing this in an open economy, and in the digital information age.

It is especially sensitive about photographs of the new King Maha Vajiralongkorn which have been circulated by some critics of the monarchy.

The king, who succeeded his father last December, has had a colourful personal life, although the severe lese-majeste law makes any discussion of the monarchy impossible inside Thailand.

Thailand’s lese-majeste laws explained


In 2015, when Facebook set up an office in Thailand, it said 34 million Thais were using Facebook every month, and that they posted three times more than the global average.

Most social media monitoring companies predict the number of users in Thailand has grown significantly since then.

The firm has previously said it carefully scrutinises requests made by governments wanting to restrict content.

If it determines the content does violate local laws it makes it unavailable in the country and notifies people who try to access it.

In May 2014, days after the military coup, Thailand blocked access to Facebook, with the Information Communications Technology Ministry saying the order came from the military. The military denied this.

The military government has increased censorship of online content since coming to power – especially criticism of the royal family.

Last month it banned Thais making any contact or sharing content from three outspoken critics of the monarchy.



Source link

Gene genie


Image copyright
Mandy Mayer

Image caption

Mandy Mayer, 56, thinks DNA-testing has helped her drop two dress sizes

The latest health and fitness trend involves taking a DNA test to find out more about how our bodies respond to different types of food and exercise. But how accurate and effective are these kits?

Fitness fanatic Mandy Mayer, 56, exercised several times a week but felt like she’d hit a plateau.

Her personal trainer suggested she try a DNAFit test, which tests the body’s genetic response to key foods and exercise.

“I jumped at the chance,” she says. “I thought I’d love to have that kind of knowledge.”

After sending off a swab of her saliva, she received a report on her fitness and diet in January. She was impressed.

“I was like ‘wow’. They told me I don’t tolerate caffeine and refined foods very well, and I respond better to endurance training than anything else.”

Three months later and she has dropped from a size 12 to a size 10 and lost several kilos. She attributes her leaner figure to understanding more about her genetic code.

“Without a shadow of a doubt it was down to the test,” says Mandy, who lives in Market Harborough, Leicestershire.

“It’s made me follow the right training and make little changes to my diet.”

A growing number of start-ups, such as 23andMe, FitnessGenes, UBiome, DNAFit, Orig3n and Habit, are moving into this space, promising that mail-order genetic tests can change your life for the better.

Image copyright
Orig3n

Image caption

Orig3n is one of a growing number of start-ups entering the DNA-testing market

Some researchers believe the global market for such kits could be worth more than $10bn (£7.7bn) by 2022.

But how do they work and how reliable are they?

Avi Lasarow, chief executive of DNAFit, explains that everything about who we are is the unique combination of what we are born with – our genetics – and how we live – our environment.

“The biggest ‘environment’ factor that we can control in our day-to-day lives is our diet,” he says, “so by understanding more about the static part, the genetics, we can better tweak the bit in our control.”

He gives the example of the CYP1A2 gene, which controls around 95% of caffeine metabolism.

“Some people are fast metabolisers, some are slow, depending on their variants of this gene. Once you know this, however, you can make a better informed decision on your caffeine intake than you could without your genetic data.”

Robin Smith, chief executive of Orig3n, which offers a range of health and wellness DNA tests costing from $29 to $149, says the results can help people make educated choices about what works for their bodies.

“If a person’s DNA suggests that she is more likely to be deficient in B vitamins, she can pay attention to that in her daily life.

“Knowing what your DNA says about your body’s food sensitivities, food breakdown, hunger, weight, vitamins, allows you to become a more informed consumer.

Image copyright
DNAFit

Image caption

DNAFit says its kits can tell us what type of exercise we should be doing

“You can become smarter about what you choose to eat, and smarter about what supplements you choose to buy, saving you time, energy, and money while getting the results you want faster.”

So much for the sales pitch, but some genetic experts are concerned that the efficacy of such kits may be overhyped.

“I’m not against people being able to access genetic information about themselves if they wish to do so, provided the test results and limitations are clearly explained,” says Dr Jess Buxton, a geneticist at University College London.

