If you need to use the “Remove everything” option to reset a Windows device, and don’t want to leave any data behind (a known current issue), here’s the latest workaround from Microsoft:

Bi-directional charging technology offers a way to relieve the pressure on the grid from EV charging, share power, and reduce costs for EV owners.

What Is Bi-Directional Charging? 

Instead of taking power from the grid to charge an EV, bi-directional charging allows an EV’s battery to both receive energy from the electricity grid and to share the excess power it generates with the grid. I.e., with bi-directional (two-way) EV chargers, electricity can flow both ways – from the grid to vehicle, and from the vehicle to the grid. This type of charging can be particularly effective when combined with the use of solar rooftop chargers (reducing reliance on the grid altogether).

How Does It Work? 

With bi-directional charging, when the EV is charged using AC (alternating current) electricity from the national grid via a charging point, e.g. at the supermarket. This is converted to DC (direct current) electricity by a converter in the vehicle or in the charger, so the electricity can be used by the vehicle. Also, the internal converter in a bi-directional charger can convert the energy stored in the EV’s battery from DC electricity back into AC electricity so it can be used for the house or sent back to the national grid.

The Benefits 

The main benefits of bi-directional charging for EVs are that:

– EV batteries can be used to store enough power to use the excess for the home or the grid. For example, an EV battery can store many times more power than the standard 7 kWh lithium batteries found in solar photovoltaic systems.

– EV owners can save money on their energy bills using bi-directional charging. For example, in 2019, in a demonstration by Fermata Energy (a U.S. V2G solution provider), discharging less than half of the battery capacity of a Nissan LEAF for a peak 15-minute period was found to have saved $191.79 utility bill demand charges during the first month. Also, charging EVs at off-peak hours at the lowest rates while feeding power back into the grid (when energy rates are highest) can also reduce overall energy costs.

– The national grid’s performance can be improved by pressure on it being relieved during high-demand periods.

Drawbacks 

Bi-directional charging is still a relatively new idea. This means that there are currently only a few EVs that have bi-directional charging capabilities e.g., the Nissan LEAF and the Mitsubishi Outlander plug-in hybrid. This year, however, these capabilities are expected to be built-in to more makes and models e.g., all Teslas, The Volkswagen ID range, and the Ford F-120. more.

Being a new innovation, there are only a few bi-directional wall box chargers currently on the market and these are relatively expensive. Also, advantages can only currently be gained by those who charge at home or with a dedicated workplace charger. Some security commentators have also warned that EV charger security problems could be spread to the home or grid with the expansion of bi-directional charging.

Charging Network Still A Big Worry In the UK

Far from thinking about bi-directional charging, many people in the UK are still holding off from committing to EVs due to worries about finding charging points / the lack of an effective charging network.

For example, the UK’s Society of Motor Manufacturers and Traders (SMMT) has noted that although demand for green cars has surged (1 in 6 new cars) the public charging infrastructure hasn’t kept pace. Also, the SMMT’s concerns about public chargers not being equally distributed across the UK, and the need to regulate the price of chargers has led it to the call for a unified, national approach that could be led by a new regulator e.g., “Ofcharge.”

What Does This Mean For Your Organisation? 

Although still at its beginnings, bi-directional charging looks like being an innovation that could save EV owners money, reduce reliance on the grid and reduce pressure on the grid. At the same time bi-directional charging could be an important way to support and encourage the growth of EV adoption thereby helping meet green targets. Combining bi-directional charging with other green power sources, such as solar panels, can help maximise its sustainability and bi-directional charging looks as though it will not only benefit individual and business EV owner/operators but could be another valuable tool for helping to tackle pollution and climate change.

In this article, we look at what the ‘quantum apocalypse’ is, and what businesses are doing to prepare for this threat.

What Is The Quantum Apocalypse? 

The so-called ‘quantum apocalypse’ refers to the unspecified point in the future where someone (e.g., threat actors or a foreign power) has a functioning quantum computer that can break the kind of encryption that we trust to secure our data, transactions, and communications. This vision is apocalyptic because it would mean that this quantum computer could be used to shut down government defence systems, clear bank accounts, clear Bitcoin wallets, create financial chaos, and access all manner data and communications systems. In terms of national, enterprise, and personal security, this scenario (which is a real possibility) could really be apocalyptic and especially for those agencies, businesses, and organisations that have a legal responsibility to hold and store our data.

