Category: Industry Comments

U2F-compliant security keys now seen as phish-proof

Articles

Facebook login page

It is being proven that the use of a hardware security key is making the login experience phish-proof

Google Employees’ Secret to Never Getting Phished Is Using Physical Security Keys | Gizmodo

U2F Security Keys Show Extreme Effectiveness Against Phishing | Tom’s Hardware

Google: Security Keys Neutralized Employee Phishing | Krebs On Security

My Comments

An issue that is being raised regarding SMS-driven two-factor authentication is that it can be used to facilitate phishing and other fraud against the user’s account. Here, it relies on the user receiving an SMS or voice call with a key value to enter in to the login user interface and this is totally dependent on the SMS or call being received at a particular phone number.

The area of risk being highlighted is that the user could be subjected to social engineering to “steer” their phone number to a mobile device under the hacker’s control. Or the IT infrastructure maintained by your mobile telephony provider could be hacked to “steer” your phone number somewhere else. The ease of “steering” your mobile phone number between devices is brought about thanks to a competitive-telephony requirement to “port” mobile or local numbers between competing telephony-service providers if a subscriber wishes to “jump ship” and use a different provider.

Google have proven that the use of hardware security keys that are part of the FIDO Allance’s U2F (Universal Second Factor) ecosystem are more secure than the SMS-based second-factor arrangement used by most online services. This is a “follow-on” from the traditional card-size or fob-size security token used by some banking services to verify their customers during the login process or when instantiating certain transactions.

Here, Google issued all their employees with a U2F-compliant security key and made it mandatory that their work accounts are secured with this key rather than passwords and one-time codes.

Most of these keys are connected to the host computer via plugging them in to a vacant USB port on that host. But there are or can be those that use Bluetooth and / or NFC “touch-and-go” technology to work with mobile devices.

Why are these U2F security keys more secure than the SMS-based two-factor authentication or app-based two-factor authentication? The main reason is that the U2F security key is a separate dedicated hardware device that works on an isolated system, rather than a backbone system dependent on mobile-telephony infrastructure or software that runs on a computer device that can be exposed to security exploits.

For most users, the concept of using a U2F-compliant security key for their data relates it to being the equivalent of the traditional key that you use to gain access to your home or car as in something you possess for that purpose. Most U2F-compliant security keys that use USB or Bluetooth would also require you to press a button to complete the authentication process. Again this is similar to actually turning that key in the lock to open that door.

This has underscored the “phish-proof” claim because a person who uses social engineering to make an attempt on the user’s credentials would also need to have the user’s security key to achieve a successful login. It is something that is similar to what happens when you use an ATM to withdraw cash from your bank account because you need to insert your account card in the machine and enter your PIN to commence the transaction.

What kind of support exists out there for U2F authentication? At the browser level, currently Chrome, Opera and Firefox provide native support but Firefox users would need to enable it manually. At the moment, there isn’t much production-level support for this technology at the operating-system level and a handful of applications, namely password-vault applications, provide native support for U2F authentication.

The issue of providing support for U2F authentication at the operating-system level is a real issue thanks to operating systems having an increased amount of native client-level support for online services “out of the box”. It also includes the use of Web browsers that are developed by the operating system’s vendor like Edge (Microsoft Windows) and Safari (Apple MacOS and iOS) with the operating system set up “out of the box” to use these browsers as the default Web browser. As well, Microsoft, Google and Apple implement their own platform-wide account systems for all of the services they provide.

Other questions that will end up being raised would be the use of hardware-key authentication in the context of single-sign-on arrangements including social-sign-on, along with the 10-foot lean-back user experience involving the TV set. The former situation is underscored through the popularity of Google, Facebook and Microsoft as user credential pools for other online and mobile services. This is while the latter situation would underscore console-based online gaming, interactive TV and video-on-demand services which are account-driven, with the idea of being able to support simplified or “other-device” user authentication experiences.

What has been proven is that easy-to-use dedicated security keys are a surefire means of achieving account security especially where the main attack vector is through social engineering.

It is time for YouTube to face competition

Amazon Echo Show in kitchen press picture courtesy of Amazon

Google not allowing Amazon to provide a native client tor the popular YouTube service on the Echo Show highlights how much control they have over the user-generated video market

Over the last many years, YouTube established a name for itself regarding the delivery of user-generated video content through our computers. This included video created by ordinary householders ranging from the many puppy and kitten videos through to personal video travelogues. But a lot of professional video creators have used it to run showreels or simply host their regular content such as corporate videos and film trailers, with some TV channels even hosting shows for a long time on it.

After Google took over YouTube, there have been concerns about its availability across platforms other than the Web. One of the first instances that occurred was for Apple to be told to drop their native YouTube client from iOS with users having to install a Google-developed native client for this service on their iOS devices.