“However, I do think that the amount of useful information that personalised health tests can offer is very limited at present because we still know very little about the effect of most SNPs [genetic variations called single nucleotide polymorphisms] and other types of genetic variation on a person’s health.”

While there are a few conditions, such as lactose intolerance, for which the genetic variations are very clear and well understood, the same cannot be said for most other conditions, she says.

“These [genetic variations] interact with each other and with non-genetic factors in ways that we don’t fully understand, so it’s impossible to make accurate predictions based on information about just a few of the gene variants involved, as many of these tests do.”

That said, some studies do suggest that this kind of analysis might work. For example, the University of Trieste and the IRCCS Burlo Garofolo Institute for Maternal and Child Health in Italy found that those following diet based on genetic analysis lost 33% more weight than a controlled group.

Some start-ups are not just relying on a person’s genetic make-up to make their diet and exercise recommendations.

San Francisco-based Habit’s home kit includes a series of DNA samples, blood tests and a shake to drink so that the company can measure how your body metabolises fats, carbohydrates and proteins.

“Unlike other at-home tests that measure DNA alone, Habit looks at how the entire body works together,” explains founder and chief executive Neil Grimmer.

Image copyright
Thierry Attias

Image caption

Thierry Attias found out that he needed to eat far more vegetables to lose weight

Habit, he says, measures more than 60 nutrition-related blood and genetic biomarkers, biometrics and lifestyle choices, to make personalised nutrition recommendations for each individual.

“Personalised recommendations should be based on your entire biology, not just your DNA,” says Mr Grimmer.

One early adopter is Thierry Attias, president of Momentum Sports Group, a firm managing the UnitedHealthcare Pro Cycling team.

“Even though I cycle a few times a week, I carry an extra couple of pounds and I was curious to learn more about myself,” says Mr Attias, who lives in Oakland, California.

He discovered that he’s caffeine sensitive, his diet needs to include more plant-based food, and his body is slow at processing fats.

While Habit was still in testing phase, he opted to receive personalised ready-to-eat meals from the company for three days.

“An interesting thing happened,” he enthuses. “I lost four pounds in a few days. I learnt portion size and how much more veg I needed in a serving.”

In two months he has lost about 11 pounds (5kg), he says.

But do we really need a testing kit to tell as to eat more vegetables and fewer fats as part of a healthy balanced diet – advice that has been around for decades?

You decide.

  • Follow Technology of Business editor Matthew Wall on Twitter and Facebook



Source link

Hi-tech car alerts Craigavon police to drunk driver


Image copyright
PSNI Craigavon

Image caption

The post was put up on Facebook on Sunday morning

The hi-tech features of a car helped alert police to a drunk driver in County Antrim.

When the driver crashed on Saturday evening in Aghalee, his Ford Fiesta alerted police to the accident.

“Some cars these days are pretty clever,” said a PSNI Craigavon Facebook post.

“Did you know that some can even phone police automatically to let us know you’ve crashed?! That’s a really good safely feature.”

‘At least your car hasn’t touted on you!’

The post added that it was a “really bad feature to have if you’re a drunk driver”.

“That’s right, you’re picking this up correctly – a CAR phoned us to let us know about a crash last night when it turned out the driver was drunk,” said the police message.

“You think you’re having a rough weekend? At least your car hasn’t touted on you!”

The driver was one of a number who were arrested in the area for drink-driving during the weekend, police said.

Anyone who suspects someone is drink-driving should contact police, they added.



Source link

NHS cyber-attack: No 'second spike' but disruption continues


Media playback is unsupported on your device

Media captionJeremy Hunt: “80% of the NHS was unaffected”

A “second spike” in cyber-attacks has not hit the NHS but some hospital trusts are suffering ongoing disruption due to Friday’s ransomware attack.

Routine surgery and GP appointments have been cancelled across the NHS as it recovers from the global outbreak.

But the number of hospitals diverting patients from A&E has decreased from seven on Sunday to two.

They are the Lister Hospital in Hertfordshire and the Broomfield Hospital in Essex.