What Is A Quantum Computer? 

A Quantum computer can carry out complex calculations at high speed. Whereas traditional computers store data in binary ‘bits’ (ones and zeros) and work by creating and storing long strings of these ‘bits’, quantum computing’s ‘qubits’ (quantum bits) can do both at once. This is because a qubit can hold a zero, a one, or any proportion of both zero and one at the same time, and an array of qubits can use something called ‘superposition’ to represent all 2^64 possible values at the same time. This means that information can be processed much more quickly than with a traditional computer.

Dramatically Speed Up Complex Tasks 

The fact that Quantum computers can store so much more data in fewer bits, means that in addition to being able to solve extraordinarily complex problems, they can do so at high speed. Quantum computers can be used, for example, to dramatically speed up tasks that have traditionally taken a long time, such as finding new drug molecules.

The results can be astounding, where crunching numbers that would take a classical computer a week, could take a quantum computer less than a second. For more information (and examples like this), there are some interesting take-aways from IBM at: https://www.ibm.com/quantum-computing/what-is-quantum-computing/ .

The Risk And The Fear 

The fear is, however, that although the rate of improvement in quantum computing has slowed in recent years, over time they are still likely to become many times faster than today’s machines. This raises the possibility that the world could be caught off guard by someone developing a quantum computer that could render most known methods of encryption useless. This risk has been taken very seriously for several years now. For example:

– In 2015 in the US, the National Security Agency (NSA) warned that progress in quantum computing was at such a point that organisations should deploy encryption algorithms that can withstand such attacks from quantum computers.

– In November 2018, security architect for Benelux at IBM, Christiane Peters, warned of the possible threat of commercially available quantum computers being used by criminals to try and crack encrypted business data.

How Are Businesses Preparing To Mitigate The Threat? 

Having known about this threat for some time, many global businesses in the financial and tech sectors have been taking ‘quantum-proofing’ measures to protect themselves and their stakeholders. Examples of how businesses have been preparing include:

– Former IBM engineer, now head of the Future Lab for Applied Research and Engineering (FLARE) at JPMorgan Chase, Marco Pistoia, has been helping the financial giant to develop quantum key distribution (QKD) that works effectively over distances. This hybrid technology can boost security for financial transactions and guard against quantum hacks. JPMorgan Chase is also working with the US National Institute of Standards and Technology NIST to provide recommendations about the algorithms to use.

– NIST is itself working to develop a standardised defence strategy that would be able to protect industry, government and academia as well as America’s critical national infrastructure.

– Google, Microsoft, Intel, and IBM are reported to be working on solutions. These companies are well-placed to develop solutions that could provide security against the known quantum threats. For example, IBM has been involved in quantum computing for some time and has opened a Quantum Computation Centre in New York bringing online (and making accessible via the cloud) the world’s largest fleet of quantum computing systems for commercial and research activity that exist outside of experimental lab environments. It also appears (from a paper briefly published to a NASA website) that Google has already achieved ‘quantum supremacy’ by making a quantum processor that can complete a task in 200 seconds, which would take a regular state-of-the-art supercomputer approximately 10,000 years to perform.

– Specialist companies like Quantinuum and Post-Quantum are already offering solutions. For example, Post-Quantum, which describes itself as “the only source of usable quantum-safe solutions” offers software products to guard against the risk and says it “began solving the post-quantum encryption challenge back in 2009”. The company also authored the Internet Engineering Taskforce (IETF) standards for a post quantum Virtual Private Network, which is being trialled by NATO.

What Does This Mean For Your Business? 

Quantum computers offer so much promise in enabling governments, businesses, and organisations to solve complex problems in a mere fraction of the time that normal computers can. It is a very real risk, however, that this power, in the wrong hands could be weaponised and used to crack the encryption that the world trusts and relies upon. The race is on, therefore, to create powerful algorithms that can stand up to attacks from quantum computers. With grand names like post-quantum cryptography / quantum-proof cryptography, and quantum-safe / quantum-resistant cryptographic (usually public-key) algorithms, these are the next generation of protection for businesses everywhere. Although it seems a long way off, the evidence is that the threat is real and the development of these algorithms and other solutions yet to come are likely to play a vital role in protecting us all from the threat of the so-called ‘quantum apocalypse.’

