Twitter Says Change Your Password

Twitter has advised all users to change their passwords after a bug caused the passwords to be stored in easily readable, plain text on an internal computer log.

The Bug – Passwords Visible Before ‘Hashing’

Twitter reported on their own blog that the bug that stored passwords had been ‘unmasked’ in an internal log. The bug is reported to have written the passwords into that internal log before Twitter’s hashing process had been completed.

The hashing process disguises Twitter passwords, making them very difficult to read. Hashing uses the ‘bcrypt’ function which replaces actual passwords with a random set of numbers and letters. It is this set of replaced characters that should be stored in Twitter’s system, as these allow the systems to validate account credentials without revealing customer password.

Millions Affected?

The fact that the passwords were revealed on an internal server, albeit for what is estimated to be for several months, and that there appears to be no evidence of anyone outside the company seeing the passwords, and no evidence of a theft or passwords turning up for sale on hacker site, indicates that it is unlikely that many of the 330 million Twitter users have anything real to fear from the breach.

Big Breaches

In this case, Twitter appears to have behaved responsibly and acted quickly by reporting the bug to regulators, fixing the bug, and quickly and publicly advising all customers to change their passwords.

Twitter’s behaviour appears to be in stark contrast to the way other companies have handled big breaches. For example, back in November 2017 Uber was reported to have concealed a massive data breach from a hack involving the data of 57 million customers and drivers, and then paid the hackers $100,000 to delete the data and to keep quiet about it.

Breaches can happen for all kinds of reasons, and while Twitter’s breach was very much caused and fixed by Twitter internally, others have been less lucky. For example, an outsourcing provider of the Red Cross Blood Service in Australia accidentally published the Service’s entire database to a public web server, thereby resulting in Australia’s largest ever data breach.

What Does This Mean For Your Business?

If you have a Twitter account, personal or business, the advice from Twitter is quite simply to change your password, and change it on any other service where you may have used the same password. Twitter is also advising customers to make the new password a strong one that isn’t reused on other websites, and to enable two-factor authentication. You may also want to use a password manager to make sure you’re using strong, unique passwords everywhere.

In this case, Twitter has acted quickly, appropriately and transparently, thereby minimising risks to customers and risks to its own brand reputation. Twitter will want this message of responsibility to be received loud and clear, particularly at a time where GDPR (and its hefty fines) is just around the corner, and a time when other competing social networks i.e. Facebook have damaged customer trust by acting less responsibly with their data through the Cambridge Analytica scandal.

WhatsApp Raises Age To 16 For GDPR

Facebook’s WhatsApp messaging service is raising its minimum age in Europe to 16 to comply with GDPR which comes into force on May 25th.

Was 13

Up until now, the minimum age has been 13, and that minimum age will remain for the rest of the world, in line with its Facebook parent company. WhatsApp, founded in 2009, has an estimated 1.5 billion users.

Just Asking

Users will be asked to confirm their minimum age by the new WhatsApp Ireland Ltd in the next few weeks, when they will be prompted to agree to new terms of service and a privacy policy. Some critics have pointed out that even though users will be asked if they are 16 or over, it is unclear from the information that the service holds about users how their age can be accurately checked and verified and, therefore, how the new rule can be enforced.

Based on US Law Until Now

The age 13 limit up until now has been based upon the US law “Children’s Online Privacy Protection Rule” (Coppa), which bans online services from collecting personal information about younger children. This is why the usage of many other popular social media apps e.g. Snapchat, YouTube, Instagram, Pinterest, Twitter, Musical.ly and Reddit are restricted to persons aged 13 and over.

WhatsApp’s parent company Facebook faced criticism after announcing last December that it would be targeting younger children with its ‘Messenger Kids’ service. At the time, Facebook’s primary (stated) motive for the new junior version of its platform was to provide a safer, more age-appropriate version, but some tech and business commentators suggested that it may also be an ideal way for Facebook to recruit its next generation of users, and to capture the attention of 6 to 12-year-olds before Snapchat or a similar social network competitor.

Collecting and Sharing Information

The recent Facebook and Cambridge Analytica scandal has brought the matter of collecting and sharing of our personal data into sharp focus. WhatsApp, however, has said that the new changes do not mean that it will be asking for any new rights to collect personal information in the agreement it has created for the European Union. WhatsApp says that the goal of the change is simply to explain how they use and protect the limited information they have about users.

As well as the age restriction change, WhatsApp is also, therefore, rolling out a feature with the latest version of the app that allows users to download a report detailing the data that WhatsApp holds on them e.g. the make and model of the device they used, their contacts, their groups and any blocked numbers.

