Almost a year after setting up a UK business entity called Squareup Europe, today the payments company Square is officially opening up for business in the UK, marking its first move into Europe and its fifth country after Canada, Japan, Australia and its home market in the US, with a service that turns ordinary smartphones and tablets into point-of-sale payments devices. Brexit and all the questions of what it will mean to the British economy and its technology industry be damned?

Square will sell a £39 Square Reader, a piece of hardware that connects by Bluetooth to your phone or tablet to turn that device into a payment card reader. And in addition to selling the reader, Square will take a 1.75 percent cut on all in-person transactions, and 2.5 percent for any sales made online, by phone or electronic invoice.

The news was announced this morning at an event in London with Square’s CEO Jack Dorsey (who is also the CEO of Twitter) at an event at the Soho Piano Bar, one of Square’s first customers here. He said that the company would focus more on targeting small and medium businesses that have yet to take card payments of any kind — estimated to be account for half of the 5.4 million SMBs in the country.

“There are a lot of folks here who haven’t been reached yet,” Dorsey said in a presentation this morning. Amidst a market full of a number of existing competitors in the area of mobile payments, he also noted that Square’s quick turnaround for payment processing was one unique selling point. “You’ll have access to your funds the next business morning.”

He also added that Square was interested in adding more financial services, such as Square Capital for cash advances, soon, and it was also considering entry into more European markets before adding on other services like its food business. “We still have a long way to go with Caviar in the U.S.,” he said.

This is not Square’s first foray into business in the UK. Back in 2014, we spotted that the company’s point-of-sale software Register was quietly launched globally to allow people to take virtual payments, but this hasn’t been actively promoted as a business. In an interview, Sarah Harvey, who is heading up Square’s efforts in the UK, would not disclose how many businesses are using that currently in the UK, nor how much money it is processing here.

A more formal entry into the UK, however, has been a long time coming.

Square, which launched in 2009, originally made its name by offering an easy way for small businesses to take card payments by creating a phone or tablet app that worked with a small piece of hardware, made and sold by Square, to transform those consumer devices into card readers and processors. Square marketed this specifically to those who didn’t take card payments previously and/or found buying traditional equipment and paying bank fees too expensive.

That is a service that had a ready market in the UK, too. In addition to millions of small and medium businesses and millions more sole traders, the UK has a population of consumers that prefer to pay by cards: the average consumer carries only £25 and 70% of all transactions are made with debit and credit cards.

So unsurprisingly, in the years between Square launching its services in the US in 2009 and today, a number of other companies have sprouted up to sell similar services in the UK, including iZettle, PayPal, SumUp and more.

In other words, the market for stealing customers from existing, established companies is tight, and the number of businesses who take no card payments at all (late adopters) is smaller: it’s estimated that about half of the UK’s small enterprises do not accept card payments today.

Some believe that Square has, in fact, already missed the boat for making a splash in the market.
However, if you look at other businesses in the world of tech, it’s not always the first movers who are the winners (just look at Apple and the iPhone as one example). That was a sentiment echoed by Dorsey today who said it’s not about being first, “but being the best.”

We’d heard from more than one source Square had actually weighed up acquiring rivals as one route to entering the UK.

But the strategy Square has taken to go organic is, at least for now, a far less expensive way to try things out. Accounts from Companies House show that Square has to date invested less than £4 million into the operations up to now to build the business. By comparison, acquiring a rival like iZettle could have cost the company several hundreds of millions of dollars.

iZettle is (so far) positive in the face of more competition. “We’ve been waiting for these guys to arrive for a while now. We’re happy they can join us here, as healthy competition always moves a market forward. We’re fans of anyone who can help us level the playing field in the massive effort needed to democratise commerce for small businesses in the UK,” said Jacob de Geer, CEO and founder of iZettle. “We are actually surprised it took them so long to get involved and believe they have some catching up to do. We have five years worth of data and understanding of the UK market, and we know from experience that the UK is a different beast to the US. We’ll be watching them closely, and with interest.” 

What will be interesting to watch is not only whether Square manages to gain traction with its late entry into the UK market, but what else it chooses to bring here alongside the payments services.

Square in the U.S. has been moving beyond payments enabled by a mobile phone or tablet, into more specific industry services like food ordering and delivery; as well as cash advances, invoicing, API access for on-site integrations and other services for businesses.

In its last earnings, Square noted that “new products” launched since 2014 represented 25 percent of its adjusted revenues for the quarter. Harvey would not comment to me on when and if Square planned to introduce services like these in the UK, nor whether there were plans to expand to other markets in Europe.

Revenues at the company last quarter increased 35 percent, to $402 million in the quarter. Subscription and services-based revenues grew 81 percent, to $41 million in the same quarter. Hardware sales, which represent the smallest portion of its revenue mix, grew to $8.9 million as more vendors continue to upgrade to contactless and chip-card readers.