Recently, Google pulled YouTube from Amazon’s Echo Show device ostensibly due to it not having a good-enough user interface. But it is really down to Google wanting to integrate YouTube playback in to their Google Home and Chromecast platforms with the idea of running it as a feature exclusive to those voice-driven home assistant platforms.

YouTube Keyboard Cat

Could the Web be the only surefire place to see Keyboard Cat?

These instances can affect whether you will be able to view YouTube videos on your Smart TV, set-top box, games console, screen-equipped smart speaker or similar device. It will also affect whether a company who designs one of these devices can integrate YouTube functionality in to these devices in a native form or improve on this functionality through the device’s lifecycle. The concern will become stronger if the device or platform is intended to directly compete with something Google offers.

There are some video services like Vimeo and Dailymotion that offer support for user-generated and other video content. But these are services that are focused towards businesses or professionals who want to host video content and convey a level of uninterrupted concentration. This can be a limitation for small-time operators such as bloggers and community organisations who want to get their feet wet with video.

Facebook is starting to provide some form of competition in the form of their Watch service but this will require users to have presence on the Facebook social network, something that may not be desirable amongst some people. Amazon have opened up their Prime streaming-video platform to all sorts of video publishers and creators, positioning it as Amazon Video Direct. But this will require users to be part of the Amazon Prime platform.

But for people who publish to consumer-focused video services like YouTube, competition will require them to put content on all the services. For small-time video publishers who are focusing on video content, this will involve uploading to different platforms for a wider reach. On the other hand, one may have to use a video-distribution platform which allows for “upload once, deliver many” operation.

Competition could open up multiple options for publishers, equipment / platform designers, and end-users. For example, it could open up monetisation options for publishers’ works, simplify proper dealing with copyrighted works used within videos, open up native-client access for more platforms, amongst other things.

But there has to be enough competition to keep the market sustainable and each of the platforms must be able to support the ability to view a video without the user being required to create an account beforehand. The market should also support the existence of niche providers so as to cater to particular publishers’ and viewers needs.

In conclusion, competition could make it harder for YouTube to effectively “own” the user-generated consumer video market and control how this market operates including what devices the content appears on.

Why we need download-based services for video content

Legal download-based video ecosystems could yield frustration-free viewing of video files

Legal download-based video ecosystems could yield frustration-free viewing of video files

Most video-on-demand services, whether transaction-based like iTunes or subscription-based like Netflix, are based on the concept of streaming. This is where the content is delivered in real-time from a remote server to your smart TV or set-top box via the Internet.

But streaming has a key disadvantage. It is totally dependent on the quality of the Internet connection and your equipment and can cause a poor viewing experience if there is reduced bandwidth due to situations like a poor DSL connection or a highly-busy network; and is a situation I have seen for myself with Apple TV and the iTunes video-on-demand service.

Similarly, streaming can be at a disadvantage when you are using mobile devices and are viewing the content in a mobile context like entertaining your kids with some videos on a long road trip or whiling away the train commute with episodes from your favourite TV shows. Here, the Internet connection may not always be reliable because you may be moving out of your mobile-broadband service’s reliable reception area frequently during the trip, something that would happen as you enter a tunnel or drive further out in the country.

USB external hard disk

USB hard disks – could be part of a download-based video ecosystem

A download-based video-content service would work in the similar way to iTunes or Amazon music services where you can buy and download songs or albums. This is where, as part of the transaction, you download the movie or TV show to local storage and play the content from the local storage.

The local storage could be a USB hard disk which you download the content to using a regular computer, then connect to a TV or video peripheral for playback. On the other hand, it could be a network-attached storage device which streams the content out to a smart TV or video peripheral over the home network. As well, it could be storage integrated with a viewing device like a tablet, laptop or smartphone which you use to view the content when you are “on the road”.

Key issues

Content protection

NETGEAR ReadyNAS RN1040 NAS press picture courtesy of NETGEAR America

This ReadyNAS could serve as a household movie library

There is a big genuine fear shown by Hollywood with download-based services where the high-value video content could be replicated in an out-of-control way. This is being examined by the Secure Content Storage Association who are looking towards secure authenticated storage for these files. They are pitching it at digital download, “physical+digital” delivery, retail kiosks amongst other digital-delivery business models along with access to newer remasters of the same content for those of us who already have an existing copy.

Business models

Any content-protection system like SCSA would have to support a range of business models, primarily transaction-driven models, such as the two outlined below:

Download-to-own

Typically, the main business model that would be associated with a download-based service would be a “download-to-own” model where you download the title and watch it for ever, similar to buying the content on a VHS videocassette or a DVD or Blu-Ray disc. This would be more or less associated with the “collectable” model where you buy favourite movies or TV serials that you want to come back to.