Insurer Aviva has highlighted how accidental damage caused by VR headset-wearing gamers caused a 31% jump in home contents claims in 2021.

Average of £650  

Aviva reports that the average VR-related claim for accidental damage in 2021 was about £650, for example for TVs that have been broken in the real world after gamers, immersed online (e.g. within the Metaverse), became overenthusiastic. Although there has been a 31 per cent jump in claims last year in VR headset-related home breakages, Aviva reports that there has been a 68 per cent overall increase since 2016.

More Expected This Year 

Aviva has also said that with many people in the UK having acquired VR headsets for Christmas, it is likely that there will be even more such claims in 2022.

What Kind Of Damage? 

On Aviva’s twitter account, the company highlighted punched ceiling fans, broken furniture and smashed lighting as the kind of household damage caused by people wearing VR headsets. Aviva’s tweet on the subject, which linked to a Guardian article, came with the advice “If you have a VR headset, take care.” 

Injuries Too 

Some specific examples of real-life injuries caused when people are wearing VR headsets can be found on the Reddit feed (subreddit) https://www.reddit.com/r/VRtoER/ where people have shared their painful (video and photo) experiences. These include injured hands from hitting a desk, children getting accidentally hit, and accidentally falling and headbutting the TV.

In the recent Guardian article linked from Aviva’s tweet, Aviva’s UK property claims director, Kelly Whittington, explained that as new games and gadgets become more popular, this tends to be reflected by a rising number of claims relating those gadgets, as happened with handsets, fitness games and rogue fidget spinners. Whittington is quoted as saying that “These devices can be a great source of fun, but we’d encourage people to be mindful of their surroundings and take a look at their home insurance to make sure it suits their needs,” and recommends that users should consider adding accidental damage cover to their home insurance plan.

What Does This Mean For Your Business? 

With VR headsets increasing in popularity and Meta’s (Facebook’s) ‘Metaverse’ on the way, Aviva’s figures have highlighted both a risk to health and property, and a financial risk to home and business users of VR headsets. For businesses where VR headsets are used (e.g., tech and entertainment/experience businesses), it highlights an area for legal concerns as well as the need for additional insurance cover e.g., damage and/or injuries resulting from staff or customers having a VR headset-related accident. For insurance companies, the VR headset trend will mean the need for policy reviews to address the situation and could mean additional revenue from more people taking out accidental damage cover. Also, insurance companies may have to investigate and perhaps pay out more on such claims. VR headset manufacturers may also need to add more warnings and may introduce product safety innovations to help prevent injury and breakages from occurring.

In this insight, we look at how to best to avoid redacted text from being ‘unredacted’ by certain software tools, and we look at what researchers advise based on recent experiments.

The Problem 

For businesses and organisations, the increased need for data sharing and/or making some data public can mean that certain (sensitive) parts of documents need to be obscured/obfuscated/censored for legal or security purposes (and to stop data leaks and fines). There are several different methods for achieving this in a document, including blurring, swirling, or pixelating letters and images. The issue is that some of these methods may not be effective enough and could, possibly, lead to the text being recovered/de-obfuscated using certain tools and methods e.g., the Depix tool or the ‘Unredacter’ tool. A python program like Depix, for example, is designed to recover censored text to a readable format via a simple command, and this type of tool in the wrong hand could potentially lead to a security breach.

Challenge Issued 

The challenge of testing the level of security of pixelated text is something that researchers have focused on for some time. For example, researchers at a company called Jumpsec tested the Depix tool to see if it could recover text that has been pixelated. The results broadly showed that:

– Using the supplied examples, text redaction with Depix was possible to a reasonable degree.

– Using original content (not the author’s supplied example), and after taking a long time, Depix failed to recover the obfuscated text.

It was concluded that The Depix tool poses minimal risk to security at present, as it requires specific criteria to be met to be effective BUT there is a small chance that users can depixelate images using the tool.

