Data security Archive

What can be done to support secure email?

Personal and business Internet users are showing interest in the concept of secure email. This is to assure that confidential emails only end up being viewed by the eyes of their intended recipients.

It is being driven by issues relating to confidential personal and business information being leaked to the Web along with a common personal worry regarding government surveillance in the age of terrorism and extremism. Along with this, activists, journalists and the like are wanting to rely on secure communications to pass through critical information in areas that are hostile to freedom of speech and the press. In some cases, people travelling through countries known to be hostile to freedom of speech like Russia and China have been encouraged to keep their data highly secure due to the espionage taking place in these countries.

Compose Email or New Email form

More work needs to be done on secure email

There is a slow increasing prevalence of secure email platforms appearing on the Web. These platforms such as the Swiss-based ProtonMail and the secure iteration of Google’s GMail service are dependent on a Web-based user interface. Along with this, most of us are implementing instant-messaging platforms like WhatsApp, Viber and Telegram to send personally-confidential material to each other.

But they offer a series of features intended to assure personal privacy and corporate data security. They offer end-to-end encryption for the emails at rest (while they are on the servers pending delivery) and in transit (while they are being moved between servers). They also offer the ability for users to send seif-destructing emails that don’t stay in the recipient’s or the sender’s storage space after they are read unlike with conventional emails which stay in the user’s storage space after being sent or read. These self-destructing emails cannot even be forwarded to others or printed out (although it could be feasible to take a screenshot of that email and print or forward it). Some of these setups even have the ability to detect screenshots and let the sender know if the recipient took one of a confidential email. As well the metadata about the emails isn’t held on the servers.

But there are current limitations associated with these services. One of these is that the privacy features are only available to users who subscribe to the same email platform. This is because the common standards for secure email such as S/MIME, PGP and GnuPG only support basic key-based encryption and authentication abilities and the common email protocols like IMAP and POP3 don’t support email-handling control at the message level. As well, these services rely on a Webmail interface and require users to click on links sent as part of standard emails to view the secure messages if they aren’t part of that system.

There are certain features that need to be added to IMAP4 to allow for secure email handling. One of these is to permit message-level email control to permit self-destructing emails and to allow the sender to limit how the recipient can handle the messages. But the message-control features may run against legal-archive and similar requirements that will be asked of for business correspondence. In this situation, there may be the ability to indicate to senders or recipients if the emails are being archived as a matter of course and message-level email control can’t be assured.

Of course this may be about a newer feature-level email standard, preferably open-source or managed by many in computing academia and industry, to add this kind of secure email control.

Then there is the requirement to encourage the use of encrypted-email / authenticated-email standards like S/MIME or PGP within email endpoints, both Web-based and client-based. It will also include the ability for users to create asymmetrical key pairs and store their correspondents’ public keys in their contact manager software. There will also have to be the ability to support automated public-key discovery as a new contact is added, something currently feasible with encrypted messaging platforms that maintain their own contact directory.

Other questions that will come up in the course of building a secure email ecosystem is how the encryption keys are stored on the end-user’s system and whether an end-user needs to create new encryption keys when they change devices along with how to store them securely. This can be of concern with most computer users who typically maintain multiple devices, typically a smartphone along with a regular desktop or laptop computer and / or a tablet of the iPad ilk. Similarly there is the fact that one may not have the same computing device for the long haul, typically due to replacing one that has broken down or upgrading to a better-performing device.

There will also have to be the issue of security and portability thanks to issues like users temporarily using different computer devices such as friends’ computers, work / school computers or public computers. Here, it may be a question about where contact-specific encryption keys are held, whether on a server or on removable media along with how email sessions are handled on these temporary setups.

What will need to happen is for email platforms to support various secure-messaging features in a manner that can exist on a level playing field and without the need for correspondents to be on the same provider.

Send to Kindle

Fingerprint scanning now available as a reasonably-priced add-on for your computer

Article

Fujitsu Lifebook S-Series SH771 trackpad and fingerprint reader

Fingerprint readers like what this Fujitsu laptop is equipped with are now available at a reasonable price for your existing computer

Best fingerprint scanners that let you use Windows Hello on older PCs | Windows Central

My Comments

I have reviewed a significant number of laptop computers, usually business-grade laptops, that have come with integrated fingerprint readers. This is a feature that is becoming common with premium and business-grade laptops but is also showing up on premium-grade smartphones and tablets.