Source: techcrunch


Report - the movie will centre on McAfee's notorious time in Belize
Hollywood icon Johnny Depp is set to play tech industry legend John McAfee in an upcoming biopic based on his time hiding out in Belize, reports indicate.

According to Deadline, the Pirates Of The Caribbean Star will play McAfee "as he takes a... magazine writer on a darkly comic Apocalypse Now-like tour at his Belize compound, a trip filled with paranoia, machine guns, sex and murder".

Details are sketchy at present, but the film - that allegedly has the working title 'King Of The Jungle' - will apparently be based on the notorious episode in which the tech mogul and one-time presidential candidate went on the run from Belizean police in an unbelievable incident involving meth labs, alleged police frame-ups and the murder of McAfee's neighbour.

The story of John McAfee is well-known in the tech world. After selling his cyber security company for a princely sum, he moved to Belize in 2008.

There he was accused by the government of manufacturing narcotics and owning unlicenced firearms, and he allegedly surrounded himself with gang members. When his neighbour turned up with a bullet wound to the back of the head, McAfee went on the run, saying he believed the bullet was meant for him and that the authorities saw him as a murder suspect.

The authorities say they only wanted him for questioning, while McAfee told Wired that he was convinced they were out to "silence" him. Eventually, his location was given away by the Vice journalists that were travelling with him; metadata embedded in a photo they posted to social media revealed that he had fled to Guatemala - he was eventually sent back to the US.

The project is being helmed by Glenn Ficarra and John Requa, who also directed Whiskey Tango Foxtrot, I Love You Phillip Morris and Focus. The script comes from Scott Alexander and Larry Karaszewski, who were behind Man On The Moon, Ed Wood and The People vs Larry Flynt.

The creative team behind the film have considerable experience producing biopics, and their previous work suggests they will not shy away from the more controversial aspects of the John McAfee legend.

While McAfee has previously called out inaccurate reports about him, after a company mistakenly claimed he was their chief security officer - he retweeted stories about the movie, suggesting it is a film that is in the works.

In a Business Insider opinion piece, McAfee wrote last May: "My most prominent act of civil disobedience occurred in Belize, when I refused to be extorted by the government. This led to a series of events that to this day, no fictional movie has matched." Now that movie might finally be made.

Source: itpro


BOSTON -- Blockchain can help secure medical devices and improve patient privacy, but the key is proper implementation, according to a top security pro at Partners Healthcare.

The downsides would include mistrust of the technology because of blockchain’s potential performance problems, and its association with ransomware and use as payment for illegal items on the Dark Web, Partners’ Deputy CISO Esmond Kane told the SecureWorld audience last week in Boston.

On the other hand, the decentralized, encrypted public ledger could have a wealth of applications in healthcare, Kane says. These include streamlining the resolution of insurance claims, management of internet of things medical devices and providing granular privacy settings for personal medical data.

More on blockchain: Healthcare, retail industries give blockchain a try

Partners Healthcare is interested in it for giving patients the ability to set different privacy settings on their medical information. The mechanics haven’t been worked out, but by breaking down records into components and granting access piece by piece, there would be less risk of over-privileging any potential recipient.

The blockchain would be able to control, for example, who can gain access to certain information such as whether an employee was being treated for a psychological disorder, he says. That information could be designated off limits to the employer, but accessible to the patient’s insurer.

The technology could be used to speed up resolution of insurance claims by having records posted to a private blockchain that would allow accessing updated data by all parties, reducing the need for transmitting the data and building the infrastructure for sending it, he says. This could also cut costs.

Medical devices could be given unique identifiers and information about them could be stored in a shared ledger accessible by other systems to automate maintenance and management, he says.

Public vs. private blockchains

Use of public blockchains can have scaling problems particularly when it’s used for encryption. Delays can be significant, he says. Private blockchain services from IBM, Amazon and Microsoft, give much better service levels, he says.

Blockchain can’t be undertaken lightly. Financial technology pros say its use calls for extra key management infrastructure, Kane says.

He notes that several public blockchains have run into security problems, not necessarily because the blockchain itself was faulty but because of how it was implemented.

Since blockchain is decentralized, public blockchains with nodes in other countries may present problems if they don’t move to new code bases as revisions become available.

This story, "Blockchain can help secure medical devices, improve patient privacy" was originally published by Network World.

Source: computerworld


IT administrators who manage a fleet of Skype for Business users will have an easier time of diagnosing and fixing problems that may arise for them. Microsoft on Monday unveiled the beta of a new Call Analytics Dashboard, which is supposed to provide admins with a diagnosis of issues that users are having on a call.

There are several issues that could arise and cause a degradation in call quality, which is why these analytics are helpful. If a user complains about a call only working intermittently, it can be hard to diagnose whether that’s an issue with the network connection, headset, Microsoft’s infrastructure or something else.

Companies may be more likely to migrate from their legacy communications infrastructure to Skype for Business with the new dashboard, since understanding issues that crop up can help with the transition.