Health Secretary Jeremy Hunt is attending a Cobra committee meeting on cyber-security, chaired by Home Secretary Amber Rudd.

Earlier, he said it was “encouraging” that there had not been any fresh attacks, although the National Crime Agency said this did not mean there would not be one.

“We’ve not seen a second wave of attacks and the level of criminal activity is at the lower end of the range that we had anticipated,” he said.

‘Largest attack’

Sixteen trusts out of 47 that were hit are still facing issues, leading to further cancellations and delays to services.

Patients have been told to turn up for appointments, unless advised otherwise, although some GPs are asking people to consider whether they really need to attend the surgery imminently.

But Dr Anne Rainsberry, national incident director at NHS England, said there were “encouraging signs” the situation was improving.

“The message to patients is clear: the NHS is open for business. Staff are working hard to ensure that the small number of organisations still affected return to normal shortly.”

The ransomware that hit the NHS in England and Scotland, known as Wanna Decryptor or WannaCry, has infected 200,000 machines in 150 countries since Friday.


Analysis

BBC health correspondent Nick Triggle

With the NHS slowly getting on top of the disruption caused by the cyber attack, attention, naturally, starts to turn to who is to blame for the fact it seems to have been so vulnerable.

Some hospitals appear not to have installed patches sent out in April that were designed to deal with the vulnerability which this attack appears to have exploited.

But there could be good reason for this – checking that they were compatible with the rest of the IT system is certainly one.

And, as yet, it is not clear if the trusts affected are the ones which had not used the patch.

So what about ministers?

We know there have been warnings before about IT security in the NHS – last summer a review said it needed looking at.

But the problem is that over the last three years the capital budget – which is a ring-fenced fund used to pay for buildings and equipment – has been raided by the government to bail out day-to-day services, such as A&E.

Last year a fifth of the capital budget was diverted.

That, of course, makes it more difficult for trusts to keep their systems up to date.


Responding to suggestions that the NHS had left itself open to an attack of this nature, Mr Hunt told the BBC it had “massively” upgraded its security.

This included reducing the number of computers that were using an older Microsoft operating system and therefore vulnerable to attack, and setting up a security centre.

Pressed that the NHS was affected by the ransomware attack because its systems were vulnerable, Mr Hunt said the NHS was a “huge network” and more than 80% of it was unaffected.


How is England’s biggest NHS trust coping?

Barts Health NHS Trust, which runs five hospitals in east London, says it continues to experience some “delays and disruption” to services.

It says it has “reduced the volume” of planned services for Monday and Tuesday, which means some surgery and outpatient appointments will be cancelled.

However, its hospitals remain open for emergency care and it is no longer diverting ambulances from its sites.

The trust said its trauma and stroke care services are now fully operational, as are renal dialysis services.

More on the latest NHS disruptions


Europol, the EU’s law enforcement agency, has called the cyber-attack the “largest ransomware attack observed in history”.

The ransomware, which locks users’ files and demands a $300 (£230) payment to allow access, spread to organisations including FedEx, Renault and the Russian interior ministry.

In England, 47 NHS trusts reported problems at hospitals and 13 NHS organisations in Scotland were affected.

NHS Wales said none of its computer systems was affected and no patient data compromised, while police in Northern Ireland said no incidents had been reported.

Prime Minister Theresa May has denied suggestions that the government ignored warnings that NHS systems were vulnerable to cyber-attacks.

“It was clear warnings were given to hospital trusts, but this is not something that focused on attacking the NHS here in the UK,” she said.

‘Ineffective processes’

In July last year, the Care Quality Commission and National Data Guardian, Dame Fiona Caldicott, wrote to Mr Hunt warning that an “external cyber threat is becoming a bigger consideration” within the NHS.

It said a data security review of 60 hospitals, GP surgeries and dental practices found there was a “lack of understanding of security issues” and data breaches were caused by time-pressed staff often working “with ineffective processes and technology”.

Meanwhile, Security Minister Ben Wallace has insisted NHS trusts have enough money to protect themselves against cyber-attacks.

