All posts by Paul Stradling

News

Tech News : Russia Cautions Cyber Attacks May Start Military Confrontation

The growing number of cyber-attacks since the start of Russia’s war against Ukraine have led The Russian Foreign Ministry to warn that more western cyber-attacks on its infrastructure could lead to a direct military confrontation.

Housing Ministry Website Hack 

The warning followed an apparent cyber-attack on the Russian housing ministry website which led to a “Glory to Ukraine” sign (in Ukrainian) being displayed.

Several Russian state-owned companies and news organisations have been targeted with cyber-attacks since Russia began its invasion of Ukraine in February. For example, hacks have affected Russia’s RuTube video-hosting platform, and the satellite television broadcast of Moscow on Victory Day.

Interstate Confrontation Threat Increased 

Russia has claimed that its critical infrastructure and state institutions are being hit with more cyber-attacks from the United States and Ukraine. This has triggered an accusation by Russia that the U.S. is “deliberately lowering the threshold for the combat use” of IT, and the chilling warning that “The militarization of the information space by the West, and attempts to turn it into an arena of interstate confrontation, have greatly increased the threat of a direct military clash with unpredictable consequences.”

Cyber Attacks By Russia 

There were of course no references made to the many cyber-attacks emanating from Russia from the beginning of its invasion of Ukraine. For example:

– Back in January, defacements of Ukrainian government websites and the deployment of Whispergate destructive malware believed to have been carried out by Russian Military Intelligence.

– In February, the cyber-attack impacting Viasat.

– The cyber-attacks on oil facilities in Germany, Belgium and the Netherlands.

– It’s also worth remembering that last year, the U.S. sanctioned Russia over the ‘SolarWinds attack’ where alleged Russian-state sponsored cyber-criminals accessed 18,000 government and private computer networks, and over alleged Interference in the 2020 U.S. presidential election.

What Does This Mean For Your Business? 

State-sponsored cyber-attacks are nothing new and have been ongoing for many years, as a means to steal secrets, disrupt, interfere, and apply pressure as part of the power struggle between many countries, and notably between east and west. It should be no surprise to Putin’s government that following their own cyber-attacks against and the invasion of Ukraine that cyber-attacks on their own state’s infrastructure would follow. Based on the magnitude of recent threats by Russia, the strong wording of its warning over cyber-attacks is also to be expected and could also be a sign recent cyber-attacks are causing enough damage and disruption to be noticed by Russian people, and annoy Putin’s government. The list of businesses and global companies that have now pulled out of Russia is significant and still growing and news indicates that sanctions are having a massive impact on the Russian economy. For example, the Institute of International Finance estimated that the crisis could wipe out 15 years of economic development and the IIF estimates Russia’s gross domestic product will shrink 15 per cent this year. Many of the big names that have pulled out of Russia will, of course, suffer financial consequences themselves but may also may now want to boost their own cyber defences in case they are now targeted by Russian state-sponsored hackers.

News

Tech News : UK Not Adopting EU’s Universal Charger

Following the recent news that the EU plans to introduce a single, universal charger for all devices, it has been reported that the UK has said that it is not currently considering copying the idea.

Just One Universal Charger Cable

A week ago, the EU parliament announced that by autumn 2024, USB Type-C will become the common charging port for all mobile phones, tablets and cameras in the EU. This will mean that consumers will no longer need a different charging device and cable every time they purchase a new device and can use one single charger for all their small and medium-sized portable electronic devices.

It has been reported that the reasons for this change are to make products in the EU more sustainable, to reduce electronic waste, and make consumers’ lives easier. Also, charging speed is harmonised for devices that support fast charging, allowing users to charge their devices at the same speed with any compatible charger.

E-Waste 

The EU parliament says that having one universal charger will lead to more re-usage of chargers and will help consumers save up to 250 million euros a year on unnecessary charger purchases. Also, it will help the environment by reducing the growing pile of e-waste. Currently, for example, disposed of and unused chargers are estimated to represent about 11,000 tonnes of e-waste annually.

UK Says No 

It has, however, been widely reported that the UK government is not currently considering replicating the EU’s idea, and a parliamentary report from December 2021 states that “the new requirements may also apply to devices sold in Northern Ireland under the terms of the Northern Ireland Protocol in the Brexit Agreement, potentially triggering divergence of product standards with the rest of the UK.”