This can be provided by a “digital-only” service where you just download the content from an online store or as part of the supply of the content on a physical medium like a DVD. It can also extend to the supply of USB memory keys or USB-connected hard drives that are full of a collection of video titles, a practice that has been done with Bob Dylan’s album collection which was dumped to a USB memory key shaped like his quintessential harmonica and sold as a collectable. An example of this could be a collectable USB hard drive loaded with remastered copies of all of the episodes of a classic British or American TV sitcom and this hard drive is styled to reflect the tone of that sitcom.

As well, this could support the gifting of content where you can effectively give your relative or friend a licensed copy of the content whether you own it or not. This would have to work in a similar manner to how you can use iTunes or Google Play to give someone a copy of a game or other app and the recipient gets alerted to this content that is available for them.

Time-based rental

A question that may crop up with some of us who lived with the video-rental concept is whether the SCSA technology will support the ability to “rent” the titles for a short period like 24 hours, a weekend or even a month. This business model was appreciated as a way to get an evening’s, weekend’s or week’s worth of entertainment in a cost-effective manner and assess whether that movie could be worth collecting.

Here this model would allow you to download the title and view the title within a certain time period, including a requirement to commence viewing within another time period like a month.

A variant of this concept could be a view-based model where the time you rent the movie commences from when you start viewing the actual content or you are charged per complete viewing. It would earn its keep if you are “piling up” on content by having it download overnight then commence watching it over a time period like a vacation break. It would also play well with households whose content-viewing sessions are likely to be interrupted frequently or for a long time. The concept can even allow for “rent now, purchase later” models where you may rent a movie to see how you like it but then choose to buy it if you consider it of enduring value.

A file-based rental model has an advantage over renting that VHS tape or DVD where you can extend the rental period or choose to rent the same title again without dealing with the packaged medium. Similarly, this model could allow one to convert a movie rental to a purchase which can come in handy for titles that one considers “enduring” such as a live concert or a movie that has stood the test of time.

Subscription-driven options

A “download-to-own’ or “time-based rental” business model can be tied in with a content-subscription option where you have content delivered at regular intervals.

Such setups could encompass a business model similar to the book, music and video clubs popular in the USA where you had a random choice of content delivered on a regular basis. This was typically driven by a requirement to purchase the delivered content or other content.

Or it could be based on subscribing to episodic content or a similar collection whereupon the new content is downloaded as it becomes available. An example of this could be to have episodes of a TV show available for download as they become available with the user choosing to “buy” or “rent” the current season or a particular season. Similarly, Disney or Warner Brothers could offer their collection of those unforgettable cartoon “shorts” that during times past constituted Saturday morning TV or the start of a cinema session in varying rental or purchase packages with each “short” being downloaded as they become available.

Such a setup could allow for automatic download as new material becomes available or users instantiate the download themselves from the electronic shopfront or an email-based update.

Simplified content management

Acquisition and downloading

Another question yet to raise is what procedures are necessary to have a title ready to view on a download-based video service. This includes the use of an electronic shopfront for browsing the titles available to buy or rent, completing the transaction and downloading the titles. It also includes the ability to support network-based installation where you could have the titles downloaded to a NAS.

Here, this may be about being able to remotely determine installation or deployment folders on a USB hard disk or NAS from the electronic shopfront application, along with having such applications work across smart TV, mobile, desktop and games-console platforms. The native apps for desktop or mobile platforms can also support “checking out” of user-selected content to mobile devices or removeable media.

The UPnP AV / DLNA specifications could be amended to support transfer of content to network storage devices by allowing shopfront applications hosted on smart TVs or video peripherals to discover where to put the content. This would also require the ability to commence a transfer session between the content service and the NAS independent of the application being constantly run.

There needs to be an ability to handle larger orders like content collections or multiple purchases / rentals so as to download the content in a bandwidth-optimum way. This could involve a download-priority mechanism where some content is sequenced while other content is downloaded concurrently.

I have also raised before the issue of simplifying the process of adding file-based content held on physical media to network storage. This would apply to so-called “disc-to-digital” services where you can have a movie that’s on a DVD or Blu-Ray available as a file as well as content collections delivered via a USB memory key or hard disk.

Exporting content for portable use

Another process that will also surface is where you export content to another format such as a lightweight format for use with portable devices like tablets and smartphones. This would involve converting the video content to a format suitable for these devices then copying it out to the player or storage device.

It would also include synchronising content to an in-vehicle infotainment system so it can be shown to the kids in the back seat of the SUV or minivan through the long road trip.