The “real key” was whether trusts had regularly backed up data and whether they were installing security patches, he said.

Chris Hopson, chief executive of NHS Providers, told Radio 4’s Today programme many hospitals use sophisticated technology such as MRI and CT scanners which are “bound to be using old software” because they have a ten-year life expectancy, so are often linked to older operating systems.

He said he was “disappointed” at the suggestion by some that the cyber-attack problem was down to “NHS manager incompetence”.

Media playback is unsupported on your device

Media captionCEO of NHS Providers tells Today Trusts are investing to protect themselves accordingly

The government is insisting that the NHS had been repeatedly warned about the cyber-threat to its IT systems, with Defence Secretary Michael Fallon stating £50m was being spent on NHS systems to improve their security.

But Labour criticised the Conservatives, saying they had cut funding to the NHS’s IT budget and a contract to protect computer systems was not renewed after 2015.

Shadow health secretary Jonathan Ashworth pointed to a report from the National Audit Office six months ago.

It highlighted how, in February 2016, the Department of Health had “transferred £950m of its £4.6bn budget for capital projects, such as building works and IT, to revenue budgets to fund the day-to-day activities of NHS bodies”.

Media playback is unsupported on your device

Media captionHow to protect yourself online

The WannaCry ransomware exploits a flaw in Microsoft Windows first identified by US intelligence.

Microsoft, who released a security update in March to protect computers from it, described Friday’s incident as a “wake-up call”.

Get news from the BBC in your inbox, each weekday morning


Have you had a scheduled procedure delayed because of the cyber attack? Email with your stories.

Please include a contact number if you are willing to speak to a BBC journalist. You can also contact us in the following ways:



Source link

Global manhunt for WannaCry creators


Image copyright
EPA

Image caption

The malware has been taken apart by researchers seeking its creators

As organisations around the world clean up after being caught out by the WannaCry ransomware, attention has now turned to the people behind the devastating attack.

The malware uses a vulnerability identified by the US National Security Agency, but it has been “weaponised” and unleashed by someone entirely different.

So far, nobody seems to know who did it nor where they are.

Mikko Hypponen, head of research at security company F-Secure, said its analysis of the malware had not revealed any smoking gun.

“We’re tracking over 100 different ransom Trojan gangs, but we have no info on where WannaCry is coming from,” he told the BBC.

The clues that might reveal who is behind it are few and far between.

No Russians

The first version of the malware turned up on 10 February and was used in a short ransomware campaign that began on 25 March.

Spam email and booby-trapped websites were used to distribute WannaCry 1.0, but almost no-one was caught out by it.

Version 2.0, which wrought havoc over the weekend, was the same as the original apart from the addition of the module that turned it into a worm capable of spreading by itself.

Analysis of the code inside WannaCry had revealed little, said Lawrence Abrams, editor of the Bleeping Computer security news website, which tracks these malicious threats.

“Sometimes with ransomware we can get a clue based on strings in the executables or if they upload it to Virus Total to check for detections before distribution,” he said.

Those clues could point to it being the work of an established group, he said, but there was little sign of any tell-tale text in the version currently circulating.

“This launch has been pretty clean,” said Mr Abrams.

Image caption

The malware infects machines in Russia – a location lots of viruses avoid

Other researchers have noticed some other aspects of the malware that suggest it might be the work of a new group.

Many have pointed out that it is happy to infect machines running Cyrillic script.

By contrast, much of the malware emerging from Russia actively tries to avoid infecting people in its home nation.

Plus, the time stamp on the code suggests it was put together on a machine that is nine hours ahead of GMT – suggesting its creators are in Japan, Indonesia, the Philippines or the parts of China and Russia that are a long way east.

There are other hints in the curious ways that WannaCry operates that suggest it is the work of people new to the trade.

To begin with, the worm has been almost too successful, having hit more than 200,000 victims – many times more than are usually caught out by ransomware aimed at large organisations.

Administering that huge number of victims will be very difficult.

Whoever was behind it unwittingly crippled the malware by not registering the domain written in its core code.

Registering and taking over this domain made it possible for security researcher Marcus Hutchins to limit its spread.