That dashboard is one of a handful of Skype for Business features Microsoft announced as part of the Enterprise Connect unified communications conference.

The company also added two new capabilities aimed at serving call centers. Auto Attendant lets businesses set up a system of menus that callers can navigate using their phone keypad. (Think: “For warranty claims, press 1.”)

Call Queues are built for environments like customer service hotlines where there are groups of Skype for Business users who could all answer the same incoming call. Callers are placed into a queue based on when they dialed in, and are automatically routed to the next available employee.

Both of those features are only available for companies using Skype for Business’s Cloud PBX feature, which is included in Microsoft’s premium Office 365 E5 subscription.

Source: computerworld


Organizations are constantly looking for new ways to increase employee efficiency, but often only further perpetuate the problem by introducing yet another new app or program. Looking to address this ongoing issue, San Bruno, California-based company Sapho offers a micro app platform that allows businesses to build a single, social-media like feed through a notification-enabled app, web browser or messenger client. IT Pro Portal editor Désiré Athow connected with Sapho CTO and co-founder Peter Yared to discuss how the rise of micro apps can help organizations today. 

Is there a common problem you see organizations are running into that impacts their ability to operate efficiently? 

Big data has been in vogue for years, but many businesses are having a lot of difficulty harnessing value and gaining insights from the voluminous amounts of data they collect. However, there is an often-ignored set of data in the enterprise that is truly actionable, data that I call “active” data. Active data is “in-flight data” that represents things that are changing or need some sort of action taken to move forward. Active data includes data like open purchase orders, new PTO or family leave requests, sales opportunities that are changing in scope, orders that are shipped late and so on. 

Enterprises should focus on the data that matters most to specific users now, so they can be as productive as possible. Data should be personalized and delivered to employees in small, digestible sets. It's easy for IT teams to get lost in the process of building out big data infrastructure and forget that data needs to be usable, actionable and personalized. If IT arms employees with the personalized active data they need, productivity will easily increase. 

How can organizations move beyond emphasizing employee efficiency and move more toward overall effectiveness? 

By building small, task-specific apps that deliver simple solutions to complex problems, it enables employees to be more effective.  A lot of times, employees are overwhelmed by the amount of data buried in their enterprise systems, so they just avoid accessing it. By monitoring for system changes — or “events" — and pushing them proactively to users, versus forcing them to go looking for them, the “micro” approach enables employees to be ahead of the curve. Businesses should focus on the big picture of what they are trying to achieve: a system of engagement that modernizes system interfaces and delivers an effective way to work. 

How do you view the current state of today’s enterprise offerings and how do micro apps come into the picture? 

Today’s offerings are outdated. With the influence of Facebook, Twitter and Instagram on our daily lives, we’ve come to crave that same personalized, mobile feel in our work apps. We aim to transform clunky work apps into usable consumer-feeling apps so employees are more likely to use them. Rather than having to login to multiple systems to access critical data, we surface one-click tasks and actions into a feed for employees. 

What are some real-world examples of administration from an admin/developer perspective? 

On the administration side, there are three examples that are quite nice to share. The first is how we embed SDK's from the leading MDM solutions like AirWatch right into our .war file. This allows administrators to easily deploy and provision their mobile micro apps without having to reinvent the wheel. 

The second is the speed at which developers can work with the lines of business (like marketing and sales) to develop applications that are actually usable. In the past, IT departments would get an application request, go into the bunker and emerge six months later with a "final" product that totally missed the mark - like the remote control with too many buttons to choose from. Now, developers can iterate on an application in real time with their end user in the room. This is allowing IT teams to add value faster by producing products that end users are actually excited to use because they are purposefully built with their input to solve a real problem in their workflow. 

Finally, the dashboard that we provide administrators offers a unique view of the actual usage of the micro apps, their frequency of events, and the response time to these requests for actions - it becomes very easy to identify human bottlenecks in workflows. 

What are some real-world examples of usage from a user perspective? 

A great example comes from the CEO of Super Deluxe, a Turning Broadcasting Company, Wolfgang Hammer, who implemented our platform to improve engagement and to keep multiple teams across the organization informed on the state of current projects. Unfortunately, they had multiple teams who all worked in different silos, which meant information was spread across hundreds of systems. This information sprawl made it difficult to keep teams on top of critical production timelines. 

The team tried tracking apps and software, but they were clunky, slow and often left out key data. By adopting our technology, they were able to quickly unify data across all of their systems and deliver actionable updates to their team via simple, single-purpose apps. Now they have a complete 360 view of every project from production schedules, to finance, to marketing execution. For them, they have been able to remove the human bottleneck of information delivery and get things done faster. Ultimately, we’ve orchestrated their systems to work together, which wasn’t possible before. 

How do micro apps work, in terms of functionality? 

We help organizations provide a single interface to their existing business systems. Each interaction is put into a secure micro app that connect workers and execs with important data and critical workflows. 