Yet another issue that has to be sorted with rights holders is the concept of what is your home realm. This would be encompassing secondary properties or properties that you use on a temporary basis like holiday homes or, in some parts of Europe, summer houses as well as your main home and portable devices that the household uses. Once this is sorted out, it could mean that content is available across this logical realm with it being downloaded to NAS units kept at these remote properties.

Conclusion

The entertainment industry has to look at download-based distribution as another way to distribute video content rather than just streaming out the content. This could make electronic sell-through, disc-to-digital and related business models built upon videocassettes, DVDs and Blu-Ray Discs viable for file-based video content.

Ways we can see console gaming improve

Sony PS3 games consoleThe games console that plugs in to the TV needs to be improved to become more socially relevant. Typically these devices are improved beyond doubt using the latest technology and become a multimedia console, but there are certain issues that need to be continually resolved when it comes to playing games which these devices are built for.

Improved targeting beyond the usual users

Making console gaming appeal to people other than teenage and young-adult males

A situation that still occurs with console gaming is that it is focused towards the teenage and young-adult male audience. Here, most of the games available for these consoles are the action-adventure titles and the marketing that goes on is typically focused at this audience.

This is although the multimedia functionality associated with the games consoles such as optical disc / network media playback or access to online media services is being exposed as valuable functions for everyone.

XBox One games console press photo courtesy Microsoft

The XBox One – representative of today’s games consoles

Ways that I would see to improve on this would include giving equal attention and marketing space to game titles that appeal to other audience classes as well as pitching consoles at age groups other than this class. Nintendo are working towards this with the Wii by implementing the Wii Fit peripherals as for the whole family and Sony had a go with issuing music games for the PlayStation 2 which had “across-the-board” appeal. Similarly there have been attempts to use the music and dance games like the Singstar, Rock Band, Guitar Hero and DJ Hero franchises to open up the games consoles beyond the usual audience and diet of games.

There have been remarks that computer gaming does fit in well with the older people more as a way of improving and keeping alive cognitive and problem-solving skills. But this class of user does tend to work with mobile devices, especially tablets as a gaming platform due to the user interface being more intuitive.

Older men do show some interest in the sports titles especially those that reflect their favourite sports but find that these games aren’t intuitive to play. This is more so due to a controller that they may find very confusing to use which I had noticed when a young man hired a cricket game for his PlayStation console and an older man who is interested in cricket, especially Test cricket, tried to play this game on the console but found the user-interface very confusing.

One way to make it intuitive would be to subject some of the games that appeal to the older audience to useability testing involving this class of audience using the consoles and controllers that they are being pitched to.

Similarly, a strong effort to develop and market console-based games titles for young female audiences as well as mature and older audiences could expose the games to these people. This includes having the gaming fraternity encourage situations where older people and younger people play together on these consoles and writing this in to the marketing fabric for the consoles and games titles. It also includes older people and younger people existing in the same online gaming groups or clans during particular games.

Lately there have been efforts to get women involved in the computer-games scene, both in developing these games and playing them. This has caused significant issues with established male figureheads in this scene leading to the GamerGate controversy concerning harassment of women game developers and misogyny in the video-game industry. It shows that the concept of making games appeal to more than just the young mail player is rattling some cages in the console and regular-computer gaming fraternity.

Improved player-help functionality

One way to make games consoles acceptable to more people would be to improve the learning curve required for one to effectively “get the hang” of a particular game. This is especially where the player interacts with the game using a handheld controller while seeing the effects of what they do on the TV screen.

In-play help functionality

One way would be to provide in-game help functionality where a user can press a button on their controller to obtain information on the game’s user interface or how to perform certain procedures. This could be set so that the gameplay can pause or continue as the user seeks help.

It can be simplified through the use of an always-available on-screen “popup” that shows what each controller button / stick does during their play. Newer consoles that exploit a “second-screen” function that is provided by a tablet or smartphone running a special application can use this function as a way of providing user-interface help to novice players.

Controller design that supports local screen or dynamic labelling

Similarly a control device can use a local screen or e-ink-based dynamic-labelling to label controls with terms specific to the game. This could be to indicate functions important for manipulating a batsman or bowler in a cricket game or the driving interface in a racing game.

Player-assist functionality

Another method of providing improved help function would be to provide support for player assist. This is where an advanced player can use their controller to help a novice player in a similar vein to the “dual-controls” practice that is implemented by driving schools where the vehicle used for teaching a learner driver is equipped with an extra set of pedals for use by a driving instructor.

Technical improvements

Bluetooth headsets compliant with standard Bluetooth Profiles

A games console could benefit from the Bluetooth Headset Profile by allowing these headsets to be used for inter-player chatter during an online game. Similarly. the Bluetooth A2DP Profile could come in to its own with a console for directing in-game music and sound effects to a stereo headset for private gameplay.

