European Union’s data security actions come closer

Article

Map of Europe By User:mjchael by using preliminary work of maix¿? [CC-BY-SA-2.5 (http://creativecommons.org/licenses/by-sa/2.5)], via Wikimedia Commons

The European Union will make steps towards a secure-by-design approach for hardware, software and services

EU Cybersecurity Act Agreed – “Traffic Light” Labelling Creeps Closer | Computer Business Review

Smarthome: EU führt Sicherheitszertifikate für vernetzte Geräte ein | Computer Bild (German Language / Deutschen Sprache)

From the horse’s mouth

European Commission

EU negotiators agree on strengthening Europe’s cybersecurity (Press Release)

My Comments

After the GDPR effort for data protection and end-user privacy with our online life, the European Union want to take further action regarding data security. But this time it is about achieving a “secure by design” approach for connected devices, software and online services.

This is driven by the recent Wannacry and NotPetya cyberattacks and is being achieved through the Cybersecurity Act which is being passed through the European Parliament. It follows after the German Federal Government’s effort to specify a design standard for routers that we use as the network-Internet “edge” for our home networks.

There will be a wider remit for EU Agency for Cybersecurity (ENSA) concerning cybersecurity issues that affect the European Union. But the key issue here is to have a European-Union-based framework for cybersecurity certification, which will affect online services and consumer devices with this certification valid through the EU. It is an internal-market legislation that affects the security of connected products including the Internet Of Things, as well as critical infrastructure and online services.

The certification framework will be about having the products being “secure-by-design” which is an analogy to a similar concept in building and urban design where there is a goal to harden a development or neighbourhood against crime as part of the design process. In the IT case, this involves using various logic processes and cyberdefences to make it harder to penetrate computer networks, endpoints and data.

It will also be about making it easier for people and businesses to choose equipment and services that are secure. The computer press were making an analogy to the “traffic-light” coding on food and drink packaging to encourage customers to choose healthier options.

-VP Andrus Ansip (Digital Single Market) – “In the digital environment, people as well as companies need to feel secure; it is the only way for them to take full advantage of Europe’s digital economy. Trust and security are fundamental for our Digital Single Market to work properly. This evening’s agreement on comprehensive certification for cybersecurity products and a stronger EU Cybersecurity Agency is another step on the path to its completion.”

What the European Union are doing could have implications beyond the European Economic Area. Here, the push for a “secure-by-design” approach could make things easier for people and organisations in and beyond that area to choose IT hardware, software and services satisfying these expectations thanks to reference standards or customer-facing indications that show compliance.

It will also raise the game towards higher data-security standards from hardware, software and services providers especially in the Internet-of-Things and network-infrastructure-device product classes.

Send to Kindle

Classical-music streaming services now starting to appear

Articles

Classical music streaming no longer plays second fiddle | CNet

A streaming service that works for classical: Thomas Steffens, CEO of Primephonic | Bachtrack

From the horse’s mouth

Primephonic

Product Page

My Comments

Most streaming music services like Spotify focus on popular music. There is not much classical music in library and these services don’t support the kind of metadata associated with classical-music works like composers, multiple-movement works or performers. As well, they adopt a royalty-payout model that only works well with the three-minute song.

A streaming-music service that supports classical music needs to allow searching and browsing in a “composer-then-work-then-performance” approach so you can find recordings of a particular piece. It also has to handle the reality that a significant number of classical-music pieces have multiple movements, where there is the ability even to call out a particular part of a movement like the “Ode To Joy” chorus within the fourth movement of Ludwig van Beethoven’s 9th Symphony (Choral) rather than having the whole movement. In the case of musical theatre like opera, you may have to call out a particular aria, duet or chorus without the need to have any bridging music.

There is also a want to allow a particular piece, including a particular movement, to be identified by different names such as language-specific names or names brought on by particular applications. A good example of this is Mozart’s Piano Concerto 21 which ended up being known as the “Elvira Madigan” concerto thanks to a film adaptation of the Elvira Madigan story created in 1967 which featured the (very romantic) second movement.

A significant number of works in the classical-music canon are performed and recorded by different combinations of performers. For example, a concerto would be performed by one or more known soloists and a supporting orchestra conducted by a certain conductor. Here, it may be desirable to look for works performed by a particular performer or orchestral works played by a particular orchestra or conducted by a particular conductor.

Of course there is the desire to look for works based on particular eras like the Romantic era or the Baroque era. 

There is also the fact that a movement can play for a very long time such as some of Beethoven’s popular concerti having a first movement that has a duration of at least 20 minutes. Here. a “per-track” royalty payment approach typically used for popular music that is based on the three-to-five minute song is not economically viable in this domain. Instead, there has to be a sustainable economical approach to pay out arrangers, living composers, music publishers, performers and record labels their royalties for use of pieces in an online music service.

Thomas Steffens who runs Pentatone, the company that was formerly the well-known Philips Classics music label, discovered the limitations concerning how classical music can be enjoyed on online music services.  He conceived the idea of an online music service in 2016 and built up Primephonic as a streaming music service that answers the needs of this class of music.

The music catalogue that supports Primephonic is based on the mainstream classical-music labels alongside some niche labels. Genres are curated and catalogued by musicologists and classical-music students and the service allows for searching also by mood. There is the support for various themed playlists which is very similar to a compilation album based on a mood / occasion , composer, instrument, era or other factor. Users can also have the ability to listen to the parent work of a movement that they are currently listening to in a playlist.

Primephonic stays away from Amazon-type artificial-intelligence “recommend-music” algorithms based on like music or “critic’s choice” lists that are narrowed down to particular performances of particular works. This is to encourage users to work across the whole catalogue and discover more music. But a significant number of classical-music listeners will think more of particular works by particular composes and choose any performance of that work, but they may focus on a particular performer if they are interested in their output.

During playback, Primephonic will show up as a Web page details about the composer, work and performer so you have a similar kind of rich learning experience that was feasible with the notes written on the back of an LP record’s outer sleeve or in a booklet packaged with a CD. There is even the ability for users to know of a local performance of the work if local performers, orchestras or venues register these performances with Primephonic. It can then lead to the idea of providing a link to the box office that is associated with that performance to encourage listeners to book tickets for the event.

Primephonic offers the music as FLAC-based high-quality recordings and costs US$14.99 or GBP£14.99 per month to subscribe. They pay out time-based royalties to the people and entities who have a hand in recording the works that exist on the service’s catalogue.

Alongside the Web-based user interface, Primephonic offers an iOS and an Android mobile-platform app. But what they need to do is work with consumer-AV names to allow this service to work tightly with their equipment. This is more so where the equipment has its own user interface.