We do this by targeting all of the occasional workflows for a given system, and let IT customize the secure apps. So Sapho doesn’t replace the interface for the entire finance system, for example, but what we do is make it really easy for everyone outside the finance department to approve purchase orders and get key metrics from the finance system. 

Can companies build their own micro apps or rely on an available toolbox of apps?

Yes, organizations can leverage both the pre-built templates for various systems that we support (IBM Domino, SAP ERP, Salesforce) and can build their own micro apps with our simple, drag-and-drop app builder. The templates we include provide the most commonly requested micro apps that our customers want to build, such as micro apps for PO and PTO approval. Our micro apps come with the customizable connectors to all of the enterprise systems that are used within an organization. These connectors make it easy to connect to existing systems so that employees can be up and running quickly. 

What is the process for IT decision makers that are considering implementing micro apps into their organization?

Unlike other solutions, ours sits on-premises and connects directly to existing business systems, unifies data, tracks changes, and then surfaces actionable updates to employees. We help triple employee productivity with a system of engagement that modernizes enterprise applications to improve the speed of business. Also, organizations can now build secure, single purpose apps that provide employees with actionable data, tasks and insights from their systems. The result is a set of micro apps that provide proactive notifications, updates and one-click task completion from a variety of device, browser, intranet, email or messaging clients. 

Source: itproporta


Internet browsing has become an essential part of our day-to-day lives, but a lot of the time, we take for granted the software that we use to do it. Web browsers can have a huge impact on the way we perceive the internet, so choosing the right one is vital.

If you’re overwhelmed by the amount of choice on offer, don’t worry. We’ve collated the best options, and assessed them on all the most important criteria.

Note: We tested these browsers on a Windows 7 laptop with 4GB of RAM and an Intel Core-i5 CPU. We’ve also left Safari off this list, as Apple has discontinued Windows support for the browser. 

Microsoft Edge

Microsoft's once-mighty Internet Explorer has finally been put out to pasture. While it's still included with Windows 10, the venerable old browser has been taken out back and given the 'Old Yeller' treatment, replaced as the built-in default by the snazzy new Microsoft Edge.

It's really rather superb, too; an attractive redesign, streamlined functionality and just enough new features to be exciting have made Edge a genuine competitor with Google Chrome and Mozilla Firefox.

We haven't put it through our full suite of benchmarks and stress tests yet, but if you're interested in exactly how is stacks up against its predecessor, here's our head-to-head: Internet Explorer vs Microsoft Edge.

Boot time

Sluggish web browsers can be one of the biggest irritations when you’re busy, so we put them through their paces to work out which one fires up the fastest. We used Passmark’s Apptimer software, opening each browser five times and then averaging out the results.



Chrome has a reputation for speed, and rightly so – it averaged a very nippy opening time of 0.05s. Interestingly enough, however, although Chrome was the fastest, Internet Explorer was hot on its heels, coming in just 0.002s slower. Firefox brought up the rear, with a time of 0.07s.

In practice, we’d defy anyone to notice a substantial difference between them. All of our browsers fired up almost instantly, with no significant lag when switching between pages; they’re basically identical in terms of speed.

Security and privacy

Considering that we live our lives, in many cases, almost entirely online, security is not something that can be ignored. Internet Explorer has possibly the worst track record with breaches, and various flaws in its code have led to repeated vulnerabilities.

However, it has spent a long time improving and has now reached the point where it is no longer the security liability it once was. Microsoft has made continual improvements, and it’s now a reasonably secure bet.

Firefox has a proven commitment to security, with highly-paid bug bounty programmes and reputation as the browser of choice for many infosec professionals. It's also highlighted data protection as a key issue, stating in their corporate manifesto that “individuals’ security and privacy on the Internet are fundamental and must not be treated as optional".

Security-wise, Chrome is among the best browsers out there – the fact that Flash is built-in and automatically updated means that vulnerabilities are kept to a minimum. Unfortunately, its record falls down considerably when it comes to privacy.

It’s no secret that Google is something of a hoarder when it comes to users' information, and it makes full use of Chrome to gather as many details as possible. For example, if you have the Omnibox’s automatic suggestions turned on, anything you type in will be registered and stored by Google, whether you hit enter or not.

There are options to turn tracking and data collection off, but they’re buried in the options, and a more cynical soul might assume that Google doesn’t want you to find them at all. If you’re prepared to sacrifice your personal data on the altar of convenience, it won’t be an issue, but more privacy-conscious users might want to avoid Google chrome.

Update: Google has revealed that it will no longer support web certificates issued by Symantec following an investigation revealing the company improperly issued over 30,000 certificates over the past few years.

In a scathing report by Google's development team, Symantec was found to have repeatedly failed to properly validate certificates, which could potentially allow hackers to snoop on financial transactions or force systems to accept malware laden updates.