Here, this allows you to scan your finger to log in to your device, with it able to be used as an additional authentication factor or as the only authentication factor. During my tenure with the various fingerprint-reader-equipped laptops, I set things up so that I log in to these computers using my fingerprint and this provided an effectively simplified but secure login experience to the system and online services like Facebook.

But you can have this with your existing Windows computer thanks to add-on fingerprint scanners that are reasonably priced. Similarly a fingerprint-reader attachment may be the answer if your have a computer with an integrated fingerprint reader but this has failed or has compatibility issues with Windows 10.

Previously, purchasing a fingerprint scanner for your desktop or existing laptop was about buying a piece of overpriced hardware pitched for larger enterprises who care about their security. As well, there was the risk of compatibility issues with these devices and the operating system.

Now these reasonably-priced devices called out in the Windows Central article are designed to work out of the box with Windows 10 especially with its class drivers and Hello simplified-login functionality. In most cases, these devices are a single-piece device that plugs in to the host computer’s USB port. This can work well for most laptop users and could work well with a desktop computer if you use a USB hub or a directly-connected peripheral that has USB hub functionality and at least one USB port flush with its outer surface.

The BIO-Key EcoID device exists on the end of a USB cable which would be a boon for desktop users but may be considered as something that gets in the way for laptop users. It also has the one-touch scan setup which is a similar user experience to what happens for smartphones or recent-issue laptops like the Dell XPS 13 2-in-1 convertible Ultrabook.

All of these USB fingerprint readers listed in the article are available through Amazon with most of them retailing for between AUD$30-AUD$45 per unit. At least it is a way to set up your existing Windows 10 computer for one-touch secure logon without needing to fork out for a business-grade laptop. You also then have that same level of security if you bought a business-grade laptop with this feature but you want to equip your desktop PC or gaming rig with this level of security.

Send to Kindle

You can find out what Alexa has recorded

Article

Amazon Echo on kitchen bench press photo courtesy of Amazon USA

You can find out what Amazon Alexa has recorded through your Echo device

How To Find Out What Your Alexa Is Recording | Lifehacker

My Comments

Recently, the computer press went in to overdrive about an Amazon Echo setup that unintentionally recorded and forwarded a family’s private conversation and forwarded it to someone in Seattle. Here, the big question that was asked was what was your Amazon Echo or similar smart speaker device recording without you knowing.

Amazon Echo, Google Home and similar voice-driven home-assistant platforms require a smart speaker that is part of the platform to hear for a “wake word” which is a keyword that wakes up these devices and has them listening. Then these devices capture and interpret what you say after that “wake word” in order to perform their function. One of the functions that these devices may perform is audio messaging where they could record a user’s message and pass that message on to another user on the same platform.

I had previously covered the issue of these voice-driven assistants being at risk of nuisance triggering including mentioning about the XBox game console supporting a voice assistant that triggered when an adman on a TV commercial called out a spot-special for the games console by saying “XBox On Sale” or “XBox On Special”.

Here, I recommended the use of a manual “call button” to make these devices ready to listen when you are ready or a “microphone mute” toggle to prevent your device being falsely triggered. As well, I recommended a visual indicator on the device that signals when it is listening. This is a practice mainly done with voice-assistant functionality that is part of a video peripheral’s feature set or software that runs on a platform computing device. Google’s Home smart speaker instead uses the microphone-mute button to allow you to control its microphone.

But you can check what Alexa has been recording from your Amazon Echo or other Alexa-compatible speaker device and delete private material that she shouldn’t have captured. This is also useful if you are troubleshooting one of these devices, identifying misunderstood instructions or are developing an Alexa Skill for the Alexa ecosystem.

  1. Here you launch the Amazon Alexa mobile-platform app on your smartphone. If you are using the Amazon Alexa Website (http://alexa.amazon.com) as previously mentioned on this site, there is a similar procedure to go about identifying your Amazon Echo sessions.
  2. Then you tap on the hamburger-shaped “advanced operation” icon on the top left of your screen.
  3. Tap on Settings to bring up a Settings menu for your setup. Go to the History option in the Alexa Account section of that menu.
  4. Here, you will see a list of interactions with any Alexa-ecosystem hardware or software front-end related to your Amazon account. These will be categorised by what has been understood and what hasn’t been understood. There is an option to filter the interaction list by date, which is handy if you have made heavy use of your Amazon Echo device through the months and years.