Once Primephonic and others get on board with a high-quality classical-music streaming service that supports people who love this kind of music. It could even complement Spotify or TiDAL as an on-demand service for classical music.

Send to Kindle

Now it’s 3–Technics now premiers their own network CD player

Article – From the horse’s mouth

Technics SL-G700 Network SACD Player press image courtesy of Panasonic USA

Technics SL-G700 Network SACD Player – the first of its kind to fully reproduce SACDs

Panasonic USA (Technics)

Energize music from multiple sources with the Grand Class Network / Super Audio CD Player: SL-G700 (Press Release)

My Comments

Over the past few years Yamaha and Marantz have put forward a relatively-new type of hi-fi component unit in the form of the network CD player. These are CD players that connect to your home network to play audio content hosted on equipment on that network or on an online service.

A core advantage these units have is you only use one line-level input on your amplifier or receiver to serve one piece of equipment that plays a CD or to listen to an online audio service or something held on your network-attached storage device. They also fit in well when it comes to upgrading or replacing an existing CD player that you have and you want to benefit from your home network and online audio services.

For a long time, Technics was the hi-fi arm for the original Matsushita (National Panasonic) brand, offering value-priced and premium hi-fi equipment such as the legendary SL-1200 series of DJ turntables. It was while they were applying itself to musical instruments made by Matsushita. This brand even started the idea of the main Japanese consumer-electronics names running a separate brand for their hi-fi equipment through the late 1970s and early 1980s.

But through the late 1990s and the early 2000s, Technics evolved itself to the musical instrument and DJ equipment market while having value-priced audio equipment under the Panasonic name. A few years ago, they rebuilt the hi-fi image by focusing on equipment destined to the high-end hi-fi market with them supporting vinyl, optical-disc and network / online delivery.

Now Technics have come to the fore at CES 2019 by premiering the Grand Class SL-G700 Network SACD player. This is a network CD player that is optimised for audiophile high-end listening by providing full playback of SACD discs along with file-based or CD-based audio content based on the high-end MQA standard. Here, it is infact the first network CD player to provide full playback of SACD discs.

This unit’s digital-to-analogue path has been worked on through the use of premium DAC circuitry that is built with a dual-mono approach. It is as if two digital-to-analogue signal paths are created within the unit – one for the left channel and one for the right channel.

It also includes circuit-based isolation to prevent digital-processing noise from creeping in to the post-DAC analogue signal path. As well, a separate digital-analogue signal path exists for the unit’s headphone jack. There is an operation mode that effectively provides SACD/CD direct sound when you play a regular CD or high-end SACD.

As far as I know, the network aspect for the Technics SL-G700 network SACD player supports Bluetooth and Wi-Fi. There is support for AirPlay and Chromecast audio streaming from iOS, MacOS or Android devices. It also has access to Spotify, TiDAL and Internet radio online services.

What I see of this player is that it is another brand’s attempt to focus the network CD player towards the high-end audiophile market who may be maintaining their CD collections but make use of online music services. This is more so if the premium amplifier that they use has as few line-level inputs as possible.

Send to Kindle

This year’s computing improvements from Dell

Articles

Dell XPS 13 Finally Fixes the Nosecam | Tom’s Hardware

Dell G Series Gaming Laptops Get Nvidia RTX Makeover | Tom’s Hardware

From the horse’s mouth

Dell

Press Releases

My Comments

Dell has been improving their value-for-money portable computer product line and premiering some of these new products in Las Vegas at the Consumer Electronics Show 2019. Here I am calling out a few distinct improvements across the different product lines as supplied through their press material.

Some options that have been cropping up include a 1Tb solid-state disk in most product lines, NVIDIA RTX ray-tracing video chipsets in gamimg models and OLED displays in premium 15” models. But there are some computers out there that have some interesting features like a small built-in Webcam or “walk-up and sign-in” operation.

Improvements to the XPS 13 Ultrabook

Dell XPS 13 9380 Webcam detail press picture courtesy of Dell Corporation

Thin Webcam circuitry atop display

Dell have been incrementally improving on the XPS 13 Ultrabook by releasing the latest iteration known as the 9380 model. But this iteration isn’t just based around its silicon although it implements Intel 8th-Generation Whiskey Lake technology.

One of the main useability improvements is for the Webcam to be located in its proper position above the screen rather than below the screen as with some previous generations. This avoids videocall situations where your correspondent is looking at the ceiling or your nose when you use the Webcam located at the bottom of the screen. The problem was brought about due to Dell’s InfinityEdge “thin-bezel” approach which didn’t allow for room for a standard Webcam circuit. But it had been solved through the use of a 2.5mm Webcam circuit that allowed for a thin top bezel for the screen.

Swll XPS 13 9380 press picture courtesy of Dell Corporation

Now in the “Frost” finish with white keyboard and deck and silver back

It also implements a variable-torque hinge to make it easy to open and close, something that may please older users with hands that may not be all that great thanks to arthritis for example. Another feature that Dell is pushing is to have a fingerprint reader integrated in the power button on the computer.

The latest iteration of the Dell XPS 13 underscores the USB-C connectivity form by having three connections of this kind – two Thunderbolt 2 connections and a USB-C-only connection. This is alongside an audio jack which hasn’t been forgotten about as well as a microSD card reader.

The Dell XPS 13 is available with 8th-generation Intel “Whiskey Lake” Core CPUs (i3, i5 or i7) and Intel UHD 620 integrated graphics. It will have up to 16Gb RAM and 2Tb SSD as non-volatile storage. There will be three display options – a Full HD non-touch screen, a Full-HD touch screen or a 4K UHD touch screen. There is an expected 21-hour battery runtime for an XPS 13 equipped with a Full-HD display which will allow continuous use on one of the new non-stop longhaul flights facilitated by the Boeing 787-9 Dreamliner.

What is being underscored here is the idea of keeping the Dell XPS 13 as the value-for-money Ultrabook that “ticks the boxes” as far as “thin-and-light” clamshell-style portable computers go. Here, it is through implementing the latest technology and answering problems that the user base and computer press have raised about this model.

G-Series gaming-laptop refresh with RTX graphics option

Dell G5 15 gaming laptop press picture courtesy of Dell

The new Dell G Series high-performance gaming-graphics laptops

The CES 2019 exhibition became the time for NVIDIA to premiere their RTX family of ray-tracing-capable graphics processors. Dell was one of the first computer manufacturers to offer a gaming-grade computer as part of their main brand with this silicon as a configuration option.