This may not wash well with games-console manufacturers who work on the loss-leading principle of product sales. Here, they place value on selling the consoles cheaper so that they can recoup the costs on the accessories or games that are licensed for their consoles or on the membership fees associated with their online services.

UPnP AV / DLNA media sources as part of game fabric

Some games can benefit from access to media resources hosted on one’s home network. This can be facilitated through the UPnP AV / DLNA network-media-discovery technology with this functionality written in to the game’s software or calling upon DLNA application-programming interfaces that are part of the console’s operating system.

The obvious examples for this would be a user-selectable music soundtrack for some game types such as “street-racing” or cue-sports (pool / billiards / snooker) games. The classic example would be a pinball or pool game that implements a “virtual jukebox” as a tool for selecting background music in the game. Here, it would mimic the jukebox that is found in a seedy pool hall or pinball parlour and the music that plays sets the scene of that venue. Picture-puzzle casual games can also benefit from UPnP AV / DLNA for finding pictures via the home network.

Continual work on force-feedback for player controls

A criticism that I have heard regarding racing and driving games in the context of younger people learning to drive is that they operate the car they are learning on as if they are driving in a video game. This is where they “throw down” the gear-shift when they change gears rather than slowing gearing out to neutral then to the gear they want for example.

The same complaints may be raised by flying instructors with the way young novice pilots operate the Cessnas they learn on due to the popularity of those flight-simulator games.

This is brought about by driving interfaces used with these games that don’t closely mimic a real car’s controls. For example, changing gears through most driving interfaces doesn’t resemble the typical shifting gate offered by most manual gearboxes nor does it resemble the gear-selector behaviour of the typical automatic transmission. This is brought around due to joysticks that “spring back” to centre rather than staying in a particular position and no force-feedback that resembles the user experience of a gearbox. Similarly, the steering wheels on these interfaces don’t satisfy the “many turns lock-to-lock” that a real vehicle’s steering wheel offers which allows for granular control on the road.

These kind of issues can be augmented as players play games that implement many different cars, especially where players can change car components so as to “soup-up” their competition cars. This kind of play has been exemplified through the earlier games in the “Need For Speed” series where players could load in car profiles that represented real cars, or most of the “street-racing” games that provide the players with a choice of cars to complete their conquests with.

The playing experience for driving and other games can be improved upon by games and hardware vendors working on force-feedback controls in the regular-computer and console gaming arenas. This involves working on systems that provide the appropriate counter-force in flying and racing control systems that mimic mechanical feedback thus working towards “real-world” experience.

This issue can be a way of improving the intuitiveness of these games when their experience is closer to replicating real vehicles and craft thus opening them up to more players across the board.

Conclusion

Although the games consoles are becoming technically better, there still is a lot of unfinished business when it comes to increasing the appeal of games on the mainstream TV-based console setups to more people.

Proper competition leads to the best “bang for the buck”

Article

Fair competition – benefits to society and business | Press Releases | News | Lithuanian Presidency of the Council of the European Union 2013

My Comments

I have seen situations where a lively competitive market has placed commodities in the hands of many in a manner where there is very little thought about whether one can afford it or not.

But how I see a competitive market is where there is increased value for money in the provision of the goods and services. This is where you would buy a good-quality product which offers whatever you need at a modest price.

The best example of where a lively competitive market for services is what has been happening in mainland France over the last 10 years where the fixed-line telecommunications and broadband Internet services are being offered at very reasonable prices. This has been protected by telecommunications authorities and competition authorities assuring access of competing providers to local telecommunications wiring or infrastructure.

Compare this to what his happening in the USA where the value of fixed broadband Internet is decreasing as most markets see only an incumbent telephone provider and one of the large cable-TV providers offer this service. There have been recent activity in the Washington Post about Comcast engaging in price discrimination when it comes to the broadband they offer as well as persistent activity to frustrate the offering of municipal-provided Wi-Fi hotzones in some communities.

As for products, where there are competitive standards which are implemented without vendor tie-in, there is a breeding ground for innovation where manufacturers are free to design interesting products and offer them at cost-effective prices. This makes the concepts that the products embody affordable for most, if not all, personal and business users.

It also allows those of us who want to pay for the best to do so without being shut out from what is commonly available. In the same vein, one can pick and choose, mix and match the right combination of products to suit their exact needs and desires.

What needs to happen is that a certain standard has to be looked for when identifying whether there is real competition in the supply of a product or service and whether this really leads to a situation where people get the most “bang for the buck”.

The trend towards app-based devices

HP OfficeJet 6700 Premium control panel detail

The HP OfficeJet 6700 Premium – an example of a printer’s control panel that is about printing apps

Previously, only “regular” desktop and laptop computers were highly programmable with a huge hive of companies and individuals writing programs for them. These typically ranged from applications like word processors, spreadsheets, databases, graphics editors and the like through to games and entertainment software. Typically the people who used these computers either loaded the software from tapes, disks or other media or simply downloaded them from bulletin-boards, online services or the Internet initially by telephone but through networks like cable TV. Then they ran these programs on the computers to gain the benefit from them.