Apple Was Against The Idea 

When the proposal for a universal charger for the EU was first proposed, it was met with objections from Apple which has its own Apple-made “Lightning” connector. Back in September 2021, for example, Apple said that requiring just one type of connector “stifles innovation” and would “harm consumers” in Europe and around the world.

What Does This Mean For Your Business? 

Having just one type of charger for all devices sounds like it could be very helpful to EU consumers, provided that the charger is reasonably priced and could be better than being faced with a dizzying array of different charger options and trying to find the right one quickly, e.g if a charger has been forgotten or is broken. The EU rule, however, will be bad news for those companies who currently manufacture the many different types of chargers and for many retailers who currently derive revenue from the many different chargers and cables. For Apple, the EU’s decision also appears likely to cause problems and force the company to come up with a potentially costly solution for its many devices and push it into the uncomfortable area of having to accept a third-party charger, instead of its own lightening connector. The EU’s new rule on chargers is likely to be a positive step for the environment and has the potential to reduce the amount of e-waste that is currently being produced. Many UK consumers are likely to be disappointed that the universal charger will not apply here both from a convenience and an environmental point of view.

News

Tech Insight: What Is Shopify?

In this insight, we take a look at Shopify, what it offers, and how it has grown to become a major e-commerce platform.

Where And Who? 

The Canadian-based Shopify Inc. is a multinational e-commerce company founded in 2006 by Tobias Lütke and Scott Lake after they tried to set up an online store for snowboarding equipment but were dissatisfied with the e-commerce solutions available on the market.

What? 

Shopify is a cloud-based and hosted online platform (although it does have a physical store in the US) that offers users a complete, all-in-one e-commerce shop. Shopify enables users (its merchants) to build and customise an online store and sell in multiple places, including web, mobile, in person, brick-and-mortar locations, and pop-up shops and across multiple channels from social media to online marketplaces. Shopify merchants can run their store from an app, and the platform has its own app store with 9,000+ apps from third-party developers that merchants can add to their store.

Subscription 

Merchants pay a monthly subscription for their e-commerce store and there are 5 different pricing plans to choose from, ranging from Lite at $9/month, and Basic Shopify $29/month, right up to Shopify Plus starting at $2,000/month.

Is It A Popular Platform? 

Shopify has more than 1,700,000 merchants’ businesses in 175 countries. Shopify is the biggest and most popular of what could be regarded as the e-commerce platform market, and many users value its ease of set-up and use. For example, Shopify claims that using its ‘Marketplace Kit,’ merchants can set up their marketplace in less than 8 minutes. Also, many users value the convenience of operating their Shopify site from an app, the websites themselves and their sales features, and the e-commerce tools. Other, similar platforms to Shopify include Magento Ecommerce, Pixpa, 3DCart, BigCommerce, WooCommerce, and Squarespace.

Amazon  

Shopify had a huge boost back in 2015, when Amazon announced it would be closing its Amazon Webstore service for merchants, and suggested Shopify as the preferred migration provider. Also in 2017, Shopify announced an integration with Amazon, allowing Shopify’s merchants to sell on Amazon from their Shopify stores. Whereas Shopify lets users build an e-commerce store and essentially rent a selling space on its platform, Amazon is in itself a huge online shop. Amazon does also, however, allow third-party sellers to sell new or used products on a fixed-price online marketplace next to Amazon’s regular offerings.

After surpassing $54 billion in Gross Merchandise Value (GMV) in the fourth quarter of 2021, the Shopify platform is now 50 per cent the size of Amazon Marketplace. Sellers on Amazon transacted $390 billion worth of goods in 2021, whereas the combined transactions of Shopify merchants totalled $175 billion GMV.

Snapchat Integration Too 

In 2019, Shopify also announced an integration with Snapchat, thereby allowing Shopify’s merchants to buy and manage Snapchat Story ads directly on the Shopify platform. This can be useful for those with products aimed at younger customers.

What Does This Mean For Your Business? 