Here, the G-Series gaming laptop range has effectively been refreshed with new Intel CPUs and the NVIDIA RTX graphics chipsets. The G-series laptops are different from the Alienware gaming brand where they are positioned with a similar approach to the “GT” or “Sport” variants of popular mainstream passenger cars which have the higher-performance powertrains.

But in some ways, these computers can be seen as an entry-level workstation for photo and video hobbyists or students starting on high-end graphics-focused computing like with architecture or statistics.

These systems will be known as the G5 15 with the 15” screen and Core i7 horsepower, the G7 15 with the Core i9 horsepower and 15” screen, and the G5 17 with the same horsepower as the G5 15 but with a 17” screen.

The system RAM can be specced up to 16Gb. This is while the storage options can be specced in the form of a single-device option with a 1Tb 5400rpm hard disk or a dual-device option with up to 1Tb M2 solid-state disk ganged with a choice of 500Gb 7200rpm, 1Tb 5400rpm or 2Tb 5400rpm hard disks.

The economy option for the display subsystem is an NVIDIA GTX 1050Ti GPU but the computer will have the Ethernet port and a USB-C port as its system-specific connections. All of the new G-Series computer can be configured with any of the RTX GPUs which will also have 8Gb of display RAM. They will have the USB-C, Thunderbolt 3 and mini DisplayPort connections as their configuration-specific options.

Dell G5 15 gaming laptop press picture courtesy of Dell CorporationThe common connection options would be 3 USB 3.1 Type-A ports, an SD card reader, an audio jack as well as those extra configuration-specific ports.

The 15” models can have a Full HD IPS screen 220nits brightness and 60Hz refresh rate, a similar screen with similar resolution and refresh rate but 300nits brightness, another similar screen with a similar resolution and brightness but a game-friendly 144Hz refresh rate. There is the full-on option of equipping your 15” Dell G-Series with an 4K UHD OLED screen at a 400nits brightness and 60Hz refresh rate, something that would appeal to photo and video enthusiasts.

The 17” model has fewer screen options in the form of a full HD IPS screen with 300nits brightness but a choice of 60Hz or 144Hz refresh rates.

OLED screens as a configuration option for premium Dell laptops

Speaking of OLED display technology, the XPS 15 thin-and-light, Alienware m15 premium gaming and the Dell G7 15  are able to be equipped with OLED displays rather than LCD displays. These will also be able to support high dynamic-range vision using technologies like Dolby Vision. This will make these computers appeal towards photo and video professionals who look out for increased photo-grade dynamic range,

Dell Latitude 7400 business 14” 2-in-1

Dell Latitude 7400 14" 2-in-1 laptop press picture courtesy of Dell Corporation

Dell Latitude 7400 14″ 2-in-1 laptop with ExpressSignIn

This is a rare sight for the Consumer Electronics Show where a computer manufacturer is premiering a business-grade computer at a consumer-focused technology fair. But small-business owners may find this of value if they buy their technology through an independent computer store or value-added reseller.

Here, Dell are premiering the Latitude 7400 14” business 2-in-1 which has features that make it stand out from other business computers in its class. Here, this computer which has a Titan Grey finish is the smallest business-grade 14” 2-in-1 convertible laptop on the market.

It also has the ExpressSignIn feature that detects user presence near the machine. When the user comes near, it will wake up and activate the Windows Hello facial-recognition routine to verify that the user is authorised to operate the machine. Then, when the user walks away, the Dell Latitude 7400 will lock the user session.

It has 2 Thunderbolt 3 connections as standard and, as specifiable options, Gigabit LTE mobile broadband, 1Tb solid-state drive, Wi-Fi 6 and Bluetooth 5 connectivity. The 1Tb solid-state drive’s capacity will please those of us who effectively “live out of their briefcase” but want the high performance. As is expected for a premium business laptop, this will have the security and manageability features that would please a corporate IT team or a value-added reseller offering “big-time” IT support to small businesses.

Inspiron 7000 Series 2-in-1s gain significant design improvements

The Dell Inspiron 7000 Series 2-in-1 convertible laptops have undergone some significant revision in their design.

Rather than having an ordinary hinge, these computers have a new hinge design with a place to park the supplied active pen. This means that the pen is presented to the user without it falling out no matter whether the computer is folded over as a tablet, in a partially-folded “tent” or “media-viewer” state or a traditional laptop. It also makes sure that the hinge part looks special, as well as being part of an improved cooling and ventilation approach that understands lifestyle computing needs like bingeing on Netflix in bed or “flipping through” YouTube videos on the couch.

The improved cooling and ventilation approach is also augmented through adaptive thermal-management technology which varies the Inspiron 7000’s performance depending on whether you are moving it around or keeping it still on your desk. This avoids you handling a portable computer that is running uncomfortably hot.

The integrated power switch / fingerprint reader design has opened up a design feasibility for the 15” variant of the Dell Inspiron 7000 Series. Here, it means that the computer can be equipped with a numeric keypad which is a rarity amongst 15” 2-in-1 computers.

Still there is the limitation with this series where the USB-C port on these computers is the standard USB-C port rather than a Thunderbolt 3 port. If the Inspiron 7000 Series came with the Thunderbolt 3 port, it could then mean that these computers could be teamed with an external graphics module for at-home gaming.

Conclusion

Dell is keeping up its name as a value-for-money computer name but is assuring users that they are creating innovative designs rather than copying established ones.

Send to Kindle

NETGEAR to offer one of the first Wi-Fi 6 distributed-wireless setups

Article NETGEAR Orbi with Wi-Fi 6 press picture courtesy of NETGEAR

Netgear takes its Orbi mesh Wi-Fi system to the next level with Wi-Fi 6 | PC World

From the horse’s mouth

NETGEAR

LEADING A NEW ERA OF WI-FI, NETGEAR ANNOUNCES ORBI MESH WI-FI SYSTEM USING WI-FI 6 SPECIFICALLY DESIGNED FOR THE GIGABIT INTERNET HOME (Press Release)

Product Page

My Comments

As Wi-Fi 6 (802.11ax) wireless networking comes to the fore, there will be a desire to see distributed-wireless-network systems that support this technology. Here it’s about being able to support many Wi-Fi client devices like laptops, tablets and smartphones along with devices that are designed “Wi-Fi first” including smart-home devices.

NETGEAR have started to refresh the Orbi distributed Wi-Fi system by making a new version that supports this new technology as part of the product lineup they are premiering in Las Vegas at this year’s Consumer Electronics Show. It uses the separate radio backhaul that their Orbi system is know for, thus avoiding a dent in performance that can be brought about with systems that use the main “fronthaul” Wi-Fi segment for their backbone data transfer.