Now, Apple popularised the idea of downloading programs to their mobile devices using the iTunes App Store. This is although there were online services and Internet Web sites hosting programs for other mobile devices but the practice was considered very difficult. It included loading the programs from the iTunes App Store using the phone’s control surface without the need to use a regular computer to facilitate this procedure.

QR code used in a newspaper to link to its mobile site

A smartphone based on the Android platform

Subsequently companies who manufactured mobile phones and tablet computers implemented this kind of software download and used the platform which these devices were built on as a software-development platform for third-party programmers. This led to the mobile devices i.e. the smartphones, media players and tablet computers gaining that same kind of flexibility as the regular computers.  We have ended up with remarks with “There’s an app for that” for daily tasks because of this situation.

As I mentioned before, the app stores have started to become like the bulletin boards and download services of yore where these services became full of substandard software.

Now we are seeing printers and television sets becoming developed to work on app-driven platforms. This allows these devices to perform more that what they were initially designed to do. For example, the smart-TV platforms are acquiring software front-ends for most of the catch-up TV services.

As we will head towards more devices having online and Internet functionality, we could see more of the app stores surfacing. For people who work on apps or Websites, this could become a situation where front-ends or apps would need to be ported for the different platforms. In some cases, it could end up with games and entertainment software pitched towards the dashboard of a car or towards that “Internet refrigerator” or “online microwave oven”. But on the other hand, this could lead towards increasing the role of these devices in our lifestyle. In this case, functions like device cameras could become part of health and wellness monitoring as what Fujitsu is working on.

Keep the Internet an open and free Internet

Petition Link

Avaaz – ITU: Hands off our Internet!

My Comments

There is currently a desire by various authoritarian states like Russia, China and Saudi Arabia to use the ITU meeting that is taking place at the moment to rewrite the rulebook for international telecommunications and the Internet. This goal is to establish a more restrictive Internet service that allows these states to have greater control of the Internet that their citizenry has access to/

But the Internet as we know it has opened up a lot of paths for people power and innovation. For example, it has facilitated events like the recent Arab Spring uprising where revolution has occurred in states like Yemen and Egypt. This has been facilitated through the Web and the social media providing a low on-ramp to publishing the material that the people need to see to make informed decisions.

Another issue is that an authoritarian state may see itself as a regional economic power and use this to control what information passes through the region. This could include being able to shut down Webhosts based in that region if they host controversial material. Similarly the censorship and surveillance ideals of these states can be dangerous to a company’s economically-sensitive data due to a breeding round for state-sponsored piracy or the ability to establish a business-hostile environment.

Here, this could also lead to the various states not becoming safe locations for one to establish a business presence in that region due to the Internet connection or Web-hosting facility not being available in a reliable and secure manner.

Simiarly, through the use of IP telecommunications services like Viber, Skype and various busines-to-business VoIP platforms, we can be able to have voice and, where applicable, video conversations across the world for pennies’ worth or for free. As well, IP-based broadcasting can provide extra content to people that is beyond the control of governments. 

I have signed this e-petition and stand behind these ideals in order to keep the Internet as a people-driven communications service which breeds innovation and competition.

Computex 2012–a chance to try at making touch-enabled computers mainstream

Article

Acer unveils bevy of Window 8 devices at Computex | Windows 8 – CNET Reviews

My Comments

With the imminent release of Windows 8 and its Metro touch-based user interface, most of the Asian computer manufacturers are trying at making the touch-screen a mainstream item in the consumer-focused computer.

Previously, as Microsoft integrated tablet and touch abilities in to the Windows operating system, either through a special-delivery pack in Windows XP or as part of the build in Windows Vista and 7, manufacturers tried running with some business computer models that had this feature. This appealed to some usage scenarios like kiosks or point-of-sale / point-of-service applications but didn’t progress further.

Now, through the popularity of the Apple iPad and the Android-based tablets, touchscreen computing has been positioned in to the mainstream. A few manufacturers like HP and Sony have started to make the touchscreen a standard feature of some of their “all-in-one” desktop computers in order to capitalise on its popularity. But they wrote up their own touch-enabled shells and applications to exploit this feature and some of these shells didn’t serve a practical or proper purpose. For example, they didn’t work well with “reading” or similar tasks that are touch-intuitive.

Microsoft have capitalised on this factor by building in the Metro touch user interface in to the Windows 8 operating system, thus making it work properly as a touch-centric user interface. Now this year’s Computex trade show, held in Taipei, has become a point where most of the Asian computer manufacturers are releasing more of the touch-enabled computers for this operating system.