For those wishing to sell products online, there are now many different options available, e.g. build your own website and add a shop, sell on eBay, sell on Amazon, or set up a shop on a popular e-commerce platform. Shopify has grown (with help from Amazon) to become a very large and popular e-commerce platform. The fact that it’s subscription-based, the convenience of all-in-one model, and that it’s relatively easy to set up and manage and can be operated from an app, it has a good breadth of bolt-ons and an app store, and has integrations with other big platforms (e.g. Amazon) are all reasons why it is so popular.

News

Featured Article : What Happened Recently With The ICO?

Following news of a Freedom of Information (FOI) disclosure revealing a lack of public reprimands issued over GDPR breaches in the public sector, we take a closer look at the FOI, what it can be used for, and how it’s linked to the ICO.

What Is The Freedom of Information Act? 

The Freedom of Information Act (FOIA) and Freedom of Information (Scotland) Act (FOISA) are the UK laws that cover the public’s general right of access to information held by public authorities.

Public authorities include government departments, devolved administrations, other public bodies and committees, local councils, schools, colleges and universities, the NHS, publicly owned companies publicly funded museums, galleries and theatres, the police and fire services, and the National Archives.

Who Can Make One … And How? 

The FOI Act gives everyone a legal right to see information held by public bodies/authorities. A Freedom of Information (FOI) request can be made in writing by letter, email, social media or online form. Those making an FOI request need to include (not needed for environmental information) a contact postal or email address and a detailed description of the information required, e.g. all information held on a subject, or just a summary. The information can be requested in a particular format, e.g. paper or electronic copies, large print, or audio.

What Is The ICO And What Is Its Connection To FOI?

The Information Commissioner’s Office (ICO) is the UK’s independent, non-departmental public body set up to uphold information rights in the public interest.

The ICO should also promote openness by public bodies and data privacy for individuals. The ICO plays a key role in administering the FOI because it is the regulator for Data Protection and Freedom of Information, with key responsibilities under the Data Protection Act 2018 (DPA) and Freedom of Information Act 2000 (FOIA), as well UK GDPR, and other acts. The ICO also has a Regulatory and Enforcement Activity Policy, and its “default position” under this policy is to publish all formal regulatory outcomes such as reprimands issued under GDPR, which can include reprimands issued to private companies. Formal reprimands, fines and other enforcement notices, for example, can be issued to organisations by the ICO where GDPR has been contravened.

What Happened Recently?

A week ago, it was reported that following a FOI request by Jon Baines, a senior data protection specialist at law firm Mishcon de Reya, there appears to have been failings in the disclosure by the ICO of reprimands it had issued to public authorities under GDPR. The FOI request by Mr Baines revealed that although the ICO had issued 42 reprimands between 25 May 2018 (when the UK GDPR came into effect) and 15 November 2021, most were not publicly disclosed.

Considering that the ICO’s default position should be disclosure of the outcomes, the failure to do so in most cases over more than 3 years has led to criticism that the ICO has been failing in this area.

Which Bodies Were Formally Reprimanded By The ICO?

The FIO request revealed that reprimand recipients included some very large organisations, and not just those in the public sector. For example, the supermarket chains Asda and Morrisons, healthcare provider BUPA, apps like Houseparty and Zoom, and EasyJet are reported to have received reprimands. Other recipients are reported to include West Midlands Police (twice), The Home Office (twice), Oxford University, NHS health boards, schools, and some local councils. Mishcon de Reya, the company whose data protection specialist made the FOI request, reports that the Digital Service (part of the Cabinet Office), UKIP, and the CPS were also recipients of reprimands under GDPR. However, the ICO has (according to Mishcon de Reya) withheld the identity of one of the recipients because the information relates to a body dealing with national security and intelligence or serious organised crime.

What Does The ICO Say?

Mishcon de Reya reports that the ICO has confirmed that in the future, when it publishes its online datasets of casework outcomes, these will include reprimands.

A New Information Commissioner

A new Information Commissioner, John Edwards, took over from Elizabeth Denham CBE on 3 January 2022. John Edwards has been New Zealand’s Privacy Commissioner since February 2014, and has practiced law in Wellington, New Zealand for more than 20 years (specialising in information law). The hope is that this area around publishing details of reprimands will be given more attention under his leadership.

What Does This Mean For Your Business?