Jumpsec then issued (2021) an Internet challenge for someone to develop a tool that could effectively recover censored text to a readable format.

Bishop Fox Research

The challenge was accepted by Dan Petro, Lead Researcher at US security company Bishop Fox. Mr Petro built his own ‘Unredacter’ tool and tested it in a similar way to the Depix tool.

Mr Petro noted that pixelation tools use an algorithm to divide an image into a grid of a given block size (e.g. 8×8) and, for each block, the redacted image’s colour is set to be equal to the average colour of the original for that same area. This “smears” the information of the image out across each block and, although it can work, it has several problems. These include characters not lining up with the blocks and bleeding over, problems with white spacing, and problems with variable-width fonts, and font inconsistency.

The ‘Unredacter’ Tool 

The ‘Unredacter’ Tool created by the Bishop Fox researchers, however, solved many of the problems that the Depix tool had encountered, and was able to recover the text in a test image to a reasonable degree.

The Conclusions 

The conclusions of both the Jumpsec Labs and the Bishop Fox text recovery tool experiments were the same. Both advise that, when redacting text, only use black bars covering the whole text. Never use other methods such as pixelisation, blurring, fuzzing, or swirling, and edit the text as an image. Bishop Fox’s Mr Petro also advises that using black background with black text in a Word document means that the text can still be read that just by highlighting it. This means that is not a secure method and could lead to the accidental leak of sensitive information because of an insecure redaction technique.

What Does This Mean For Your Business? 

There are now so many ways that a data security breach could happen and although using an insecure redaction technique may seem like a more unusual one, the result could be just as devastating as other more popular types of breaches. The lessons for businesses resulting from this research are that software could possibly be used to uncover redacted text and that relying upon fast methods such as using a black background with black text is ineffective and very risky. The research shows that businesses can best protect themselves from this threat by editing the text as an image and by only using black bars covering the whole text.

A sacked school IT Technician who took revenge by deleting data and sabotaging his old school’s network (and by wiping the computers of everyone who was logged in) has been jailed.

Revenge Hack 

As reported on Leicestershire Live, a court was told that Adam Georgeson, 29, who was dismissed from his job as an IT Technician last January at Welland Park Academy in Leicestershire, took revenge by hacking back into the school system and deleting data.

School Network Sabotaged 

In the attack, Mr Georgeson sabotaged his old school’s network, thereby taking it offline for 10 days. This meant that staff were forced to work long overtime hours without payment to try and rectify the problems. Also, the attack meant that 4 staff members were unable to resume working remotely for nearly four months!

Personal Devices of Pupils Wiped 

The other particularly distressing aspect of the attack was the wiping of any devices that were connected to the school’s network at the time. This meant that at least 125 devices, including those belonging to 39 families and computers at the school, had their files completely wiped. This meant the loss of personal family photographs for example, as well as important work and study files. It was reported that the school had to spend £15,600 to restore the system. This spending also meant that cutbacks had to be made on school spending elsewhere, thereby magnifying the impact of the attack.

Losses 

Some of the losses reported in the attack, highlighted in personal impact statements, included:

– A full-time student, in the second year of university studies losing most of her work from the preceding 18 months, leading to her failing an exam.

– A father-of-three losing 1,000 family photographs.

– An assistant headteacher losing learning-related materials and all of his son’s GCSE coursework.

Not The Only Attack 

Mr Georgeson is also reported to have carried out another cyber-attack a few months earlier on a former employer’s business. The attack on Rutland-based Millennium Computer Services, from where Mr Georgeson had been dismissed for misusing the company’s credit card to buy personal computing equipment (without permission) caused chaos to the company’s computer system, putting it out of action for 8 days.

Why? 

The court was told that Mr Georgeson’s actions were the result of a crisis of depression and anxiety. The Judge, however, ruled that the motivation for the attacks were spite and revenge. After pleading guilty to two counts of unauthorised modification of computer material under the Computer Misuse Act, Mr Georgeson was jailed for 21 months.

What Does This Mean For Your Business? 