But it uses four data streams across the dedicated Wi-Fi 6 backhaul to allow high-speed high-capacity data transfer. It is in addition to four concurrent data streams on the 2.4GHz band and four concurrent data streams on the 5GHZ band for the client devices to use. The system is powered by Qualcomn networking system-on-chip silicon that allows for the higher data throughput.

It is expected to appear during the second half of 2019, primarily as an updated take of the RBK50 wide-coverage devices. A question that will perplex those of us who have an Orbi distributed-Wi-Fi setup is whether the existing Orbi equipment will work with the newer Wi-Fi 6 Orbi devices.

This is more so where smaller or specialised Orbi satellite modules like the RBS50 Orbi Outdoor Satellite unit or the Orbi Voice which is a combination of a satellite unit and Amazon-Alexa-driven smart speaker are part of your Orbi setup. Or you like the idea of “pushing down” existing equipment to secondary purposes so you get more value out of the equipment you own.

What is being highlighted is the idea of using Wi-Fi 6 as a future-proof approach for wireless local networking, including distributed- Wi-FI setups.

Send to Kindle

An Android app turns your Chromecast-equipped TV in to a whiteboard

Article

Cast Drawings On Your Phone To Your Television Using A Chromecast And This App | Lifehacker

Video (Click or tap to play)

Get this app here

CastPad (Google Play for Android)

– Free version has ads, in-app purchase for premium version

My Comments

The idea of using a regular TV as the electronic equivalent of a chalkboard (blackboard) or whiteboard has been explored through the 1980s thanks to a few key drivers.

A use case that was being put forward was to work with the then-new hobby of home videography thanks to the arrival of affordable video cameras and portable video recorders. Here it would be about creating title cards for one’s home video projects. As well, third-party peripheral vendors created light-pen setups that work with various home-computer platforms like the Commodore “VIC” computers (VIC-20 and Commodore 64), the Tandy TRS-80 Model 1 and the BBC Micro. The software that came with these setups included an elementary “paint” program that worked with the light-pen and allowed the (low-resolution) drawings to be saved to the computer’s secondary-storage medium (cassette or floppy disk) or printed to a connected printer.

The mouse, along with various graphics programs for later computer platform, extended the concept further even though newer computers were hooked up to displays better than the average TV set.

But the concept has been revived using the CastPad app for Android. This app allows you to draw using your finger or stylus on your Android smartphone or tablet, then “cast” it to your TV or monitor that is connected to a Chromecast or has full Chromecast ability built in. There is also the ability to “cast” to other Android devices running the same software and connected to the same logical network that the Chromecast is connected to.

You can save what you drew to your Android device but I am not sure whether it supports printing via Android’s print functionality. There is a free ad-supported version that is limited to five colours. It may be good enough to show to a child or use for games like Pictionary. But a premium version, which you can purchase through an in-app arrangement allows for infinite colours and a few more features.

A use case that was called out in the article was to improve a family Pictionary game that the article’s author played during their family’s Thanksgiving celebrations. Here, they had a Chromecast connected to their family home’s TV and used their Android smartphone to draw out the word ideas as part of gameplay.

But the app has other use cases such as conference facilities, classrooms and the like that are kitted out with a large-screen TV or video projector. Here, the CastPad app may work as a better approach to illustrating concepts in a basic manner and showing them to a larger audience as part of your presentation effort.

Apple could easily answer this app with something that runs on an iPhone or iPad and uses AirPlay to stream the canvas to an Apple TV. Or the app developers could simply port it to iOS to take advantage of that platform’s user base.

Similarly, there could be the ability to have you draw the graphic on the smartphone or tablet then project it through the Chromecast, which can be useful if you are preparing that diagram for a class. This can also be augmented with the ability to insert printed text in a range of font sizes, something that would appeal to “blackboard diagrammers”.

Apps like CastPad can exploit “screencasting” setups like AirPlay or Chromecast to turn the largest screen in the house or business in to an electronic whiteboard and the touchscreen of your device in to a “canvas”.

Send to Kindle

What to expect in personal IT over 2019

Internet and Network technologies

Netgear Nighthawk 5G Mobile Hotspot press image courtesy of NETGEAR USA

Netgear Nighthawk 5G Mobile Hotspot – first retail 5G device

5G mobile broadband will see more carriers deploying this technology in more locations whether as a trial setup or to run with it as a full revenue service. It will also see the arrival of client devices like smartphones or laptops rather than just USB modems or modem routers supporting this technology.

Some users will see 5G mobile broadband as supplanting fixed broadband services but the fixed broadband technologies will be improved with higher data throughput that competes with that technology. As well, fixed broadband especially fibre-based next-generation broadband will also be required to serve as an infrastructure-level backhaul for 5G mobile broadband setups.

Wi-Fi 6 a.k.a. 802.11ax Wi-Fi wireless will be officially on the scene with more devices becoming available. It may also mean the arrival not just of new access points and routers supporting this standard but the arrival at least of client-side chipsets to allow laptops, tablets and smartphones to work with the new technology. Some countries’ radio-regulation authorities will look towards opening up the 6GHz spectrum for Wi-Fi purposes.

It also runs alongside the increased deployment of distributed-Wi-Fi systems with multiple access points linked by a wired or wireless backhaul. This will be facilitated with Wi-Fi EasyConnect and EasyMesh standards to create distributed-Wi-Fi setups with equipment from different vendors, which means that vendors don’t need to reinvent the wheel to build a distributed-Wi-Fi product line.

Consumer electronics and home entertainment

LG 4K OLED TVs press picture courtesy of LG America

LG 4K OLED TVs – a technology that could be coming more affordable over 2019

4K UHDTV with HDR technology will head towards its evolution phase with it maturing as a display technology. This will be with an increased number of sets implementing OLED, QLED or similar display technologies. It will also lead to more affordable HDR-capable TV models coming on to the scene.

Screen sizes of 75” and more will also cut in to affordable price ranges/ This will also be augmented with OLED-based screens becoming available in a “rollup” form that comes in an out like a blind or a traditional pull-down screen. Similarly, there will be a look towards the concept of “visual wallpaper” in order to justify the use of large screens in peoples’ households, including using the screen as a way to show messages or other information.

Online services will still become the primary source of 4K HDR TV content but the 4K UHD Blu-Ray disc will increase its foothold as the “packaged collectable” distribution medium for 4K video content. ATSC 3.0 and DVB-T2 will be pushed as a way to deliver 4K UHDTV content over the traditional TV aerial with this method of TV reception regaining its importance amongst the “cord-cutting” generations who dump cable and satellite TV.