Data privacy is an important matter to individuals and businesses, and it could be strongly argued that it is in the public interest to see, through reports of reprimands under GDPR, which organisations may not be acting responsibly with their data. This could influence whether consumers choose to use the services of particular company (a matter of trust). It may also be very disappointing to many businesses that have been paying close attention to complying with GDPR to see that the regulator appears not to have been paying attention to its own policy and appears to have been failing in an important area for 3 years. For those companies whose reprimands weren’t made public, the apparent failure of the ICO in this area has been an unexpected let-off that they are likely to have been glad of in terms of protecting their reputations. This story also illustrates how important and powerful the right to make FOI requests can be and how this right should be valued.

News

Sustainability : IT Industry’s Sustainability Action-Gap

A report by datacentre energy management company Schneider Electric has highlighted a sustainability action gap between the statements of intent and actions of IT companies.

The Research 

The research for the report, carried out with Forrester and 451 Research, collected data from 3,000 global cloud and IT businesses, and comments about the IT industry’s lack of action on sustainability were made at a Schneider Electric virtual event.

The Key Points 

The key points identified by the company’s vice-president for the secure power division (France) about the apparent sustainability action gap in IT companies were:

– Many IT companies appear to be struggling to make their statements of intent on IT sustainability live up to their actions.

– There is too much of a focus on simply tracking power usage effectiveness / PUE (an efficiency measurement in data centres), rather than finding out which facilities use renewable energy and measuring greenhouse gas emissions from operations.

– The complexity of trying to track and manage the energy usage of IT assets within hybrid environments is contributing to the sustainability action gap.

– IT companies that don’t address the gap between their sustainability pledges and their actions may find themselves at a competitive disadvantage.

Another Report 

A report by NewClimate Institute in February, for example, showed that it isn’t just IT or tech businesses that may be suffering from a sustainability action gap. For example, the report drew upon a survey of 25 of the world’s biggest companies, which include Amazon and Apple but also Nestlé, Unilever, Sony and Vodafone. The report showed that some of the biggest companies will only cut their carbon emissions 40 per cent rather than the 100 cuts claimed and that the companies surveyed may only cut their emissions by 23 per cent on average by 2030, which is far short of the figure of almost halving them in the next decade that’s needed to limit global heating to 1.5C.

What Can Be Done To Help Close The Gap? 

Some ways that IT companies could close the gap include:

– Greater communication and collaboration between datacentre operators, colocation providers (data centres that rent equipment, space, and bandwidth to retail customers) and IT leaders is one way to start closing the gap more quickly.

– CIOs could be making greater efforts to find ways to optimise the energy efficiency of their hybrid environments.

– IT tech and solution providers could introduce training programmes to help CIOs to breach the sustainability gap.

– Not relying solely on carbon offsetting for a large portion of their promised cuts and recognising that forestry is not a great substitute for immediate cuts in emissions.

– Trying to be more transparent in target-setting and corporate reporting.

What Does This Mean For Your Organisation? 

What this report and others appear to be saying are that many companies, not just in the IT and tech fields have a sustainability action gap that they are not working quickly or smartly enough to bridge to meet their own targets let alone making the required contribution to meeting the wider national and global targets to reduce global warming. Hybrid environments, a lack of communication and collaboration, a focus on the wrong metrics, and favouring offsetting over making actual emission cuts now all appear to be holding back the amount of real, immediate action that’s needed. Time really is running out and all businesses, not just those in the IT and tech fields need to look closely at how they can do things differently now to play their part in reducing global warming and may find that they create competitive advantages for themselves in doing so.

News

Security-Stop-Press : Snake Keylogger Malware Being Spread In PDF Files

Online security experts are warning people to take extra care when downloading PDF files after PDFs were recently used in campaigns to deliver Snake Keylogger malware. Snake Keylogger, which is eighth place in Check Point’s Global Threat Index, records a user’s keystrokes and transmits the collected data to cybercriminals. The advice is to use a robust email security solution that quarantines and inspects attachments.

News

Tech Tip – Identify Objects In Photos Using Google Lens

If you have the Google Photos app, you can use ‘Google Lens’ to identify a picture and show search results about the objects featured in a photo, e.g. an animal, a plant, or a building you took a photo of on holiday. Here’s how it works:

– Open the Google Photos App.

– Open one of your photos.

– Click on the ‘Lens’ button.

– Lens will focus on what it sees as the main object in the photo, but you can also tap on the area of the photo you want to identify or get information about.