Facebook Nominate

Facebook is also updating its data policy to comely with GDPR which involves asking 13 and 15-year-old users to nominate a parent or guardian to give permission for them to share information on the platform. If they won’t / cannot do so, the young users will not be able to see a fully personalized version of the social media platform.

Also, Facebook’s Instagram is launching a data download tool to provide users with a file containing the photos, comments, archived stories, contacts and any other personal data that they’ve posted to the service in the past.

Twitter Too

Twitter Inc is also changing its privacy policy so that users can view information they share with the micro-blogging service and show how it’s being used, ahead of the introduction of GDPR. Twitter has said that the changes are to make the privacy policy visually clear and easy to use, and to clarify legalistic or technical language.

What Does This Mean For Your Business?

This story is another clear reminder that the introduction of GDPR is just around the corner as the tech giants, who have more to lose in fines, potential lost customer numbers, and serious reputational damage, make the necessary legal moves to ensure compliance. For Facebook especially, they have faced some very high profile bad publicity this year over their handling and sharing of personal data, so getting their GDPR compliance house in order may be a way to help avoid any further problems.

There is also a very serious ethical element to this story. It is estimated that Facebook has 20 million under-13-year-olds currently using the network, and there may also be a very large number of children using WhatsApp. Parents may understandably have serious concerns about what content children can have access to and, equally importantly, who can have access to children via social networks. Unsuitable material, commercialisation, bullying (or predatory behaviour by some adults) are just some of the issues to consider.

As well as these concerns, governments (such as the UK) are looking to stop end-to-end encryption in WhatsApp, GDPR is just around the corner, Facebook is now facing more tough questions about its Cambridge Analytica links, Martin Lewis (OBE) is taking Facebook to court for defamation and calling for Facebook to take responsibility for its actions … the pressure is now seriously on big social media platforms to make some changes, particularly where EU users are concerned.

New Google ‘Chat’ SMS Message Replacement Rollout Begins

Google has begun the rollout of ‘Chat’, the messaging service that, it is hoped, will replace SMS text messages on Android phones, and bring it into the same ballpark as WhatsApp and Apple’s iMessage.

What’s The Problem?

The SMS messaging system for Android phones has suffered over many years from being simply a succession of poorly supported, different apps all using the same basic the short message service (SMS) from the1990s to send text messages over a mobile network. The result has been that none have been particularly popular among android users, who have been envious of the simplicity and ease other messaging services e.g. iPhone that have better features and send messages over the internet instead of using SMS.

New System, New Features

The solution to the problem for Google has been to take many years to develop a whole new messaging system that is based on a standard called the “Universal Profile for Rich Communication Services” (instead of simply making another app), which allows Android users to send messages and image files over a data network.

The new ‘Chat’ service offers many more features such as group texts, videos, typing indicators and read receipts. Since RCS is a communications standard, it will be up to mobile operators to enable the service, but Android will still have SMS to fall back on anyway.

Carrier-Based Service

Chat is a carrier/network-based service (i.e. not a Google-based service), so one of the key ways that Google has gone about making sure that Chat will work is to try to convince as many carriers as possible to take the new standard, and make the Chat services interoperable between carriers.

If you text someone who doesn’t have Chat enabled, or who is not an Android user, your messages will revert back to SMS, in the same way that an iMessage does.

It is thought that Google has done enough work with 50+ carriers to ensure that most of them will enable the use of the Chat service this year, which is handy since the global rollout by Google is already underway.

Au Revoir ‘Allo’

Another indicator of Google’s commitment to getting Chat ‘out there’ is the pausing of its work on its ‘Allo’ messaging service.

Data Plan Instead of SMS

Since Chat messages will be sent over the data network i.e. sent with your data plan instead of your SMS plan, it is expected that charges for messages could be less, although this will be up to the networks.

Security Flaw

One flaw in the Chat service could be the fact that messages are not encrypted, and could, therefore, be a security risk if intercepted.

What Does This Mean For Your Business?

Business and individual users of Android will be pleased to hear that at last there may be a messaging service that is built-in, allows plenty of modern functionality, and is up there with competing services e.g. WhatsApp and iMessage.

Hopefully, the main networks will support the service as soon as possible, and with messages being sent over the data network the hope is also that costs for the service could be kept at a very reasonable level (depending on the network).

The one question mark for many users may, however, be the lack of encryption of the messages, especially at a time when data security is at the forefront of their mind with the introduction of GDPR next month.