"Over the course of this investigation, the explanations provided by Symantec have revealed a continually increasing scope of misissuance with each set of questions from members of the Google Chrome team; an initial set of reportedly 127 certificates has expanded to include at least 30,000 certificates, issued over a period spanning several years," said Ryan Sleevi, a software engineer at Google, writing in a blog post.

When approached with evidence of its failure to abide by Google's standards, Symantec "failed to disclose such information in a timely manner or to identify the significance of the issues reported to them", according to the post. The company also failed to provide timely updates to its community, and despite having full knowledge of the problem, failed to publicly disclose the issue, the post states.

This is a big deal, as Symantec holds over 30% of the entire certification volume online, and a drop of support for these certificates will create a substantial challenge for some website operators in finding alternative solutions.

Symantec has since released a statement in which it "strongly objects" to Google's targetting of its certificates. "This action was unexpected, and we believe the blog post was irresponsible. We hope it was not calculated to create uncertainty and doubt within the Internet community about our SSL/TLS certificates."

"Google's claim that we have mis-issued 30,000 SSL/TLS certificates is not true. In the event Google is referring to, 127 certificates - not 30,000 - were identified as mis-issued, and they resulted in no consumer harm."

"We want to reassure our customers and all consumers that they can continue to trust Symantec SSL/TLS certificates. Symantec will vigorously defend the safe and productive use of the Internet, including minimizing any potential disruption caused by the proposal in Google's blog post," the statement read. 

However Google claims it "no longer has the confidence" to grant Symantec certificates "extended validation", the highest level of trust an authority can receive, and has also proposed a gradual distrust of all Symantec issue certificates, which will need to be replaced over time. To do this, Google will reduce the maximum age a Symantec certificate can have over the course of a number of Chrome builds, limiting their validity period.

Chrome Version                        Validity Period
Chrome 59 (Dev, Beta, Stable)  33 months validity (1023 days)
Chrome 60 (Dev, Beta, Stable)   27 months validity (837 days)
Chrome 61 (Dev, Beta, Stable)  21 months validity (651 days)
Chrome 62 (Dev, Beta, Stable)  15 months validity (465 days)
Chrome 63 (Dev, Beta)               9 months validity (279 days)
Chrome 63 (Stable)                    15 months validity (465 days)
Chrome 64 (Dev, Beta, Stable)    9 months validity (279 days)

The development team will avoid making changes to the stable build of Chrome 63, as this would clash with a holiday production freeze that many companies undergo.

Google is also reducing the maximum validity period for all certificates issued by authorities to nine months, to help limit the impact of improperly issued certificates in the future. Google also believes the new schedule will make web developers aware of the distrust of Symantec certificates, but allow for their continued use if necessary. 

Source: itpro










Analyst note suggests 10th anniversary iPhone may be hard to obtain

Rumours suggest that the iPhone 8 will herald some significant changes when it arrives in September, as Apple prepares to celebrate the tenth anniversary of the iPhone.

The biggest of these will likely be the inclusion of an all-glass display and a revamped home button, as well as beefier hardware and larger base storage.

We're also expecting this year's flagship to be the most expensive smartphone ever made by Apple, likely to exceed the $1000 mark.

Picture above is of 2016's iPhone 7

Latest news
24/03/2017: iPhone 8 stock shortages 'may delay availability'

The iPhone 8 will launch in September, but stock shortages might stop consumers getting their hands on it for weeks or even months afterwards, according to a leaked investor note.

This is according to MacRumors, which obtained a research note penned by Barclays analysts Blayne Curtis, Christopher Hemmelgarn, Thomas O'Malley, and Jerry Zhang. It also said the new iPhone will launch alongside an iPhone 7s and a 7s Plus.

They said: "Suppliers generally had good things to say about the upcoming iPhone 8 launch (for our purposes iPhone 7s, iPhone 7s Plus, and iPhone Pro) as new features drive a more complicated manufacturing process and higher ASPs. We now believe that all three devices will feature wireless charging and will all be launched in the normal September timeframe, although the majority of iPhone Pro volumes may not be available until Q4."

Apple's iPhone launches have taken place every September since the first in 2007, and it looks like the 10th anniversary - the iPhone 8 (also rumoured to be called the iPhone Edition or iPhone Pro) - will also follow suit.

However, as MacRumors pointed out, last year's iPhone 7 Plus Jet Black model was incredibly hard to find in the run up to Christmas, and the Barclays note appears to suggest it will be a similar situation with the iPhone 8.

The news comes after previous suggestions the iPhone 8 may be delayed due to new technologies involved in its construction. A Digitimes report noted that putting Apple's 3D Touch technology in new AMOLED screens would add complexity to the build.

Release date

Apple has always stuck to a September release for its new smartphone flagships, and we have no reason to believe the iPhone 8 will not follow suit. This means we are likely to see a release of the device early in the month, going on sale to the public in late September.