– The object is identified below the photo and Google provides links to related results in in Search.

News

Sustainability-In-Tech : 1st U.S. Moratorium On Crypto-Mining Passed

New York state lawmakers have passed a two-year ban on energy-hungry proof-of-work crypto mining that uses carbon-based fossil fuel power plants.

Energy-Hungry Crypto-Mining

One of the big environmental challenges of cryptocurrency mining is that it requires a large amount of power. For example, Bitcoin “mining” uses specialised Bitcoin computers that are constantly powered on and connected to the cryptocurrency network to verify transactions (sending and receiving of the Bitcoin cryptocurrency).  This verification is achieved by the computers solving puzzles to prevent fraud and to win small amounts of Bitcoin.

Researchers from Cambridge recently highlighted how Bitcoin mining consumes a massive 21.36 terawatt-hours (TWh) a year, meaning that if Bitcoin were a country, its energy (electricity) consumption would be ranked above Argentina and the energy could power all the kettles in the UK for 27 years.

Using Former Power Plants 

The problem in upstate New York, which the new two-year moratorium has been introduced to stop, is that the area has become an attractive destination for Bitcoin-mining companies due to the availability of former power plants and manufacturing sites with unused electrical infrastructure.

The idea of passing the moratorium is, therefore, to prevent old fossil fuel power plants in New York from being given a second life by private crypto-mining companies as this would create more carbon pollution and make it more difficult for the area to meet climate targets.

Proof-Of Work Mining 

The new law is particularly targeted at the ‘proof-of-work’ mechanism of verifying new transactions on the blockchain and make new tokens in crypto-mining. Proof-of-work tokens include Bitcoin, Ethereum, and Dogecoin and proof-of-work mining requires a large amount of energy.

Exemptions 

The new temporary ban does, however, exempt businesses that have already secured or applied for, or have renewed air permits, as well as most of the facilities in the state that use power from the electric grid. Renewable energy proof-of-work crypto mining businesses will also still be allowed to operate.

Challenge 

Although the move will please environmental campaigners it has been criticised for its potential to deter investment in New York State and cause crypto-mining businesses to simply cluster in other states where there is solar, wind, hydro and other sources of clean energy e.g., Texas, Tennessee, and Washington State.

What Does This Mean For Your Organisation? 

This story illustrates how, although cryptocurrencies are virtual, their mining (particularly with the ‘proof-of-work’ mechanism) require vast amounts of power. This not only makes them a threat to the environment where fossil-fuelled power is used but can drive some companies to apparently put their own profits before climate change targets and negative effects on the environment. Also, as the details of the new moratorium show, it can lead businesses to re-open old fossil fuel power plants or take other measures to meet their power requirements. For example, in January 2021 in the West Midlands, police closed down a warehouse that had been converted to an operation to illegally supply large quantities of electricity for Bitcoin mining. The alternative mechanism to proof-of-work is ‘proof-of-state’ which is more energy efficient. Although crypto-mining companies in the US may be deterred from areas where these types of laws are passed and those areas may suffer the lack of investment, at least it may drive them to areas using clean energy sources thereby having a lesser impact on the environment.

News

Tech News : Google Offers Job Interview ‘Warmup’ Tool

The new AI-based interview Warmup tool from Google uses questions from a series of industry experts to help users prepare for job interviews.

Tech Jobs And Skills Gap 

Googe says that this news Interview Warmup tool was developed as part of its own Google Career Certificates programme which offers professional-level online training. The programme was designed to address the problem, as identified by Burning Glass’ Labor Insight, that there are 1.5 million tech job vacancies in the U.S. These jobs are in fast-growing fields like data analytics, digital marketing and e-commerce, IT support, project management and UX design. The Interview Warmup tool is, therefore, an add-on to the training that could provide vital help for those whose tech job applications have reached the interview stage.

Even though it was developed for Google Career Certificates, the Interview Warmup tool is open to everyone.

How It Works 

Built in collaboration with job seekers, the Interview Warmup tool lets users practice answering questions selected by industry experts and uses machine learning to transcribe the answers in real time to help the user to discover ways to improve their interview technique.