There are other methods used to administer infected machines, notably via the Tor dark web network, and these addresses are being scrutinised for activity.

There are other artefacts in the code of the malware that might prove useful to investigators, said cyber-security expert Prof Alan Woodward from the University of Surrey.

In particular, he said, law enforcement might be probing use of the kill-switch domain to see if it was queried before the malware was sent out.

Other signifiers might be in the code for an entirely different purpose.

“It’s often the case that many criminals put deliberate false flags in there to confuse and obfuscate,” he said.

Image copyright
Getty Images

Image caption

Tracking the movement of ransom payments might lead police to the attackers

Money talks

Also, most large-scale ransomware campaigns typically generate a unique bitcoin address for each infection.

This makes it straightforward for the thieves behind the malware to make sure they restore the files only of people who have paid.

WannaCry uses three hard-coded bitcoin addresses to gather ransom payments, and that is likely to make it challenging to work out who has paid, assuming the gang behind it does intend to restore locked files.

The bitcoin payments might offer the best bet for tracking the perpetrators, said Dr James Smith, chief executive of Elliptic, which analyses transactions on the blockchain – the key part of bitcoin that logs who spent what.

Bitcoin was not as anonymous as many thieves would like it to be, he said, because every transaction was publicly recorded in the blockchain.

This can help investigators build up a picture of where the money is flowing to and from.

“Ultimately criminals are motivated by money,” he said, “so eventually that money is going to be collected and moved.

“The timing of that movement is going to be the big question, and we expect that will be down to how much gets paid in ransoms over the next few days.”

Currently, the total paid to those bitcoin addresses is more than $50,000 (£39,000).

“Everyone is watching those addresses very carefully,” said Dr Smith.



Source link

Should you pay the WannaCry ransom?


Image copyright
Webroot

Image caption

WannaCry asks its victims to pay up in order to retrieve access to their files – but will that help?

WannaCry has infected hundreds of thousands of computers around the world in 150 countries. The advice is to update Windows to ensure you are protected.

But what do you do if the ransomware arrives on your computer?

The most crucial bit of advice from most experts is: Don’t pay the ransom.

For some, £230 ($300) might not seem too high a price to get back irreplaceable data that has been encrypted against your will.

Indeed, a Twitter bot tracking Bitcoin payments to digital wallets set up by whoever is behind WannaCry suggests that some people are quite willing to cough up the cash.

Since they are dealing with criminals, however, there is no reason to expect an honest transaction.

Plus, because of the way in which WannaCry has been designed, the sad fact is that people are very unlikely to regain access to their files, even if they do pay.

“A manual human operator must activate decryption,” revealed Matthew Hickey, a cyber-security researcher at UK-based firm Hacker House.

And a blog post from security company Proof Point suggests that a viable way of decrypting files may not actually be built in to the sloppy coding of WannaCrypt.

The researchers say they are also yet to receive a reply from those behind the ransomware after trying to contact them.

Image caption

Some victims are apparently paying the ransom – almost certainly to no avail

Victims are also expected to contact the criminals for a key to unlock their files, said security expert Prof Alan Woodward from the University of Surrey.

“I very much doubt anyone would return your contact request, bearing in mind the attention that is now on this,” he told the BBC.

“If anyone pays this ransom they are more than likely going to send Bitcoin that will sit in an address for ever more. No point.”

What can you do instead?

The good news is that home users are very unlikely to be affected.

WannaCry has so far spread around business networks via a vulnerability in Windows that most home users will have patched, or will not be at risk from anyway.

This is because the vulnerable bit of Windows will either not be installed, or there will not be any other vulnerable computers on their home network.

However, for those unfortunate enough to have been hit – be that at work or within an institution – it is probably best to assume that access to any files that were not backed up on a drive disconnected from your computer have now been lost forever.

This is why it is so important to back up files on a separate drive or machine regularly.

It is possible to remove WannaCry from your computer once it is there – although the process is not straightforward.

As technical support website Bleeping Computer explains, it involves downloading some programs to clean your computer of the infection.