JBL Link View lifestyle press image courtesy of Harman International

More of these voce-driven home-assistant devices with screens over this year

Another major direction affecting the home network and consumer electronics is an increased presence of voice-driven home-assistant services in this class of device. Typically this will be in the form of soundbars, wireless speakers, TV remote controls and similar home-entertainment equipment having endpoint functionality for Amazon Alexa or Google Assistant.

As well, the “smart screens” like what Lenovo, JBL and Amazon are offering will become more ubiquitous, with the ability to augment responses from a voice-driven home assistant. It will be part of having more household appliances and other gadgets work tightly with voice-driven home assistants.

It may be seen as an effort to bridge the multiple network-based multiroom audio platforms so you can run equipment from different vendors as part of one system. But the problem here will be that such setups may end up being more awkward to use.

The smartphone will be facing some key challenges what with people hanging on to these devices for longer and / or running two of them – one for their work or business along with one for personal life. Some new form-factors like folding smartphones will be demonstrated while some of them will be optimised for high-performance activities like gaming.

These devices are being augmented with the return of mobile feature phones or basic mobile phones. These phones are like the mobile phones that were on the market through the 1990s and 2000s and don’t connect to the home network or Internet or use these resources in a very limited way. They are appearing due to people wanting detachment from online life like the Social Web usually as part of the “back to basics” life calling, or simply as a fail-over mobile telephony device.

But as laptops and tablets become full-on computing and communications devices, the feature phones and basic phones will simply work in a complementary way to allow voice telephony or text messaging on the same service in a handheld form.

This situation is being underscored by more mobile carriers offering mobile telecommunications services that aren’t necessarily bound to one particular device. This is to face realities like the connected car, smartwatches with mobile broadband, Mi-Fi devices amongst other things which will be expected to use the same mobile service.

In the same context, there will be a market requirement for mobile communications devices, especially mobile phones, to support two or more services including multiple numbers on the same service. Primarily this will be driven by eSIM technology and over-the-air provisioning, but it will facilitate ideas like totally separate services for one’s business and private lives, or to cater towards people who regularly travel across international borders.

Security and regulatory issues

I do see a strong push towards more secure Internet-of-Things devices for residential, commercial and other applications over this year. This is as regulators in Europe and California put the pressure on IoT vendors to up their game regarding “secure-by-design” products. There is also the expectation that the Internet Of Things needs to be fit for purpose with transport applications, utilities, medical applications and the like where there is an expectation for safe secure reliable operation that cannot be compromised by cyber-attacks.

Here, it may be about the establishment of device-firmware “bug-bounty” programs by manufacturers, industry bodies and others used to unearth any software weaknesses. Then it will lead towards regular maintenance updates becoming the norm for dedicated-purpose devices. It may also include a requirement to for device vendors and end-users to support automatic installation of these maintenance updates but allow for manual installation of major “feature-addition” updates.

This is in conjunction with the Silicon Valley behemoths like Amazon, Facebook, Apple and Google having to change their ways due to them under increased scrutiny from governments, media, activist investors, civil society and end-users. It will affect issues like end-user privacy and data transparency, financial and corporate-governance / human-resources practices, along with the effective market power that they have across the globe.

Equipment design

Use of Gallium Nitride transistors for power conversion

A major trend to see more of this year is the increased use of Gallium Nitride transistor technology. This is beyond using this chemical compound for optoelectronics such as blue, white or multicolour LEDs or laser diodes installed in Blu-Ray players and BD-ROM drive for the purpose of reading these optical discs.

Here, it is to multiply the effect silicon had on the design of audio equipment through the 1970s leading to highly-powerful equipment in highly-compact or portable forms. This is through improved heat management that leads to the compact form alongside more powerful transistors for switch-mode circuits.

One of the initial applications will be in the form of highly-compact USB-C Power-Delivery-compliant chargers for laptops and smartphones. This year will be about an increased number of finished products and reference designs that, depending on the application,  yield more than 45W of DC power for USB-C PD applications from either 100-250VAC mains power or 12-24VDC vehicle / marine power. It could then be affecting multiple-outlet “charging bars” and similar devices where the goal is to have something highly compact and portable to power that Dell XPS 13 or Nintendo Switch alongside your smartphone.

I see it also affecting how power-supply circuitry for computers, peripherals, network equipment and the like is designed. This can lead towards equipment having the compact profile along with reduced emphasis on factoring in thermal management in the design like use of fans or venting.

ARM-based microarchitecture to compete with Intel’s traditional microarchitecture

In the late 1980s, the then-new RISC (Reduced Instruction Set Computing) microarchitecture excelled with graphics and multimedia applications. This is while Intel’s x86-based 16-bit traditional-microarchitecture used in the IBM PC and its clones were focused simply on number-crunching.

But 32-bit iterations of the x86 microarchitecture were able to encroach on graphics and multimedia since the early 1990s. Eventually it led to Apple moving the Macintosh platform away from the RISC-based Motorola CPUs towards Intel-based x86 and x64 traditional microarchitecture.

This was while Acorn Computers and a handful of other computer names worked towards ARM RISC microarchitecture which ended up in smartphones, tablets, set-top boxes and similar applications.

Now this microarchitecture is making a comeback with the Always-Connected PCs which are laptops that run Windows 10 on Qualcomm ARM processors for higher power efficiency. It was brought about with Microsoft releasing a Windows 10 variant that runs on ARM microarchitecture rather than classic microarchitecture.

This will lead to some computer vendors running with at least one or two of these computers in their ultraportable product ranges. But there is investigation in to taking ARM technology to higher-power computing applications like gaming and server setups.

The big question for Intel is what can they offer when it comes to microprocessor technology that can answer what Qualcomm and others are offering using their ARM processors.

Increased SSD capacity

The solid-state drive will start to approach bill-of-material per-kilobyte price parity with the 500GB hard disk. Here, it could lead towards laptops and ultra-compact desktop computers coming with 512Gb SSDs in the affordable configurations. This is also applying to USB-based external storage devices as well as what is integrated in a computer.

Here, the concept of high-speed energy-saving non-volatile storage that would satisfy a “sole computer” situation for a reasonable outlay is coming to fruition. What will still happen with the traditional mechanical hard disk is that it will end up satisfying high-capacity storage requirements like NAS units or servers. In some situations, it may lead towards more NAS units supporting multi-tier storage approaches like bring frequently-used data forward.

Conclusion

This is just a representative sample of what 2019 is likely to bring about for one’s personal and business online life, but as with each year, more situations will crop up over the year.

Send to Kindle

The new direction for online audio content

Article

Amazon Echo on kitchen bench press photo courtesy of Amazon USA

The Amazon Echo and similar devices will create new applications for audio content

2019 will see the end of baked-in, generic podcast ads | Mumbrella

My Comments

Previously there were the radio shows which were a packaged item of audio content that was broadcast by one or more stations at one or more known times. These effectively drove radio along before television came to the fore but still exist mainly in an informative manner.