Google says: “You’ll also see insights: patterns detected by machine learning that can help you discover things about your answers, like the job-related terms you use and the words you say most often. It can even highlight the different talking points you cover in each answer, so you can see how much time you spend talking about areas like your experience, skills and goals.” 

UK Tech Skills Gap 

Here in the UK, government figures showed that there were 1.2 million job vacancies in the three months to November 2021 and that around 82 per cent of all jobs in the UK list digital skills as a requirement. There’s been a tech skills gap in the UK for many years now which has particularly affected SME’s and, at the same time, new tech industries have been growing, e.g. AI. Back in 2020 the government launched The Skills Toolkit offering free, high-quality digital and numeracy courses. Also, the government’s ‘Levelling Up’ white paper promised that by 2030, the number of people successfully completing high-quality skills training will have increased in every region of the country.

Skill In Itself 

Although learning the skills for a job are essential, knowing how to come across well in interview is a skill in itself and could provide the competitive advantage that’s vital to gaining employment. It is in this crucial last stage that Google’s new Interview Warmup tool could be of real benefit.

What Does This Mean For Your Business? 

Finding staff with the digital skills that are so important in today’s business environment can be a real challenge, particularly for SMEs. Interviewing provides the opportunity to examine candidates in much more detail and it would be great shame if technically qualified and competent candidates who may well be suited the job were rejected simply because they were less effective in interview situations. The Interview Warmup tool, therefore, has a value both to candidates wanting practice and hone their interview skills, and ultimately for the businesses that need to uncover the relevant information from interview candidates that could lead to employing someone who provides real benefit to the business going forward.

News

Tech News : Free Translation Via Firefox – Even Offline

The new, free Firefox Translations browser extension translates websites in the browser without using the cloud, using machine learning.

Client-Side Translations 

Firefox Translations provides automated translation of web content but, unlike cloud-based alternatives, the translation is done locally, on the client-side, so that the text being translated does not leave the user’s machine. With Firefox Translations, the engines, language models and in-page translation algorithms reside and are executed entirely in the user’s computer, so none of the data is sent to the cloud. This enables use of the tool offline thereby making it convenient in any situation and frees the user from any worries about privacy concerns relating to using cloud providers.

How It Was Made 

The new Firefox add-on/extension was developed by using a high-level API around the machine translation engine, ported to WebAssembly (a new type of code). The operations for matrix multiplication were then optimised to run efficiently on CPUs (a computer’s central processor). This enabled Mozilla to develop a translations add-on that allowed the integration of local machine translation into every web page so that users can perform free-form translations without using the cloud.

Part Of Project Bergamot 

Firefox Translations was developed as part of EU-funded Project Bergamot (2019) which saw Firefox work as part of a consortium including the University of Edinburgh, Charles University, University of Sheffield, and University of Tartu.

Competitors

There are several other widely used competing machine learning-based web translation tools including Google Translate (website interface, mobile app and API), Microsoft Translator (machine translation cloud service using the using the Translator API and Speech service), and DeepL Translator (a neural machine translation service).

The big differences between them are that:

– Firefox Translations works offline and doesn’t use the cloud, so some users may see it as a more private option.

– Firefox Translations covers fewer languages, only 12 compared to Google Translate’s 100+ languages.

– Mozilla says that Firefox Translations includes two novel features. These are translation of forms, to allow users to input text in their own language that is dynamically translated on-the-fly to the page’s language, and quality estimation of the translations. This automatically highlights where low confidence translations are on the page, thereby notifying users of potential errors.

What Does This Mean For Your Business? 

In a global marketplace, translator tools can be very convenient and useful whereby technologies such as machine learning have given them the greater value and functionality that users require. There have, in recent years however, been data security and privacy concerns based around web translators and apps, e.g. the Translate.com data breach, worries about cloud connections to translation tools and how trade secrets, and intellectual property could be exposed. Having a translation tool, such as Firefox Translations where translation is all done locally, on the client-side, with no need for a cloud connection does appear to be a possible advantage in terms of allaying fears about privacy. Although both Google’s Chrome and Firefox browsers are both now based on Chromium and Firefox is popular, Google is still dominant in the browser market and its translator tool, which offers many more languages than Firefox Translations is, unsurprisingly, the leading competitor. However, for businesses that would value a possibly more private and very convenient (work offline) alternative, Firefox Translations may be worth looking at.