Price

Given that some models of the iPhone 7 Plus can cost up to £920, it is no surprise that the industry is expecting a $1000+ price point for the iPhone 8. Rumours have suggested that Apple are planning to raise the average prices of the new iPhone range, which would make it the most expensive smartphone Apple has ever made.

Rumours also point to three different configurations for the next flagship phone, two of which feature a cheaper to produce LCD screen over the costly OLED variant. This will almost certainly have an affect on final prices.

Specs & hardware

It's highly likely that the iPhone 8 will launch with iOS 11, but as iOS 10 has only been out a few months, its unclear what features a brand new OS would include.

Apple used a quad-core A10 processor in the iPhone 7 range and the company may stick with a quad-core A11 for its next phone. Samsung's activities will not go unnoticed however, as rumours suggest they are planning for an Exynos octa-core chip built using 10nm technology. If true, Apple is unlikely to let itself be out-gunned.

While the iPhone 7 was limited to just 2GB RAM, it is very likely that Apple will want to beef up the iPhone 8 to either 3GB or 4GB.

Apple may also be about to phase out the 32GB storage option for this generation, according to a recent report by TrendForce, in favour of 64GB and 256GB configurations.

Display

One of the first rumours to circulate about the iPhone 8 was the inclusion of an all-glass OLED display. What is uncertain is whether this screen will be curved, as one report from the Wall Street Journal claimed it would be, only to be contradicted by the research report by TrendForce citing poor production yield and failed drop test results.

What we can say is that this model will be its premium version, and it is very likely that two other models will hit the market at the same time offering cheaper LCD screens. On the face of things this could be seen as a move by Apple to offer greater variety and pricing options for its customers, although what is more probable is that Apple is suffering from a severe supply shortage of OLED screens.

The iPhone 8 is also likely to be closer to the iPhone 7 Plus in terms of size, and although the new design will shave off some inches by removing the top and bottom bezels, the actual phone size will remain relatively the same.

A number of scanners are set to feature with the new display, including a built in finger print scanner and a new iris scanner for facial recognition.

Battery

Apple may finally add support for wireless charging with the iPhone 8, following news that Foxconn is researching the technology for Apple devices.

What this will look like is unclear, as Apple could build on the technology to provide true wireless charging with 15ft of contactless support. Although there have been no official statements, Energous, the company behind the technology, has stated it is working alongside a larger consumer electronic company planning to release a new product at the end of 2017. The research group itself has received $10 million in investments from Dialog Semiconductor, a company largely affiliated with Apple, according to BGR.

'Ultimate Accessory Connector' (UAC)

A new connector type is rumoured to be making its way to iPhone 8 accessories. The UAC, which will feature on all accessories and devices made through Apple's 'Made-for-iPhone' programme, and promises to be an eight-pin connection that is smaller and thinner than USB-C and Lightning.

Colours

A Chinese supplier recently revealed that the new range of iPhones will feature the same colours as the current models, including Silver, Gold, and Rose Gold, according to a report by Macotakara. Although simply an uncorroborated report at this stage, the typically reliable source also pointed to a replacement to the current Space Grey option, potentially with a Deep Blue, Space Black, or a Deep Red.

Source: itpro



Encryption might seem like an easy target, but mess with it at your peril

It seems that encryption has been firmly established as the whipping boy du jour for pearl-clutching, public-safety panic merchants. Specifically, it’s encrypted messaging services like WhatsApp and iMessage that have found themselves in the crosshairs.

Following last week’s terror attack by the Houses of Parliament, it has emerged that the killer was communicating with someone via WhatsApp in the moments preceding his assault. It has been speculated – although not confirmed – that he may have been in contact with someone who conspired with him to plan the attack, although this afternoon the Met Police have said there’s no evidence he was directed by Islamic State.

This has fuelled fresh calls to severely weaken or outright ban the use of encryption by such services to secure their messages, echoing last year’s fierce debate over whether or not Apple should hack the iPhone of the San Bernardino killer. It’s worth noting at this point that even though a third-party company did eventually hack into Syed Farook’s phone, there is no indication that it offered any actionable intelligence.

Nevertheless, home secretary Amber Rudd and other Tory MPs are using this tragedy as an excuse to castigate and demonise encryption, with talk of coercing tech companies into installing backdoors into their code. It’s not the first time the government has proposed this, either; it was included in early versions of the Snooper’s Charter, but was ultimately dropped from the bill.

Naturally, the idea of messing with encryption has got the tech sector up in arms. Critics have called it “deeply misguided” and other (less printable) things. Supporters of the plan say that spies need to be able to read the messages of terror suspects, but experts are queuing up to tell Rudd and the rest of the anti-crypto club that technology simply doesn’t work that way.