You can play each interaction to be sure of what your Alexa device or software has recorded. With these interactions, the current version of the interface only allows you to delete each unwanted interaction on by one. The effect of the deletion is that the interaction, including the voice recording, disappears from your account and the Amazon servers. But this could degrade your Amazon Alexa experience due to it not having much data to work on for its machine-learning abilities.

Here, at least with the Amazon Alexa ecosystem, you have some control over what has been recorded so you can remove potentially-private conversations from that ecosystem.

Send to Kindle

YouTube Video–ABCs Of Bullying (Dealing with the online bully)

Video – Click or Tap to View

My Comments

This video has summarised in an “ABC” form about how you can deal with unsavoury videos and comments that appear on the YouTube platform. But a lot of concepts being explained here can also apply to Facebook and other platforms on the Social Web where similar activity does take place.

The issues raised here can easily affect children, teenagers and adults alike in all community groupings and is more important where, for example, YouTube is being used to effectively pillory a person or group. It is infact worth viewing this video yourself or having your children view this especially when they are regularly starting to use YouTube or similar social-media platforms regularly.

Send to Kindle

Most iPhones and iPads now in circulation to be safe from the KRACK exploit

Article

Apple iPad Pro 9.7 inch press picture courtesy of Apple

Most iPads and iPhones updated to iOS 11.2 now safe from the KRACK exploit

Apple fills the KRACK on iPhones – at last | Naked Security

Previous Coverage

KRACK WPA2 Wi-Fi vulnerability–what is affected

My Comments

There has been intense computing-press coverage regarding the KRACK WPA2 exploit against otherwise-secure Wi-Fi wireless network segments. As my previous coverage highlighted, most of the major regular-computer and mobile operating systems were updated to rectify the vulnerability associated with this exploit.

Check the Settings App on your iPhone for the update

But, as I called out in the article, the iOS 11.1 update that Apple rolled out for their iPhones and iPads only remediated the vulnerability on certain newer devices. Here, it was ignoring a larger installed base of iPhones, iPads and iPod Touches by not providing the remediation for devices earlier than the iPhone 7 or the iPad Pro 9.7 (2016).

Now Apple has rolled out the iOS 11.2 update to extend this remediation to more iOS devices in the field. These include:

  • iPhone 6 encompassing the S and Plus variants, the iPhone SE, the iPhone 5S,
  • 12.9” iPad Pro (1st generation), the iPad mini 2 and its successors, the iPad Air, the iPad (5th generation)
  • iPod Touch (6th generation)

Here, it means that those commonly-used recent iPhones and iPads are now safe against the KRACK exploit. Check your Settings app on your iOS device to be sure it is up to date with this patch.

Send to Kindle

Another attempt at security for the Internet Of Things

Article

Google and others back Internet of Things security push | Engadget

My Comments

An issue that is perplexing the personal-computing scene is data security and user privacy in the context of dedicated-function devices including the Internet Of Things. This has lately come to the fore thanks to the KRACK WPA2 wireless-network security exploit which mainly affects Wi-Fi client devices. In this situation, it would be of concern regarding these devices due to the fact that the device vendors and the chipset vendors don’t regularly update the software for their devices.

But ARM Holdings, a British chipmaker behind the ARM RISC microarchitecture used in mobile devices and most dedicated-function devices has joined with Google Cloud Platform and others to push for an Internet-Of-Things data security platform. This is very relevant because the ARM RISC microarchitecture satisfies the needs of dedicated-function device designs due to the ability to yield greater functionalities using lean power requirements compared to traditional microarchitecture.

Here, the effort is centred around open-source firmware known as “Firmware-M” that is to be pitched for ARMv8-M CPUs. The Platform Security Architecture will allow the ability for hardware / software / cloud-system designers to tackle IoT threat models and analyse the firmware with a security angle. This means that they can work towards hardware and firmware architectures that have a “best-practice approach” for security and user-friendliness for devices likely to be used by the typical householder.

There is still the issue of assuring software maintenance over the lifecycle of the typical IoT and dedicated-function device. This will include how newer updated firmware should be deployed to existing devices and how often such updates should take place. It will also have to include practices associated with maintaining devices abandoned by their vendors such as when a vendor ceases to exist or changes hands or a device reaches end-of-life.

But at least it is another effort by industry to answer the data-security and user-privacy realities associated with the Internet Of Things.