However, the author adds that this will not decrypt files encrypted by the ransomware, proving once again that there is no substitute for a good back-up.



Source link

Virtual memorial for WW2 code-cracker


Image copyright
TNMOC

Image caption

The virtual recreation uses the authentic sounds of the original code-making machine

A machine used to encrypt the messages Hitler sent to his generals has been recreated online as a tribute to the British codebreaker who cracked it.

A virtual version of the Lorenz SZ42 machine has been made available so people can see how it worked.

It has been created 100 years after the birth of Bill Tutte – the Bletchley code-cracker who tackled the original.

Mr Tutte worked out how the SZ42 scrambled messages despite never seeing the device in action.

Scrambled text

The SZ42 was key to the German war effort and was used by Nazi high command to scramble messages passing between the generals in the field and Hitler.

It was considered unbreakable by the Germans because of the complicated way it scrambled text. It used 12 separate wheels and a series of switches to turn text into gibberish – a set-up that produced more than 16 billion billion potential combinations.

A mistake by a German enciphering clerk, made when sending a long message, gave the Allies a key insight into how it worked. Mathematical analysis by Mr Tutte on the message revealed the SZ42’s internal workings.

“Creating this made me realise what Bill Tutte was up against,” professional programmer Martin Gillow told the BBC.

“All Bletchley Park got was a string of random characters,” he said. “It’s just such an impossible thing that he did, working it out from almost nothing.”

Image caption

Colossus built on the work of Bill Tutte and helped to read the messages of German generals

More information was available to Mr Gillow but, he said, it was still a tricky programming job to authentically emulate the machine.

“There are only four Lorenz SZ42 machines available in the world and they are not running,” he said. “There are no full diagrams of how it works, you have to read through the manuals and read between the lines to work it out.

“It’s been a lot of hard work and I’ve had a lot of fun doing it,” he added.

The system is as authentic as possible, he said, and lets anyone encrypt their own text with the virtual enciphering machine. Those on the site can also connect to other people using the virtual SZ42 and talk to them via an encrypted channel.

Mr Gillow spent months creating the virtual SZ42 so it was ready for a weekend of events commemorating the life of Mr Tutte organised by The National Museum of Computing at Bletchley Park.

“I would love for people to know about Bill Tutte just as well as they know of Alan Turing,” said Mr Gillow.



Source link

Ransomware cyber-attack: Who has been hardest hit?


The WannaCry ransomware cyber-attack has hit more than 200,000 computers in 150 countries since Friday, Europol says.

Governments, hospitals and major companies have all found themselves battling the malware, which demands money in return for unfreezing computers.

Russia ‘hardest hit’

The virus tried to infect more computers in Russia than anywhere else, according to an analysis by Kaspersky Lab, a Russian antivirus company.

The interior ministry, railways, banks and the Megafon mobile phone operator – Russia’s second-largest – all found themselves battling demands for ransom.

An interior ministry spokeswoman said about 1,000 computers using Microsoft Windows were attacked but these had been isolated from networks.

However, the ministry’s vital servers were unaffected because they were running domestic Russian software, the spokeswoman said, including an operating system called Elbrus that was first developed during the late years of the Soviet Union, the New York Times reported.

German railways

Image copyright
AFP/Getty

Image caption

The demand for Bitcoin appeared on departure screens at a Frankfurt station

Electronic boards at stations announcing arrivals and departures were affected, but train services were not disrupted, Deutsche Bahn said.

China universities

Many students reported seeing demands for ransoms pop up on their laptops as networks at universities across the country reported severe disruption.

Underfunded universities often use outdated or even pirated computer software, leaving students vulnerable to such attacks, according to BBC Asia-Pacific analyst Celia Hatton.

They are now being forced to pay $300 (£230) to continue working on end-of-year projects due to be handed in soon, our correspondent says.

Meanwhile, petrol stations in the western city of Chongqing were unable to accept card payments after systems at China National Petroleum Corp became infected, the South China Morning Post reported.

Overall, hundreds of thousands of computers at nearly 30,000 institutions and organisations were affected, including government agencies and hospitals, internet firm 360 Security said.