For example, Acer have run with two touch-enabled Ultrabooks which can lie flat as well as two “all-in-one” desktops and two Windows-driven tablets. As far as the tablets are concerned, one of them even uses a keyboard dock in a similar vein to the Android-driven ASUS Eee Pad Transformer Prime and Lenova ThinkPad Yoga tablets.

Some of us may be skeptical of the idea of consumer touchscreen computing occurring on anything other than Android or iOS devices but as we see the arrival of touchscreen-enabled all-in-ones or laptops running Windows 8, who knows whether this would come to pass.

In my opinion, the Windows-based touchscreen computers would need to work with online bookstores and newsstands so that users can purchase and download ebooks and other content delivered in “electronic hard-copy” formats. Here, the apps that are used to read these ebooks need to support an intuitive reading experience that the touchscreens do offer.

What small businesses need to be aware of when considering cloud solutions

Article

What smaller businesses should look for in cloud software • The Register

My comments

Businesses, especially small businesses, are being sold the idea of using cloud-based computer setups rather than site-based setups for their computer needs very frequently.

The selling points used for these cloud-based systems include reduced hardware costs to run the system; capital expenditure being deferred to operational expenditure; scalability and flexibility; as well as increased security, resilience and uptime for the computer system. They are being pitched as being more suitable for small businesses due to the business not needing an IT team always on hand.

In some cases, the cloud technology is used as a way of offering the small business some of that “big-business” IT functionality including up-to-date line-of-business computerisation. I had learnt about this through a Skype interview that I had with Matthew Hare when I was talking about the FTTP fibre-optic next-generation broadband setup in Hambledon in the UK. He was referring to the businesses in that area, especially hotels, being tempted to use cloud-based IT solutions to provide the “big-business” services they want to provide.

But there are some caveats that one has to be careful of.

The cloud-based computer setup has a lot of the processing and storage performed on backend computers held at one or more remote datacenters located on the Internet.

Here, you have to make sure that you have a business-grade Internet service if you are relying on cloud technology. This is more so if the cloud-based technology is driving your line-of-business IT needs such as point-of-sale or hotel property management.

This situation happened with a hotel who was experiencing trouble with a half-performing POS/property-management system. I was aware of this with transactions taking exceedingly long times to process and some terminals not performing some business-essential transactions like some food/beverage cash sales completely. What I had found out later was that the communications link was down and certain online components couldn’t work properly. They had the communications equipment fixed the next morning and the system was working normally.

There also has to be some form of fault tolerance where essential parts of the system can be used if the connection or the backend goes down. This factor is important if cloud technology is to drive a transaction-driven line-of-business setup; and it should be feasible to perform the essential transactions in a “data-capture” manner without the need to be online as a continuity measure.

One of the possible indicators for a cloud-based system’s level of fault-tolerance is whether a mobile or tablet-based implementation runs a platform-native app rather than operation that is totally Web-based. The platform-native app, if designed properly, would have the opportunity to capture transaction data to the device’s storage if the device was offline.

The cloud-based setup also has to provide for secure data transfer and you have to raise the issue of what happens if the service provider goes bust or changes hands. Here, you have to protect the proprietary and integrity of your data as well as the continuity of your service.

It is more so if cloud-based services follow the same path as Internet-based services in the late 90s and early 2000s with the dot-com bubble. This is where the bubble would “burst” and companies either collapse or get taken over by other companies; and these kind of situations could easily sort the wheat from the chaff.

Similarly, your needs may change and you may come across another cloud-based or site-based solution provider who suits your newer requirements. This may encompass situations like the establishment of a branch or increased business traffic.

Here, I would make sure that the business data that describes your operation is able to be exported and imported or exchanged to other cloud or on-site software using data formats and conventions that are accepted by the business’s industry type. Then a part of the on-site backup routine should include exporting your data to the industry-standard format so you can handle these changes better.

What to look for when planning cloud services for your business

  • A guaranteed minimum standard of service quality, reliability and security from the cloud service provider
  • A guaranteed level of service availability and throughput from your Internet service provider
  • A level of fault-tolerance that allows for essential business continuity if a cloud-based system fails.
  • The ability for the business owner or manager to troubleshoot or or make good communications equipment that has failed
  • The ability to export and import the data to industry-specific standards to facilitate movement between site-based or cloud-based systems or use as a snapshot backup.

Conclusion

A well-thought-out cloud-based business computing solution that provides a level of resilience can allow a business to save money and, especially, allow a small business to be able to “think big”.

Update: 1 April 2018

Indicator of fault tolerance in a cloud-based transaction system.

Could an expansion module for an Ultrabook be a viable product?