Send to Kindle

KRACK WPA2 Wi-Fi vulnerability–what is affected

Telstra Gateway Frontier modem router press picture courtesy of Telstra

A wireless router set up in the ordinary way as a base station or hub for your home network isn’t at risk of the KRACK exploit

The computing press has been awash with articles regarding a recently-discovered security vulnerability that affects Wi-Fi wireless networks. This vulnerability, known as KRACK, compromises the authentication process associated with the WPA2 security protocols that most Wi-Fi home and business networks implement.

What is affected

But it mainly affects client devices like laptops, smartphones and the Internet of Things which connect to Wi-Fi networks using WPA2 facilitated through software that isn’t patched against this risk.

It also can affect Wi-Fi infrastructure devices that serve as a repeater or client-side bridge in a Wi-Fi wireless network segment – this encompasses Wi-Fi client bridges used to connect desktop computers or smart TVs equipped with Ethernet connectivity to a Wi-Fi network, Wi-Fi repeaters, distributed-Wi-Fi setups and mobile devices implementing “bridge-to-Wi-Fi” functionality.

Data security risks

The security and privacy risk occurs at the media level of your network connection which would represent the Wi-Fi wireless link to the access point / router.

If you use higher-level encryption protocols like gaining access to Internet resources through SSL / TLS encryption which includes “https” Webpages, implementing a client-based VPN or using IP telecommunications apps that implement end-to-end encryption, you have reduced the risk factor for your data security that the KRACK vulnerability poses. Access to LAN-based resources like your NAS or printer from within your network can be a risk with Wi-Fi clients that aren’t patched to mitigate this risk as with unencrypted Internet resources.

Current remediation efforts

This situation has been rectified for regular computers running Windows 7 onwards through a patch that Microsoft rolled out as part of the October 10 security update. Here Microsoft didn’t disclose this vulnerability until there was a chance for all of industry to have patches in beta testing or “ready to roll”.

Just lately (1 November 2017 AEDT) Apple released patches for MacOS High Sierra, Sierra and El Capitan versions; and iOS 11.1 (iPhone 7 onwards, iPad Pro 9.7″ (2016) onwards); tvOS 11.1 (4K Apple TV onwards) and watchOS 11.1 to address this issue.  The Intego Mac Security Blog post that I culled these details from was miffed about the fact that the large number of iPhone 6 and earlier devices that are still in operation have not been addressed. I would also extend this concern to the older iPad and iPod Touch devices that are also in operation such as those iPod Touches the kids use or the iPad in your living room.

On December 2 2017 US PT, Apple released the iOS 11.2 update which provided this protection for iPhone 5S, iPhone SE and all model variants of the iPhone 6. This update also applies to the 12.9″ iPad Pro (1st generation), the iPad (6th generation), the iPad Air, the iPad Mini 2 onwards; and the iPod Touch (6th generation).

Other regular-computer and mobile operating systems are being updated with security patches that are coming online through the next two months or are already online.

There will also be various pieces of client-side security software that will be updated with extra code that provides extra defence against the KRACK Wi-Fi vulnerability for both the software and the host computer.

The devices you will find as having a strong risk factor for your network are “dedicated-purpose” network devices like Internet AV devices, “smart-home” devices, videosurveillance cameras and the like that don’t benefit from regular firmware updates. This will mainly affect those devices that manufacturers are declaring “end-of-support” on or a lot of “white-box” devices sold by multiple vendors. But check your devices’ manufacturers’ Websites for new firmware that will patch the device against this vulnerability.

This will not affect the typical home or other small network that is based around a wireless router. Nor will it affect networks that implement multiple Wi-Fi access points connected to a wired (Ethernet or HomePlug) backbone. This is because you are dealing with devices that serve as a Wi-Fi base station for that particular wireless network segment.

But if you have Wi-Fi infrastructure devices using some sort of repeater or bridge functionality, check with the vendor for a firmware update for your device.

As well wireless router and access-point manufacturers, especially those courting the business and allied markets, will offer newer firmware to harden their devices against the KRACK vulnerability.

Remember that well-designed devices will implement at best an automatic software-update process or you may have to visit your device’s Settings, Setup or Configuration menu to download new firmware.

As well, the Wi-Fi Alliance have updated their certification tests for network hardware to be sure that such hardware isn’t vulnerable to this risk. These certification tests will be required before a product can show the Wi-Fi Certified logos and will affect products being introduced from this month onwards.