This case highlights the need for businesses and organisations to have procedures and systems in place for dealing with and minimising some of the risks associated with employee exit. Although this case sounds exceptional and the former employee was found to be responsible due to malicious hacking, it should also be noted that businesses and organisations have a legal responsibility to ensure that security levels are maintained with regards to data security, and this also applies to employee exit (i.e. ‘insider threat’). In order to reduce this kind of threat, areas that businesses and organisations need to address as soon as a staff member leaves could, for example, include:

– Revoking login details and rights/permissions for company computer systems and networks.

– Revoking access to the CRM, thereby protecting data relating to the company, its customers, its other stakeholders, sales, communications and more.

– Stopping access to collaborative working apps/platforms and shared, cloud-based, remote working platforms e.g., Teams or Slack.

– Changing the person’s personal voicemail message on the company phone.

– Ensuring that the departing staff member returns all company devices. This means having procedures in place to keep a record of which company devices have been allocated to each employee.

– Retrieval of any backup/storage media e.g., USBs may also help to prevent some security threats.

– Making sure that any stored items in separate folders on the departing person’s computer are transferred back to the company/organisation or deleted.

– Having a policy in place for the regular changing of passwords and changing any passwords shared with multiple members of staff when one person leaves.

– Changing PINs for any credit/debit cards that the person was authorised to use.

– Immediately letting the team/person responsible for IT security know that a person has left, particularly if the person left ‘under a cloud.’

– Making sure that all company-related keys, pass cards, ID cards, parking passes, and any other similar items are retrieved.

– Retrieving any physical documents that the employee was issued e.g., a handbook that contains information and data that could threaten company security.

– If the departing employee’s email address and extension feature on the website and/or if that employee is featured as being in the role that they are departing from, this needs to be removed from the website. Also, check that company social media doesn’t indicate that the departed employee is still in their role e.g., on LinkedIn and Facebook. Checks should also be made to ensure that the departing employee doesn’t feature in the business/organisation’s online estate e.g., at the top of the website home page or other prominent pages.

Security firm Avanan has warned that Microsoft Teams users are being targeted by hackers who are attaching .exe files to Teams chats. These files put a Trojan on the end-user’s computer which is used to install malware, eventually leading to the user’s computer being taken over. The security advice is to use protection that downloads all files in a sandbox and inspects them for malicious content, deploy robust, full-suite security that secures all lines of business communication (including Teams), and not to click on any unfamiliar file in a chat.

Organising your open apps on the screen in a way that suits you can be a great help to productivity and can save time. Here’s how to choose the right snap layout in Windows 11:

Samsung’s new Galaxy smartphone range makes use of repurposed discarded nylon fishing nets which have been used to create a material from which to manufacture the brackets which hold the volume and power keys in place.

Combining Sustainability And Innovation

As part of the Samsung Electronics ‘Galaxy for the Planet’ vision, the company says that it has combined sustainability and innovation to develop a new material that gives ocean-bound plastics new life. The company’s goal is to use recycled material across all new mobile products by 2025, incorporating various recycled materials within its products.

Helping To Tackle The Problem of Discarded Nets

It is estimated that 640,000 tons of fishing nets are abandoned and discarded every year (UNEP figures). These nylon nets do not naturally break down and are likely to litter the oceans for hundreds of years. The results are the trapping and entangling of marine life, damage to precious coral reefs and natural habitats, and small pieces of the nets ending up in human food and water sources.

Devices Shown At ‘Unpacked’ Event

Samsung, which revealed its new Galaxy devices on 9 February at its ‘Unpacked 2022’ (biannual) event says that they reflect the company’s ongoing effort to eliminate single-use plastics, and to expand its use of other eco-conscious materials, such as recycled post-consumer material (PCM) and recycled paper. Samsung says that this transformation will help it to bring leading product design to market and deliver better environmental impact at the same time.

Water Bottles Too

The company says that it is also using recycled/repurposed discarded water bottles to make materials that can be used to manufacture parts for its devices.

Other Measures

Other measures that Samsung says it’s taking as part of its ‘Galaxy for the Planet’ sustainability vision are:

– Taking steps to eliminate all plastics in mobile packaging by 2025.

– Reducing standby power consumption for all its smartphone chargers to below 0.005W by 2025.