This can happen in the form of talk shows primarily run on stations that run informative content to music documentaries and Top-40 countdown shows run on the commercial music stations. In some cases, scripted radio drama still exists, especially with the BBC or some community radio stations who syndicate drama series. This is in conjunction with some radio stations doing book readings, mostly for vision-impaired people but also appealing to other users like drivers.

Often what would happen if other stations are interested in the same radio show is that they would “syndicate” the show by buying rights to broadcast the show themselves. In most cases, each episode of the show would be delivered as a recording that would be played at a scheduled time that is part of the agreement. A live show prepared by an originating station may simply be streamed out to local stations who are syndicating it thanks to satellite or similar communications technologies.

But this concept is still being pushed onwards in the form of the podcast which is today’s equivalent of these radio shows. Here, these shows are available for download and can be followed using a podcast manager that you run on your regular computer or mobile device. The podcast manager, typically part of a media management program, would check for and download the latest podcasts on to your equipment and, in some cases, synchronise them to MP3 players or similar devices.

Increasingly, streaming-audio-content services like Internet-radio or music-on-demand services are becoming podcast-delivery platforms themselves. Here, the content is streamed out via the service rather than being made available for download to your computer’s local storage, but the service may offer a download option for offline listening.

Infact the podcast is being valued by radio stations in a few different ways. For example, a radio station who runs a regular radio show will offer past and current episodes of this show for download as a podcast. This can come in handy for people new to a show, who have missed episodes of that show or like to hear it at their own time and pace.

Similarly, radio stations may syndicate a podcast that their network or someone else has created. This may be used to fill a programming void that may exist while one or more of the regular shows is on hiatus.

An issue that is affecting podcasts today is how they can work with an advertising context especially if people are moving away from advertising-driven radio. Typically the podcaster who wanted to sell advertising time would have to run the same approach as a syndicated radio show that is sponsored by one or more companies.  Here, the sponsored show will have “baked in” advertising offered by the show’s sponsors that is recorded as part of the show, which is different from the “spot” approach with ads that are inserted by the broadcaster airing the show.

This arrangement will lead to situations where advertising isn’t relevant to the listener due to such factors as the advertiser not in the listener’s location. The fact that an advertisement “baked in” to a podcast can be listened to ant any time can affect material that is time-sensitive due to campaign or jurisdiction issues.

What is being looked at now with various podcast infrastructures like Spotify, Apple or Google is the ability to provide dynamically-inserted content for podcasts. This will initially be investigated with news and current-affairs shows that have up-to-date content, including the idea of using local up-to-date newsbreaks. For advertising, this can also be about the introduction of localised spot advertising in to podcasts just like what a local radio broadcaster does to a syndicated show when they air it.

Listening to podcasts will be a similar experience to listening to syndicated radio shows

The problem I see with this kind of setup as far as how podcasters are paid is that it will follow the same rules as the syndicated content aired on commercial radio and TV. If the show has sponsorship with the “baked-in” advertising, the show’s producers and talent will be paid while the localised “spot” advertising simply pays the broadcaster. They may pay the show’s producers a “cut” of that advertising revenue as part of the syndication agreement.

But with this application, it will lead to an emphasis towards addressable advertising focused on narrow factors such as age, gender or detailed location like one’s neighbourhood. There will also be some influence based on the kind of podcasts or audiobooks you play through the podcast platform.

Here, it may require podcast formats to support the addition of standard metadata in order to identify logical breaks where advertising or other content can be inserted. Then the various podcast apps and platforms that run their own ad platforms will end up inserting the localised content in to the break. This may affect approaches like downloading for offline use, where it may be about downloading a collection of files that are joined by a podcast-specific playlist or creating a single concatenated audio file representing the main and supplementary content.

The above-mentioned logical breaks will also be of importance to the radio station who wants to syndicate that podcast. This may be to allow them to fulfil their obligations whether just to call the time and identify themselves on air, or to insert other content like news flashes, advertising / sponsorship and the like.

It will also apply to how you can listen to podcast content so you can, for example, recap parts of these shows that you were distracted from. This will be of importance for those of us who listen to podcasts in areas where we can be distracted easily like in the home or office in the same manner as listening to radio there.

There is also the idea of taking audio content further. For example, BBC and Amazon tried out the idea of an old-time radio play that works in a similar manner to a “Choose Your Own Adventure” book. This is with you talking to Alexa to steer yourself through the adventure very much in a similar form to interacting with those text-based computer adventure games on an old home computer.

Other ideas being looked at include driving or walking tours with rich audio commentary that plays when you are approach each point of interest.  This would be augmented through the use of GPS or similar navigation technology in order to play audio content relevant to the location. Similarly, you would be able to use the navigation software to lead you towards other waypoints that are part of the tour.

There are also the possibility of creating games that are augmented with the various pieces of audio content. This application would be driven by voice-driven assistants, perhaps in conjunction with sensors for various board and card games. It is a similar practice to some “Name That Tune” and similar board games which are based on a regular audio CD that has audio content essential to game play.

What is happening now is audio-focused content is gaining a stronger role in our lives and there are efforts to introduce flexibility in to how this content is presented. This is more so as we listen to this kind of content on many different device types.

Send to Kindle

Connected novelties and toys–security and useability issues that affect this product class

Giftware chook (rooster)

Connected versions of classic novelties and giftware will be subject to severe scrutiny

An issue that is rearing its ugly head is the rise in availability of connected novelties and toys. They are toys, novelties, giftware, seasonal decorations and other items that are able to connect with your computer or network. This connectivity function is often sold as one of the key marketing features with it able to work with an online service of some sort.

When I talk of toys, I don’t just talk of what children play with with but also other toys that adults end up playing with. These can include the so-called “executive toys” that live on the office desk for one to keep the other hand busy while they are on the phone.

Who typically sells these products

Toys and novelties are typically sold through a large range of online and bricks-and-mortar retailers, whether they be toy stores, gift stores, souvenir outlets or multi-facet outlets including department and discount stores. In some cases such as rural areas, a store like a newsagent’s could even sell novelties or toys.

Another factor is that novelties are given away to people and businesses as a gift or premium. This can typically happen as part of a “loot bag” offered out at conferences or tradeshows or simply used as a giveaway during a presentation to encourage audience participation.

Christmas wreath

Seasonal decorations that connect to the Internet can also be a security or setup risk

The common factor here is that most of the outlets that sell this kind of product are staffed by people who don’t have much technological know-how. This can affect the procurement process affecting whether the item exhibited at the gift fair should be stocked, or providing customer advice during and after the sale including how to get the connected novelty fully operational.