Keeping your network secure until new software is available

If you run Wi-Fi network infrastructure hardware that implements repeater or bridge functionality, disable the Wi-Fi client mode or repeater mode on these devices until your device is running firmware hardened against this vulnerability.

HomePlug AV adaptor

The HomePlug powerline adaptor can help with mitigating risks associated with the KRACK WPA2 Wi-Fi network vulnerability

You may also have to set up your home network with multiple access points linked to a wired backbone as the preferred way to extend the network’s coverage or reach to another building as has been done with this man-cave. A good example of this is to use a HomePlug wireless access point kit which uses your home’s AC wiring for this purpose. If you use a “Mi-Fi” mobile router that supports Wi-Fi data offload, disable this functionality until it is loaded with the latest secure firmware.

Similarly, use a wired network connection such as Ethernet or HomePlug to connect sessile devices like desktop computers, Smart TVs, printers and the like to your home network. This may not be feasible with those devices that only support Wi-Fi connectivity as their network-connection option.

Conclusion

You can mitigate the risk of the KRACK WPA2 Wi-Fi network vulnerability as long as you keep your computer equipment running software that is patched with the latest security updates.

If you use Wi-Fi infrastructure devices that work as a Wi-Fi client like repeaters or client bridges, these have to be updated with the latest firmware from their vendor. As well, use of wired backbones and access points for expanding your home network’s coverage will achieve the proper level of security against this risk if you are dealing with client-capable Wi-Fi infrastructure devices that aren’t updated with the latest software.

Let’s not forget that higher-level encryption protocols like SSL or client-side VPNs do mitigate the risk of data theft through this vulnerability.

Updated (1 November 2017 AEDT) to reflect the latest concerning what is happening with the Apple platforms.

Updated (11 December 2017 AEDT) to reflect the increased number of iPhones and iPads protected against the KRACK exploit by the iOS 11.2 update

Send to Kindle

Controlled folder access to come to Windows 10 soon

Articles 

Windows 10 preview build protects your files from ransomware | Engadget

Windows 10 will hide your important files from ransomware soon | The Verge

Microsoft previews new ransomware protection feature | Bit-Tech

From the horse’s mouth

Microsoft

Windows Experience blog post

My Comments

If you have heard the news over the last few month, you will have heard about ransomware activity in the form of the WannaCry and Petya ransomware variants getting at major installations including the NHS and the Victorian traffic-camera infrastructure.

But Microsoft has attacked this problem in a different way by providing application-level control for the next major update for Windows 10 – the Fall Creator’s Update. It is part of refining the Windows Defender security software that is part of the operating system for improved business-tier data security.

It is a very similar process to what Android and iOS do in relation to allowing the user to control what apps have access to what resources and features on their smartphone or tablet. It is also in contrast to how regular-computer operating systems work when it comes to controlling the level of access granted to a computer’s file system, where users or groups of users are typically granted particular levels of access to folders or files.

Here, once you enable the Controlled Folder Access function, applications can’t add, modify or delete files in folders where this control exists unless the app is part of a user-defined whitelist.  The routine for adding an app to the whitelist will be very similar to what you do on your iPhone or Android phone when it comes to allowing that app you newly downloaded to have access to a particular resource on your smartphone and could occur during installation or when you first use that app after enabling Controlled Folders.

By default, this feature would be enabled for the Documents, Desktop, Pictures and Videos folder trees but you can enable this feature for other folders such as “ad-hoc” work folders created on the system disk or other fixed storage on your system. I am not sure is this is also to apply to removable storage like USB hard disks, USB memory keys or SD cards, or whether this can also apply to network and online storage like your NAS shares or your Dropbox folder.

A question that can also be raised is whether the Controlled Folder feature will also provide a way to limit access to other system resources by apps. Here, it could range from access to network and Internet resources to prevent spyware from “phoning home” or to limit access to your computer’s Webcam and microphone to limit use of these resources as a surveillance tool.

Send to Kindle

Security flaw found in HP laptop audio driver software–how to fix it

Article

HP Elitebook Folio laptop press picture courtesy of HP

Check that your driver software is up to date on these HP business laptops.