Introduction

Sony VAIO Z Series and docking station

The Sony VAIO Z Series ultraportable with functionality expanded by an add-on module

Previously, I reviewed the Sony VAIO Z Series ultra-thin premium laptop and the review sample cam with an expansion module that linked to this laptop with an LightPeak-(Thunderbolt)-via-USB3 connection. This provided discrete graphics circuitry, an Ethernet connection, video outputs, extra USB sockets as well as a slot-load Blu-Ray reader / DVD-burner optical drive. A cheaper variant of this laptop had the expansion module as an optional accessory rather than in the box.

Well, the age of the Ultrabook is here and some of us may want to have these machines benefit from extra connectivity or functionality at our main work locations yet benefit from a lightweight design when out and about.

Most of us would expand these computers with a myriad of adaptors and modules that plug in to these computers’ USB ports and this could yield a mess when you have many of these peripherals and too few USB ports on the computers.

Docking Stations before

Previously, some manufacturers used to supply docking-stations and port-expanders that integrated with some of their laptop lines usually through a proprietary multipin connector. These typically served one main function i.e. to connect larger desktop peripherals to the laptop but allow the user to quickly remove the laptop when they hit the road.

Data connectivity nowadays

Now the USB 3.0 and Thunderbolt connector can make this concept real for most Ultrabook models when it comes to data transfer; and this can work well with setups that just provide access to an optical drive and / or extra connectors.

These connections allow for high-bandwidth data throughput which can support the requirements of Blu-Ray Discs, high-capacity high-throughput hard disks, Gigabit Ethernet, data for discrete-video GPUs serving high-resolution displays or many more USB 2.0 connectors.

A current problem

Expansion unit as a power supply

But there are issues involved if the expansion module is to be a power supply for the portable computer. Here, most manufacturers ask for different input voltage and current levels for their different notebook computer designs, and they also use different DC plug sizes for some of their products.

This can be easier if the goal is to have the device work with one particular make or model-range of computer. But it can be harder if you expect an expansion module to work across a larger range of products such as a manufacturer’s complete lineup or products made by different manufacturers.

If there is an industry expectation that all Ultrabooks and, perhaps, other ultraportable computers, are to have a particular power-supply requirement for outboard chargers, the power-supply functionality could be answered through the provision of a standard flylead from the expansion device to the host computer.

This could be facilitated through the use of a standard power-supply requirement and connection type for portable computer power-supply connections. It can then allow for power-supply innovation by computer manufacturers and third parties to provide power to these computers from different power sources.

What can be provided

Optical disc

These modules could provide an optical disc drive so one can play or burn CDs / DVDs / Blu-Ray Discs with the Ultrabooks. This could come in handy either with entertainment or with installing software held on these discs. In some cases, people could burn data to these discs due to them being sold for a “dime a dozen”.

Extra connections

Another benefit would be to provide increased connection and expansion abilities for the Ultrabook. This would play well for those users who press a 13” laptop as a computing device at their main location, having it hooked up to a large screen and a keyboard and mouse fit for use with a desktop computer as well as some decent speakers or a nice sound system at their main workstation.

Typically this would manifest in extra USB sockets of the 2.0 or 3.0 variety as well as an Ethernet socket for connecting to a Gigabit Ethernet or HomePlug AV network.

Improved video and audio

An expansion module could help a manufacturer raise an Ultrabook’s multimedia credentials whether it is to enjoy creating or playing audio, video or photo content.

If the manufacturer decided to follow Sony’s example, they could house discrete video circuitry in the expansion unit in order to provide for enhanced multimedia-grade graphics. These could service the laptop’s integrated display or a display connected to video terminals on the expansion unit. In some cases, the expansion module could be a display in the order of 21” or more working as a second screen.

Similarly the sound quality available from an Ultrabook could be improved through the use of discrete sound-processing modules like the Creative Labs modules. This could open up paths like analogue RCA inputs and outputs or SP/DIF digital connections (Toslink optical or RCA coaxial) to connect to good-quality sound systems. As well there could be the use of one or more 1/4” jacks that can be used to connect good microphones or musical instruments to this module for recording.

In some cases, this could extend to the integration of broadcast tuners in to these modules to permit an Ultrabook to receive radio or TV broadcasts.

Providing to the market

Manufacturers should be encouraged to provide more than one different expansion module so that customers can choose the right unit to suit their needs and budget rather than just their computer. As well, they can make sure that these units can cover a larger range of their small notebooks. It can also allow for customers to upgrade their notebooks to suit different needs as well as purchasing different expansion modules for different needs at a later date.

Conclusion

Yes, an expansion module for the new class of Ultrabooks can be a viable computer-accessory product and, once worked out properly, could serve a large range of these computers.