Artisans who make these gifts and novelties

Amazon Echo on kitchen bench press photo courtesy of Amazon USA

Your Amazon Echo will soon be expected to work with a wide range of toys and novelties

There is also the fact that craftspeople like to make various toys, novelties, gifts and other items and sell them directly to customers or on a wholesale basis. But they do want to add some extra functionality like musicality or flashing lights to some of their product lines.

Typically, if they want this extra functionality in these gifts that they make, they have someone else make and supply the necessary components like clockwork movements or electronic-circuit kits to fulfil the extra functionality in a pre-assembled form.  Then the artisan installs the pre-assembled mechanisms or circuits in the toy or gift as part of putting the whole thing together.

It allowed these artisans to focus on their craftwork and build the items they want to sell, while being able to offer a wide range of goods. The same comments that apply to finished goods also apply to the various components and kits that are being sold to these artisans for their projects.

In this case, the artisans have to be aware of what they procure when they are being sold a “connected functionality” kit for installation in their projects. For them, they have to be aware of customer-support issues including setup and data-security issues regarding this extra functionality.

Connected modules for construction sets and similar hobbies

The same concept also extends to construction-set platforms like Meccano, Lego and FischerTechnik where children and adults build items using the pieces that are part of the respective platforms. In this case, anyone to do with these platforms could offer connected modules or kits that have the ability to control one or more items in their platform-based project like a motor, light or solenoid using an “Internet Of Things” approach. Here, these modules have to be able to seen as equivalent to a connected toy or novelty, especially if the idea is to implement cameras, microphones or GPS sensors.

It also applies to model railways, track-based car-racing sets and the like where they can be extended with functionality modules sold by the set’s vendor or a third party catering to these hobbies. Again the modules also need to be designed for security if they are capable of being part of the Internet of Things.

Use of these items

There is the desire for people to buy these toys and novelties as gifts for others in their life. It also includes the fact that the recipient wants to get the item “up and running” as soon as possible.

This will involve having the device connected to a host device through Bluetooth or USB or to a home network for proper reliable use. It should be about a standard process that is implemented for onboarding including the installation of any extra software.

Key security issues

A key security issue concerning the connected toy, novelty or similar device is that it can be an espionage item presented in an innocuous form. It can concern us both at home and in the office because we can easily be talking about items that are confidential and sensitive in our personal and business lives.

This was highlighted in a crime-fiction form to the Germanic viewership in Europe through the Munich-based Tatort “Wir Kriegen Euch Alle” (We Get You All) episode shown there on Sunday 9 December 2018. This story was focused around a connected doll that was given by strangers to various childrens’ families in middle-class Munich and was used as a surveillance tool to facilitate crimes against the families.

It underscored that Germany has some very strict policies where the sale of surveillance devices that are disguised as innocuous items isn’t allowed in that country. But, in the story, these dolls were imported in to Munich from a location in Austria which is a short drive away and facilitated by the Schengen Agreement in the European Union.

Let’s not forget the recent cyberattacks such as the Mirai botnet that were facilitated by dedicated-purpose devices like network-infrastructure equipment and videosurveillance cameras which were running compromised software. Then there are factors regarding data-storage devices and “bag-stuffer” novelties given away during business conferences where there is the possibility of them being loaded with questionable software.

What would I like to see

Security

There has to be identification on the toy’s or novelty’s packaging about what kind of sensors like location sensors, microphones or cameras that the device has, as well as whether the device transmits data to online services. This includes whether the device does this directly or via intermediary software running on other computer devices such as mobile devices running companion mobile-platform apps. Even a hang tag attached ti the novelty could highlight what kind of sensors or online services it uses which would be important for those items sold without packaging.

Preferably, this can be achieved through standard graphical symbols indicating the presence of particular sensors or the use of online services and social networks. It can also identify whether the toy’s or novelty’s functionality are dependent on these sensors or online services.

App stores and other software platforms that host “connector” software have to implement stringent permissions for these kind of devices especially if they use a microphone, camera or location sensor. There could be standards on whether the software is allowed to record from these sensors over a long time or keep the recording persistent on the host device or online service.

A limitation I would also like to see for connected toys and novelties that if they work with another computing device including a smart speaker, the connection can only be effectively within the same premises. This can be tested through the use of a peripheral-grade connection like Bluetooth or USB to a computing device or limiting the range of discovery for network-based devices to that of the same logical private network or subnet. Here, it represents all the devices on the LAN side of a home-network’s router and excludes devices existing on other logical networks served by the same physical device like “guest” or “community” networks.

As far as Bluetooth is concerned, the toys should implement authentication processes during the setup phases. Then the device ceases to be able to be discovered once it is paired with a host device. It is like what we are seeing with Bluetooth headsets and similar devices that have been recently released. They may also have to work on a limited radio range to prevent successful connection from a distance.

There should also be a simple “factory-reset” process to allow the user to place the toy or novelty in to setup mode, effectively wiping data from the device. This allows a recipient to effectively “claim possession” of the device as if it is new, avoiding the situation where they may be given something that is compromised to do what someone else wants it to do. It also applies to situations where you are dealing with ex-demo stock or gift-fair samples.

This should also apply to online services associated with these toys or novelties where the user has proper account control for the device’s presence on that service and any data collected by that device.

There are devices that observe particular functions according to a particular device class supported by many platforms like a novelty nightlight or illuminated Nativity scene that works with a “smart-home” setup or a novelty Bluetooth speaker. These devices have to work according to the standards in force for that device class and its connection to the host device or network. It is more important where the device may perform further tricks while running alongside dedicated vendor-created software but is able to have basic functionality without this software.

A software-level security approach could be achieved through an open-source or peer-reviewed baseline software that ticks the necessary boxes. This would apply to the firmware installed in the device and any apps or other companion software that is required to be run on other computing devices for the novelty to operate. It also includes a requirement that this software be reviewed regularly for any bugs or weaknesses that could be exploited, along with compliance requirements.

This could be assessed according to a set of European norms because the continental-European countries are very concerned regarding privacy thanks to their prior history.

As far as modules for integration in to toys, novelties and giftware is concerned, the modules should meet the same requirements as finished products that would have the same functionality. Craftspeople should also be aware of data security and user privacy issues when it comes to choosing modules for their projects that are dependent on computer devices or networks.

Setup and Connectivity

Another area that is a sore point for connected toys and novelties is bringing these devices on board for you to use. In a lot of cases, this is exacerbated through awkwardly-written instructions that can test one’s patience and not much knowledge about what is needed for the device to work fully.