South Korea cinema

The country’s biggest cinema chain CJ CGV said some of its advertisement servers connected to 50 cinemas had been affected, Yonhap news agency said.

Image copyright
EPA

Image caption

Officials at the Korea Internet and Security Agency have been monitoring the threat

A company official said films were still being screened as scheduled and the company was investigating.

Overall, nine cases of ransomware had been found, the South Korean government said.

Japan companies

The Japan Computer Emergency Response Team Co-ordination Centre said 2,000 computers at 600 companies in Japan had been affected.

Hitachi said it was experiencing email delays and file delivery failures and suspected the cyber-attack was to blame, although no ransom was being demanded.

Indonesia hospital

The communication and information ministry said the malware locked patient files on computers at two hospitals in the capital Jakarta.

Patients at the Dharmais Cancer Hospital could not get queue numbers and waited several hours while staff found paper records, local media reported.

India state police

Police computer systems in the state of Andhra Pradesh have been hit, local media reports say. About 18 systems were hijacked an eventually disabled, the Business Standard reported.

Several companies in the cities of Mumbai, Hyderabad, Bengaluru and Chennai have also been affected.

The Economic Times newspaper said India could be particularly vulnerable to the malware because a large number of organisations and individuals use old outdated versions of Windows and there are also high numbers of people using pirated software.

UK hospitals

Some of the biggest disruption was caused by attacks on the UK health system, which saw hospitals and clinics forced to turn away patients after losing access to computers.

Pictures on social media showed NHS computer screens with messages saying: “Ooops, your files have been encrypted!”

In England, 48 National Health Service (NHS) trusts reported problems at hospitals, doctor surgeries or pharmacies, and 13 NHS organisations in Scotland were also affected.

A Nissan car factory in the north-eastern city of Sunderland was also affected, a spokeswoman said.

Spanish telecoms

The Spanish telephone operator Telefonica said it had been attacked. Telefonica’s head of cyber-security Chema Alonso – himself a former hacker – said the infected equipment was “under control and being reinstalled”.

Other Spanish firms to be hit included power firm Iberdrola and utility provider Gas Natural. Staff were reportedly told to turn off their computers.

France Renault

The car manufacturer had to halt production at many sites, including in France, Slovenia and Romania, as part of measures to stop the spread of the virus.

On Monday the firm said that 90% of its factories were running again. It said its plant at Douai in northern France would be back to normal on Tuesday, following checks. Renault would be able to catch up with any lost production so customers would not be affected, it added.

Fedex

The logistics firm said it was “implementing remediation steps as quickly as possible”, without specifying how badly it had been affected.

Australia SMEs

Australian officials said so far only three small-to-medium sized businesses had reported being locked out of their systems.

In New Zealand, the ministry of business said a small number of unconfirmed incidents were being investigated.



Source link

Cyber-attacks from WannaCry ransomware slow but fears remain


Media playback is unsupported on your device

Media captionHow to protect yourself online

A computer malware that has spread across 150 countries appears to be slowing down, with few reports of fresh attacks in Asia and Europe on Monday.

However staff beginning the working week have been told to be careful.

The WannaCry ransomware started taking over users’ files on Friday, demanding $300 (£230) to restore access.

Hundreds of thousands of computers have been affected so far. Computer giant Microsoft said the attack should serve as a wake-up call.

BBC analysis of three accounts linked to the ransom demands suggests only about $38,000 (£29,400) had been paid by Monday morning.

Read more:

However, the ransomware warning said that the cost would double after three days, so the payments may increase.

It threatens to delete files within seven days if no payment is made.

Among the organisations targeted worldwide have been Germany’s rail network Deutsche Bahn, Spanish telecommunications operator Telefonica, US logistics giant FedEx and Russia’s interior ministry.

How has Monday been so far?

Many firms employed experts over the weekend to try to prevent new infections.

The picture now appears better in Europe.

Senior spokesman for Europol, Jan Op Gen Oorth, told Agence France-Presse: “The number of victims appears not to have gone up and so far the situation seems stable in Europe, which is a success.