Tech Tip – Send Different File Types With WhatsApp

These days, many of us use the WhatsApp messaging service as part of our business communications. Thanks to functionality introduced last year, you can now send multiple file types e.g. APK’s, Zip and RAR files using WhatsApp. Here’s how:

– Open your WhatsApp chat thread and tap the Attachment icon.
– Tap on Document from the list of the options.
– Select your file and send it.
– This sends the file in its original size, thereby keeping the quality.
– If you select Gallery in the WhatsApp attachment option, it compresses the size of media (but this can adversely affect its quality).

Tech Tip – Emails: ‘Undo Send’ … !

If you use a Gmail account, and if you’ve ever sent an email and then experienced the terror of immediately wishing that you hadn’t, you could find the ‘Undo Send’ feature very useful.

The Undo feature allows you to set a buffer / cancellation time period between the time that you hit the send button to when the email is actually sent, during which time you can decide instruct Gmail not to cancel the email. Here’s how it works:

– On your computer, open Gmail.
– In the top right, click Settings.
– In the “Undo Send” section, check the box next to “Enable Undo Send.”
– In the “Send cancellation period” section, set the amount of time you want to decide if you want to unsend an email.

Tech Tip – Identify Objects In Your Phone Photos With Google Lens

If you’d like a handy way to search your photos and identify important buildings / landmarks, places, names, Wi-Fi passwords and other valuable contextual information depicted in them, Google Lens may be for you.

For example, take a photo of a router’s password sticker and you’ll automatically connect to that network, take a picture of an unknown plant and automatically identify it in Google search results, or take photograph of foreign text for a translation.

This photo scanning smart camera feature for all Android and iOS users works through the official Google Photos app. Here’s how:

– Get the app – Android users are likely to already have this app on their devices, and iOS users can download it from the App Store.

– Make sure that ‘English’ is set as the local language on your phone.

– Open the app and select any photo to view.

– Look for the Google Lens button shown, tap it, and tap ‘Get Started’.

– You will be shown a brief animation on your photo that indicates it’s being scanned.

– After the scan, you will see information Google Lens found for your image.

Half Of Households Have Broadband Problems

A survey by consumer watchdog ‘Which?’ has revealed that more than half of UK customers across 12 providers, are having problems with their broadband service or price.

Which Providers?

The survey looked at the experiences of 1,900 customers of providers that collectively serve about 90% of UK broadband customers. These providers include BT, Sky, TalkTalk, Virgin Media and Zen Internet.

Price A Big Issue

The company that most respondents (47%) felt most dissatisfied with was Virgin Media. The key complaint with their service appeared to be last year’s price increases. As well as price, Virgin Media customers were also found by the survey to be the most likely to face router issues, and to be left with no internet at all for hours or even days at a time.

30% of respondents also complained about price rises by BT.

SSE – Connection Dropouts

The survey found that broadband provider SSE was the worst offender (25% of its customers) when it comes to the frustration of connection dropouts.

Automatic Compensation Now Available

Although we as customers can essentially do nothing at the time when our broadband goes wrong, or to protect ourselves from price increases (apart from switching providers), one thing that could help us to feel a little better after the event is to receive at least some compensation.

Back in November 2017, the good news was an Ofcom announcement that broadband and landline customers would automatically be able to get money back from their providers when things go wrong, without having to make a claim for it. It was predicted at the time that, under these new rules, the amounts paid in compensation to customers could be nine times higher, and customers could receive an estimated £142 million in payouts.

The bad news was, however, that automatic compensation won’t be available until early 2019.

What Does This Mean For Your Business?

Ofcom research shows that nine in ten adults report going online every day and three-quarters of internet users say it is important to their daily lives. Broadband is now an essential service for business, and many business owners may feel that it doesn’t take a survey for them to know that broadband services in the UK can sometimes be patchy, and often expensive.

Some commentators argue that instead of offering automatic compensation, customers would be better served if broadband providers invested more in making sure that their service was more reliable and offered greater value for money in the first place.

Nevertheless, since current levels of compensation are low, and don’t come close to reflecting the harm caused, when automatic compensation becomes available it will at least be some improvement, particularly for small businesses.
At the moment, better broadband services, particularly for businesses in rural locations, still seem a long way off as the reality is that the UK ranks only 31st in the world for average broadband speeds, and we may only actually have 7% full fibre coverage by 2020.

UK Economy Could See £26bn From Rural Digital Investment

A study has revealed that greater investment in digital technologies and connectivity in rural parts of the UK could add between £12bn and £26.4bn annually to the British economy.

Digital Strategy and Investment Needed

The study, which was commissioned by Amazon and conducted by think tanks Rural England and Scotland’s Rural College (SRUC), showed that the rural economy is already worth £299bn in gross value add (GVA) to the national economy.