The device packaging could use Wi-Fi, Bluetooth or other standard logos to indicate what kind of connectivity it needs to operate fully. This is to be highlighted with the “app store” logos for various operating-system app stores if the device is dependent on companion apps for full functionality. Similarly, use of other official platform logos can be used to identify compatibility with platforms like smart-TVs or voice-driven home-assistants.

Simple-yet-secure setup and onboarding procedures are to be paramount in the design of these devices. For Bluetooth-based devices, they should use “simple-pairing” such as pressing a button on the device to make them discoverable. This is even made easier with a trend towards “out-of-the-box” discoverability if the device isn’t paired with any host. Then the user activates their host device in “Bluetooth Scan” mode to discover the device,  subsequently with them selecting the device through its presentation name.

Windows, Android and iOS are even implementing simplified device-discovery routines for Bluetooth devices, with the ability to lead users to visit the app store to install complementary software. This will make things easier for users to get the toy or novelty up and running.

Wi-Fi-based devices would have to use WPS-PBC push-button setup, Wi-Fi Easy Connect, or other simplified setup processes for integration with the home network. It also applies to other network connection standards where you have to enrol the device on to that network.

Smart-home devices that implement Zigbee, Z-Wave and similar standards also have to implement simplified discovery protocols implemented in these standards to bring them on-board.

In relationship to security, I underscored the need for use of device-class standards as much as possible. But it also applies to connectivity and useability where a device that honours device-class standards is also easier to use because you are operating it the same for its peers.

Conclusion

This year will become a time where security and useability will be of critical importance when toys, novelties and other similar goods that connect to the home network and the Internet are designed and sold to consumers. Here, these issues may avoid these kind of toys ending up in disuse due to security or setup issues.

Send to Kindle

Amnesty International reports on recent email phishing attacks

Article

How Hackers Bypass Gmail 2FA at Scale | Motherboard

Hacker spoofing bypasses 2FA security in Gmail, targets secure email services | ZDNet

My Comments

Recently, it has been revealed that hackers were attacking users of secure email sites by compromising the two-factor authentication that these sites implement.

This has been found to be an attack perpetrated by nation-states against journalists, human-rights defenders, non-government organisations and their allies in the Middle East and North Africa over 2017 and 2018. Here, this user base were using GMail and Yahoo Mail Webmail services and Protonmail and Tutanota secure Webmail services that were compromised. This is because the Webmail setup typically allowed for a client-independent portable email front.

What was going on was that a phishing page was asking for the users’ email and password but this would trigger the software’s two-factor authentication routine. But the user interface was “steered” via a fake page asking for the one-time password that the user would transcribe from their mobile phone which would receive this value via text messaging. It then led to the creation of an app password, typically used for third-party apps to use the service, but was used by the hacker to sustain control of the user’s email account.

Oh yeah, there was the SSL authentication which would show a “green padlock” icon on the user’s Web browser, making the user think that they were safe. But the phishing that took place was facilitated using fake domain names that sounded and looked like the real domain names.

This loophole exploited the use of the “intact key” or “green padlock” symbol in a Web browser’s user-interface to indicate that the SSL certificate was intact and that the interaction with the Website is safe thanks to HTTPS. But users may not know they are with the wrong Website, which is the breeding ground for phishing attempts.

The other weakness that was called out was the requirement for end-users to transcribe the one-time password from an SMS message, software token app or hardware token in order to phish the account. This was aggravated through the use of an app password to allow third-party app access to the service. What is being preferred as a secure 2FA solution was a security key kept in the possession of the end-user that connects to the user’s host device via USB, Bluetooth or NFC.

Most of us can easily relate this process to using an ATM to take cash out of our account or a payment terminal to pay for goods or services using our plastic cards. Here, to facilitate the transaction, you have to present your card by inserting it in or touching it on an identified spot on the ATM or payment terminal then enter your PIN number in to the same machine.

Extended Validation SSL site as identified on Microsoft Edge address bar -

Extended Validation SSL site as identified on Microsoft Edge – notice the organisation’s legal name appearing in green text

The Websites that high-risk end-users rely on can use Extended Validation SSL or Organisation-based SSL certificates and other authentication measures to verify the Website they are visiting is the correct one. Extended Validation SSL has a stronger certificate that verifies the organisation it is associated with and implements the strongest encryption available for HTTPS. The user experience here will have a green bar in the browser’s address bar along with the typical padlock icon while the organisation’s legal name is written in the address bar before the URL. The Organisation-based SSL certificate doesn’t have the green bar or text on the user interface but lists the organisation’s legal name in the address bar. But some browsers like recent Chrome versions don’t implement the green highlighting of the legal name for EV SSL certificates.

This also includes the organisations keeping tabs on their Internet “real estate” of domain names to identify typosquatting risks and, perhaps, make further “land grabs” of domain names if they can afford it.  This is in conjunction with efforts like what Amnesty International were doing with Protonmail and Tutamota where they are made aware of fake sites and are given legal assistance to take them down.

Then browsers and similar user agents could highlight domain names in a more distinct manner so users can know where they are at. This would be more important with email clients or browsers implemented on “reduced-user-interface” platforms like mobile operating systems. As well, end-users in high-security-risk user groups could be trained to be aware of the domains associated with Websites they are visiting. Mobile browsers pitched to smartphones can also implement a way to show the organisation’s legal name on the user interface such as a caret-identified drop-down interface that comes alive with Organisational Validated or Extended Validated SSL certificates.

Webmail-based user interfaces and similar high-risk online services could move towards use of “transcription-free” two-factor authentication like FIDO-U2F-compliant security keys including software keys run on mobile platforms to provide a secure login user experience.

Similarly, token-based authentication could be the way to go for app-to-service authentication especially as we use native-client software to interact with online services. This avoids the creation of persistent “app passwords” to facilitate native client access to online services. Here I would see this as being important as something to be investigated as part working towards secure client-based email setups, especially as the client-based email provides a platform-native user interface for your email.

Each of these approaches has to be looked at in a manner to work with small and medium organisations who don’t have their own IT staff. This is more so as this class of organisation sees itself as “grown up” when it uses cloud-based line-of-business software. The issue here is to assure that authorised users have secure access to the proper service they are authorised to use.

This situation that Amnesty International raised could also bring forward the idea of non-profit entities that underscore data security for independent media and civil society. Here, it could be about extending and bolstering the Electronic Frontier Foundation’s efforts or building up legal-action funds and lawyer teams to provide legal remedies against cyber-attacks.

What is now being realised is data security has now become a human-rights issue rather than an economic necessity.

Send to Kindle