“It seems that a lot of internet security guys over the weekend did their homework and ran the security software updates.”

Carmaker Renault said its plant in the northern town of Douai would not reopen on Monday as it dealt with the cyber-attack.

In the UK, the badly affected National Health Service said seven out of 47 trusts that were hit were still facing serious issues.

In Asia, a significant slowing of the malware was also reported:

  • Australia: Only three small-to-medium sized businesses reported being locked out of their systems
  • South Korea: Only nine ransomware cases. One cinema chain was unable to display trailers
  • Indonesia: Records at one hospital crippled
  • Japan: Both Nissan and Hitachi reported some units had been affected, but effects small
  • China: Hundreds of thousands of computers suffered initially, China’s Qihoo tech firm said. Universities, with older systems, particularly badly hit. Some payment systems and government services affected, but less than feared

Banking systems across the region were largely unaffected.

Who is behind the attack?

This won’t take long. Nobody knows. Europol’s Jan Op Gen Oorth said: “A bit early to say… but we are working on a decrypting tool”.

Associated Press quoted Tim Wellsmore, of US security firm FireEye, as saying: “We expect this is a small operation… They just happened to hit the mother lode.”

Russian President Vladimir Putin said: “Russia has absolutely nothing to do with it.”

Should people pay?

Companies in Asia and Europe have been warning employees to be careful when clicking on attachments and links in their emails.

The message from the UK’s National Crime Agency was “do not pay!” – there is no guarantee that systems will be restored.

Michael Gazeley, of Network Box, a Hong Kong-based cyber-security firm, told Reuters there were still “many ‘landmines’ waiting in people’s in-boxes”, adding that his firm had detected a new version that infected users directly via a malicious link on hacked websites.

Media playback is unsupported on your device

Media captionWhat is ransomware?

Becky Pinkard, from Digital Shadows, a UK-based cyber-security firm, also said it would be easy for the initial attackers or “copy-cat authors” to change the virus code so it is difficult to guard against.

A UK security researcher known as “MalwareTech”, who helped to limit the ransomware attack, predicted “another one coming… quite likely on Monday”.

MalwareTech, whose name was revealed in UK media to be 22-year-old Marcus Hutchins, was hailed as an “accidental hero” after registering a domain name to track the spread of the virus, which actually ended up halting it.

What’s behind Microsoft’s ‘wake-up call’ warning?

The computing giant says the tool used in this current attack had been developed by the US National Security Agency and was stolen by hackers.

It is highly critical of the way governments store data on software vulnerabilities.

Image copyright
AFP

Image caption

A railway station system in Chemnitz, eastern Germany, is infected

Microsoft president and chief legal officer Brad Smith said on Sunday: “We have seen vulnerabilities stored by the CIA show up on WikiLeaks, and now this vulnerability stolen from the NSA has affected customers around the world.

“An equivalent scenario with conventional weapons would be the US military having some of its Tomahawk missiles stolen.”

The organisation also said that many organisations had failed to keep their systems up to date, allowing the virus to spread.

Microsoft said it had released a Windows security update in March to tackle the problem involved in the latest attack, but many users were yet to run it.

Analysis: Dave Lee, BBC North America technology reporter

There are going to be some tough questions on Monday for those institutions which didn’t do enough to keep their networks secure, as well as the organisations that were best placed to stop it happening in the first place – the NSA and Microsoft.

The NSA keeps a chest of cyber-weapons to itself so it can hit targets, but Microsoft has long argued that this is dangerous. If there is a flaw in Windows, the company said, surely the safest thing to do is to let its team know straight away so it can be fixed.

But then Microsoft also needs to consider what obligation it has to update all users – not just the ones who pay extra for security on older systems.

Updating your computer if you’re an individual is a piece of cake, but for a network the size of Britain’s National Health Service? Tough – time-consuming, expensive and complex.

For a company like Microsoft to say it won’t keep those systems safe unless they shell out more money, then that in itself is something of a ransom.

Get news from the BBC in your inbox, each weekday morning



Source link