In an exchange that would be funny if it weren’t so deeply depressing, Conservative MP Nadine Dorries made the case that WhatsApp should “develop a terrorist related exception” to encryption technology - presumably this is some kind of Java-based magic wand that would allow GCHQ to hack only the ‘baddies’.
This, along with Rudd’s laughable quote that we need people who “understand the necessary hashtags”, betrays a deep lack of technological knowledge throughout government. Of course, one would hope that the country’s elected leaders have better things to do than immersing themselves in the finer points of C++ and Python, but on the other hand, having one of the country’s top ministers saying things like “we don’t want to go into the cloud” is embarrassing, especially when she clearly doesn’t have the faintest idea what it means.

The experts are right, of course; if government spooks can read the WhatsApp messages of one terrorist, they can read the messages of everyone, from the 12-year-old at the bus stop all the way to the Pope. (This is assuming he doesn’t use a rival app, of course - PopeChat, perhaps.)

This is troubling for a number of reasons, most notably from a privacy standpoint. Naturally, the public has been assured that they won’t be covertly spied on by the intelligence services, who pinkie-promise that they’d only look at terrorists’ communications. We’re expected to take this on faith, but incidents like the Snowden leaks suggest that perhaps the government’s methods aren’t always unimpeachable.

We’ve also got to consider what future governments could do with any anti-encryption laws. If an anti-democratic, fascistic party found itself in power, for example, these laws could be very easily used to identify and round up immigrants, LGBTQ people and other ‘undesirables’. It’s a lot easier to grant powers than it is take them away and this goes double when applied to governments.

Here’s the thing, though: aside from the many legal, political and ethical issues with installing backdoors into services like WhatsApp, the biggest problem is practical. The fact is, there’s simply no way to block the use of encryption on a technical level. Theresa May could force WhatsApp to stop encrypting its messages, but how long do you think it would take terrorists to simply switch to a different app?

If there’s one thing you learn on the internet, it’s that there’s always a workaroundNot only are there innumerable encrypted chat apps available for web and mobile devices, there’s also plenty of free resources online to help you build your own, meaning that even an outright ban on encryption wouldn’t work. If there’s one thing you learn on the internet, it’s that there’s always a workaround.

Any steps to weaken the encryption of WhatsApp and other services would almost certainly do nothing to help fight terrorism. Instead, all it’s likely to do is force terrorists to use even less visible means of communication, whilst simultaneously putting the safety and privacy of innocent people at risk.

Despite the repeated protestations of the security and technology communities, the government continues to revisit this stunningly ignorant and fundamentally flawed plan. Before it goes any further, you should know that Rudd and her cronies aren’t just declaring war on WhatsApp - they’re endangering your freedoms too.

Source: itpro


Samsung hopes to refurbish the 2.5 million Galaxy Note 7 devices that it recalled after a battery fault led to some catching fire.

If local authorities and carriers agreed, and there was demand, it may then resell the phones, Samsung said.

It also unveiled two other proposals for recycling the devices, including detaching the components and retrieving the hardware's precious metals.

Samsung had faced pressure from environmental campaigner Greenpeace.

The organisation had lobbied the technology giant over its plans for the devices, launching a petition and staging global protests including at the Mobile World Congress event.


"While we welcome this news, Samsung must share as soon as possible more detailed timelines on when it will implement its promises, as well as how it intends to change its production system to make sure this never happens again," said Greenpeace East Asia campaigner Jude Lee.

Samsung said it would have to liaise with "regulatory authorities and carriers" and measure local demand before determining where and when refurbished handsets would be released.
The company is set to launch a new device on Wednesday 29 March.

Source: BBC

System for disguising database queries could prevent customer profiling and price gouging.


Most website visits these days entail a database query -- to look up airline flights, for example, or to find the fastest driving route between two addresses.

But online database queries can reveal a surprising amount of information about the people making them. And some travel sites have been known to jack up the prices on flights whose routes are drawing an unusually high volume of queries.

At the USENIX Symposium on Networked Systems Design and Implementation next week, researchers from MIT's Computer Science and Artificial Intelligence Laboratory and Stanford University will present a new encryption system that disguises users' database queries so that they reveal no private information.

The system is called Splinter because it splits a query up and distributes it across copies of the same database on multiple servers. The servers return results that make sense only when recombined according to a procedure that the user alone knows. As long as at least one of the servers can be trusted, it's impossible for anyone other than the user to determine what query the servers executed.

"The canonical example behind this line of work was public patent databases," says Frank Wang, an MIT graduate student in electrical engineering and computer science and first author on the conference paper. "When people were searching for certain kinds of patents, they gave away the research they were working on. Stock prices is another example: A lot of the time, when you search for stock quotes, it gives away information about what stocks you're going to buy. Another example is maps: When you're searching for where you are and where you're going to go, it reveals a wealth of information about you."

Honest broker

Of course, if the site that hosts the database is itself collecting users' data without their consent, the requirement of at least one trusted server is difficult to enforce.

Wang, however, points to the increasing popularity of services such as DuckDuckGo, a search engine that uses search results from other sites, such as Bing and Yahoo, but vows not to profile its customers.