E-Waste, Including Phones, Still A Big Problem

Even though Samsung is taking measures and has a plan to create and incorporate recycled materials into its new devices, there is still the big global challenge of a growing mound of e-waste to tackle. 50 million tonnes of electronic waste is produced each year and a 2019 report by Platform for Accelerating the Circular Economy (PACE) and the UN E-Waste Coalition predicted that, at the current rate, global e-waste production could reach 120 million tonnes per year by 2050. This equates to electronic waste weighing more than all the commercial airliners ever made! Phone handsets and other devices are part of the electronic waste problem and although some schemes are under way to recover the precious metals for them, more needs to be done to create greener devices.

Ethical Phones

Ethical phones (e.g., the likes of Fairphone), and other devices which are manufactured with fair trade, welfare of workers, repair, and recycling already built into the business model, are another way that some companies are trying to improve sustainability. These devices could have more positive environmental impact than traditional manufacture and could slow and cut the flow of e-waste, plus help countries to meet their environmental targets.

The Right To Repair

Greater adoption of the ‘right-to-repair’ is another way that device manufacturers can help slow down the rate and reduce the pile of electronic waste. For example, Apple is introducing a “self-service repair” programme which gives iPhone 12 and iPhone 13 customers access to parts and information which will allow them to repair their own phones.

What Does This Mean For Your Organisation?

This combination of sustainability and innovation is a positive idea which appears to make something good come from a serious ecological issue. It’s a shame that only some parts of the phone can be made from the discarded nets but it’s nevertheless a start, and its also good that this is part of an ongoing plan to use recycled material across all new mobile products from Samsung by 2025. Although this is promising, it is going to take a much greater effort, investment, and some significant innovations from manufacturers across several sectors and throughout supply chains to find more ways to make more of an impact on the problem of growing mountains of polluting e-waste. Much greater efforts are needed to create devices which are ethical, make the maximum use of recycled materials, and have sustainability at the core of their design.

Under the the draft Online Safety Bill legislation, adult websites (i.e. pornographic) site operators will be legally required to verify the age of website visitors or face tough penalties.

Online Safety Bill

For those who run commercial porn sites, the bill, which expected to be introduced to parliament in the next few months, looks likely to mean that:

– Their users may be asked to prove their age, e.g. by proving they own a credit card or confirming their age using a third-party service.

– Failure to comply with the legislation could see commercial porn site bosses held criminally liable. Also, for their business, this could also mean fines up to 10 per cent of their global turnover, or Ofcom (the UK’s communications regulator) blocking their websites from being accessible in the UK.

A Step In The Right Direction

Child safety groups, who have been seeking age verification on porn sites (and who were disappointed when similar measures dropped in 2019), have welcomed the measures in this now strengthened bill as a step in the right direction. However, the NSPCC, for example, has noted that the “legislation still falls short of giving children comprehensive protection from preventable abuse and harmful content”.

Reddit & Twitter Users Too

The draft Online Safety Bill also applies to a wide variety of online services and social media platforms. For example, when the bill moves into law, UK users of platforms such as Twitter and Reddit, on which can be found quantities of explicit adult material, may find that they need to verify their age before being able to login. The alternative, which would be complicated and challenging for social media platforms, would be to somehow remove all adult material from their services in the UK.

Also, Facebook & TikTok

Other obvious platforms which may require age verification under Online Safety Bill laws could be Facebook and TikTok.

What Does This Mean For Your Business?

For those who operate commercial porn websites, this new bill, when it moves into law, could obviously be a threat. For third-party verification service providers, the bill is clearly an opportunity. For the big social media platforms such as Facebook, although the idea has been welcomed, the details of the bill are unlikely to be popular. Nevertheless, platform bosses will be aware that executives can be personally given serious penalties (with a two-year grace period) which is likely to make them take some notice. Facebook, however, is already moving into a new, more controllable area with its Metaverse. Although parents and child safety advocates may take some comfort that the bill may provide better protection for their children, there is an argument that proving age verification may not provide protection from other sites where pornography exists and could threaten the privacy and security of users (i.e., data breaches and scammers). Furthermore, there is an argument that the need to scan social posts could, as highlighted by the Open Rights Group, mean encryption will need to be halted, further affecting privacy and security.