HP issues fix for ‘keylogger’ found on several laptop models | ZDNet

Keylogger Found in Audio Driver of HP Laptops | BleepingComputer

From the horse’s mouth

Hewlett-Packard

Download site – identify your computer’s model number in the form on this site to obtain a list of the relevant software

My Comments and further information

Just lately, a security weakness had been found in the Conexant HD Audio driver software that was delivered to a large number of recently-issued HP business-tier laptop computers. It may also affect some of their consumer-focused laptops that run this driver. Let’s not forget the reality that some of you may have one of the affected HP business laptops as a consumer-tier computer, perhaps due to buying an ex-lease or surplus unit. This weakness affects driver versions 10.0.46 and prior versions.

The problem manifests with the MicTray64 program that comes with this software package. Here, it is a keyboard monitor that listens for particular keystrokes in order to allow the user to control the computer’s integrated microphone. But, thanks to debug code being left in the production release of this software, the software becomes a keylogger, writing keystrokes to a cleartext logfile (MicTray.log) in the Users\Public folder on the computer’s system drive.

But what is a monitor program for those of you who want to know? It is a program that “listens” to activity from or to a peripheral for a particular event then instigates a pre-defined activity when a particular event occurs. In most cases, you see these programs in operation when you use a printer or scanner with your computer and they show up a print-job status message when you print or catch scan jobs you started from your scanner’s control surface.

If you have this version of the Conexant HD Audio driver software on your HP business laptop, you may have to use Task Manager to kill the MicTray64 keyboard-monitor process, as well as removing it from the Scheduled Tasks list. It may also be worth moving the MicTray64.exe file out of the Windows\System32 folder and the MicTray.log file out of the Users\Public folder on the system disk to somewhere else on your computer’s file system and see if the computer is still stable and, if so, delete those files.

An update that rectifies this problem has been made available on the HP.com driver download site but should also be made available through Windows Update. This will be available on Wednesday 10 May 2017 (US Pacific Time) for those machines made since 2016 and on Friday 12 May 2017 (US Pacific Time) for systems made during 2015.

HP may have software installed on these systems to check for newer versions of the software drivers, which may simplify the process of updating your computer’s drivers and firmware.

This is endemic of a situation where driver software and system firmware is rushed out the door without being checked that it is production-ready and good-quality software. This software ends up as part of the distribution software image that comes with newer computer equipment, including appearing on the recovery partition of your computer’s system disk.

A good practice is to regularly check your computer manufacturer’s Website for newer drivers and firmware for your computer at regular intervals and install this software. This practice will allow you to have a computer that runs in a more secure and stable manner, perhaps gaining some extra functionality that answers current requirements along the way.

Send to Kindle

HP to introduce virtual-hardware security for Web browsing

Article

HP Elitebook x360 G2 press picture courtesy of HP USA

HP Elitebook x360 G2 – to be equipped for Sure Click

HP hardens EliteBook protection with Sure Click, a browser secured in virtual hardware | PC World

From the horse’s mouth

HP

Press Release

Bromium

Press Release

Video explaining the Bromium micro-virtualisation approach (Click / Tap to play)

My Comments

A very common attack gateway that has been identified for endpoint computing devices, especially regular desktop or laptop computers, is the Web browser. It is because the browser is essentially the “viewport” to the Internet for most reading-based tasks.

But most recent browser versions have implemented software-based “hardening” against the various Internet-based attacks. This is in conjunction with the main desktop operating systems being “hardened” through each and every update and patch automatically applied. These updates facilitate practices like “sandboxing” where software of questionable provenance is effectively corralled in a logical quarantine area with minimal privileges so it doesn’t affect the rest of the system.

HP and Bromium have developed a “virtual hardware” approach where a browsing session can take place in a separate “logical computer”, a concept being driven by the multi-core CPUs that are the hub of today’s computer systems. This can provide improved security by using the hardware approach that is effectively with its own operating system and has the data destroyed at the end of a session. Here, it restricts the effect of malware like ransomware picked up during a “drive-by” download because the software can only run within that separate “logical computer”.

At the moment, this feature is being initially rolled out to the Elitebook x360 G2 convertible business laptop but will trickle out across the next generation of “Elite” premium manageable business computers to be launched in the second half of the year. It will work only with Microsoft’s Internet Explorer and Google’s open-source Chromium browser at the moment. What I would like to see happen is that this feature is able to be “trickled-down” to HP’s consumer, education and small-business product ranges but in a more “self-service” manner because households, small businesses and volunteer-driven community organisations could equally benefit from this feature.

Send to Kindle