"We see a shift toward people wanting private queries," Wang says. "We can imagine a model in which other services scrape a travel site, and maybe they volunteer to host the information for you, or maybe you subscribe to them. Or maybe in the future, travel sites realize that these services are becoming more popular and they volunteer the data. But right now, we're trusting that third-party sites have adequate protections, and with Splinter we try to make that more of a guarantee."

Division of labor

Splinter uses a technique called function secret sharing, which was first described in a 2015 paper by a trio of Israeli computer scientists. One of them, Elette Boyle, earned her PhD at MIT studying with RSA Professor of Computer Science and Engineering Shafi Goldwasser, a 2013 recipient of the Turing Award, the highest award in computer science. Goldwasser, in turn, is one of Wang's co-authors on the new paper, along with Vinod Vaikuntanathan, an MIT associate professor of electrical engineering and computer science (EECS); Catherine Yun, an EECS graduate student; and Matei Zaharia, an assistant professor of computer science at Stanford.

Systems for disguising database queries have been proposed in the past, but function secret sharing could make them as much as 10 times faster. In experiments, the MIT and Stanford researchers found that Splinter could return a result from a database with millions of entries -- including a duplicate of the Yelp database for selected cities -- in about a second.

With function secret sharing, a database query is converted into a set of complementary mathematical functions, each of which is sent to a different database server. On each server, the function must be applied to every record in the database; otherwise, a spy could determine what data the user is interested in. Every time the function is applied to a new record, it updates a value stored in memory. After it's been applied to the last record, the final value is returned to the user. But that value is meaningless until it's combined with the values reported by the other servers.

Splinter represents several key elaborations on previous work on function secret sharing. Whereas earlier research focused on concealing simple binary-comparison and addition operations, Splinter executes more complex operations typical of database queries, such as finding a specified number of records with the highest or lowest values for some variable -- such as the 10 lowest fares for a particular flight itinerary. The MIT and Stanford researchers had to devise cryptographic functions that could perform all the comparing and sorting required for ranking results without betraying any information.

Practical considerations

Splinter has also been engineered to run efficiently on real database systems. Most modern computer chips, for instance, are hardwired to implement the encryption scheme known as AES. Hardwiring makes AES hundreds of times faster than it would be if it were implemented in software, but AES has some idiosyncrasies that make it less than ideal for function secret sharing. Through a clever combination of software processes and AES encryption, the MIT and Stanford researchers were able to make Splinter 2.5 times as efficient as it would be if it used the AES circuits alone.

"There's always this gap between something being proposed on paper and actually implementing it," Wang says. "We do a lot of optimization to get it to work, and we have to do a lot of tricks to get it to support actual database queries."

Source: Massachusetts Institute of Technology



WikiLeaks began publishing a cache of data pilfered from the CIA several weeks ago, and the process isn’t anywhere close to over. The last round of leaks covered the covert tools used by the CIA to exploit Android, Windows, and other platforms. This time it’s Apple’s turn in the spotlight. The “Dark Matter” documents describe how the CIA has sought to crack Apple’s products, including the MacBook and iPhone.
As with the previous dump of CIA documents, these are all about five to seven years old. They likely have little relation to what the agency is using now to gain access to devices. Still, it’s interesting to see what technological spycraft looks like, even if it’s a little out of date.
On the MacBook side of things, the CIA had several tools aimed at breaking the security model of OS X circa 2008. One tool was known as Sonic Screwdriver (the CIA likes Doctor Who references) that enables agents to bypass the firmware password on the computer as it boots. Sonic Screwdriver can be introduced via a Thunderbolt or USB port, allowing the installation of other tools on the device without the user’s knowledge.
There are also the Triton and Der Starke packages for the MacBook. They both do similar things when infiltrated into the firmware of a Mac. The both give the CIA access to all the files and activities on your computer, and they’re undetectable by anti-malware apps. Sonic Screwdriver is an ideal way to deliver these tools to a target machine.
It’s unclear if the above MacBook tools still function, but I doubt it. One tool that’s almost certainly dead is DarkSeaSkies, which was developed exclusively for the original MacBook Air in 2009. This tool is also installed in firmware to spy on the user, but it was much less elaborate. The CIA likely moved on to Triton and Der Starke.

The only document that covers the iPhone is from 2008, which was shortly after the device debuted. It focuses on the iPhone 3G (the second iPhone ever) with iOS 2.1. It’s called NightSkies, and again it requires physical access to the device. It remains dormant until it detects user activity, then pings a control server. The remote operator can use NightSkies to steal files, monitor user activity, and even block encryption for secure communications.
All these leaks come from the operational manuals, which don’t include technical details of the hacks. WikiLeaks has promised to provide technical details to affected companies, but thus far that hasn’t happened. WikiLeaks is reportedly insisting on onerous conditions before anything is discl
Source: extremetech

MARI themes

KZMZ. Powered by Blogger.