The report argues that a government-led digital rural strategy coupled with investment could unlock the potential of businesses in rural areas, and could increase business turnover by £15bn.

Concerns & Challenges

The report found that business owners in rural communities have many of the same concerns as larger businesses in more built-up areas. For example, four in five rural business owners saw digital tools and services as being important to their growth potential, and better access to cloud computing as being the biggest driver for their future growth.

Other perceived growth catalysts in the reports were by 5G mobile networks (54%), the IoT (47%), and machine learning and artificial intelligence (AI) (26%). Export businesses in the retail, tourism, and hospitality industries also identified e-commerce tools as being potential growth drivers.

The main perceived challenges to growth in rural businesses were identified in the report as being access to broadband and other forms of connectivity, and skills shortages (52%) e.g. recruiting people with appropriate skills, or retraining existing workers.

Recommendations

Amazon, who commissioned the report, has offered its own recommendations for public and private sector businesses, based on the results. These include:

  • The establishment of Digital Enterprise Hubs in rural towns to help (small) businesses with connectivity, workspace and training, and collaboration between employees and education / training or re-training providers.
  • The setting up of a single information portal to streamline digital support services.
  • The setting up of a single information portal and local directories to give guidance to businesses on digital resources.
  • Encouraging local, rural businesses that are already lucky enough to have and use superfast broadband services to encourage their peers to do the same.
  • Prioritising investment in connectivity and digital tools for rural businesses.
  • Making support for digital growth a key objective in future rural business support programmes.
  • The government encouraging large technology-driven firms to implement policies focused on digital adoption in rural areas that provide support for smaller businesses.

What Does This Mean For Your Business?

If you run a business in a rural area, you are likely to recognise the challenges outlined in the report and to welcome many of the ‘quick win’ recommendations that Amazon has made, plus the fact that this report has put rural digital business challenges back in the media spotlight.

Given a high priority, and the right level of government support and investment, there is no doubt that early-adopter rural businesses could be big contributors to the UK economy, and could compete with global competitors.

Many commentators, however, see this vision as still being some way off, partly because of the time that it will take to get high-speed broadband connectivity to all rural areas, let alone towns in the UK. For example, despite full fibre broadband pilots already being operated as part of the UK’s National Productivity Investment Fund, the reality is that the UK may still only actually have 7% full fibre coverage by 2020.

Location Based Marketing … Creepy?

MoviePass CEO, Mitch Lowe, has caused controversy by telling the Hollywood audience at the Entertainment Finance Forum that his MoviePass app can track and gather information about users before and after their trip to the movies.

What Is MoviePass?

MoviePass, based in New York, offers a service whereby, for a flat monthly fee ($9.95 per month), users can go and watch unlimited number of movies in cinemas, with some restrictions. It could be described as a kind of Netflix for moviegoers.

Location Tracking

According to the MoviePass CEO, the company’s app has location-tracking built-in. What some commentators have described as ‘creepy’ though is that the app can track your movements long before and after you’ve been to watch a movie.

Why?

What MoviePass prefers to call ‘location-based marketing’ is reportedly being used to improve the customer’s experience of the service and create more opportunities for subscribers to enjoy all the various elements of what the company thinks make up a good movie night. The company says that by tracking customers and gathering data along the way, it can “create a full-featured movie-going experience”.

How?

The big idea is that subscribers may want refreshments before or after the movie, and may have to travel some distance to the cinema. By knowing a subscriber’s location and route, MoviePass can then, via the phone app, give the subscriber details like discounts on transportation, finding places to park nearby, coupons for nearby restaurants, and other similar opportunities.

What Kind Of Data Is Gathered?

According to online reporting of CEO Lowe’s speech, as well as your location, the MoviePass app is also capable of gathering “an enormous amount of information,” which includes your address, which Mr. Lowe says can be used for demographic information.

Criticism

What MoviePass may see as a kind of personalised, helpful marketing idea, critics appear to see as a potentially dangerous invasion of privacy that could have security consequences for MoviePass subscribers.

What Does This Mean For Your Business?

Using new technology to improve marketing and customer experiences is all very well, but the point here is that customers need to be informed exactly what happens to their data, what is collected by the app, how it’s stored and for how long. This will enable them to make an informed choice, give consent, or decline. In a time when cyber-crime and data mismanagement and theft appear to be rife, customers value their privacy and data security more than ever. Companies need to be transparent about their intentions and methods, and need to be able to show customers that they can be trusted with their valuable personal data.

Also, in this case, it appeared to come as a shock about the capabilities of the app, and to some commentators, it may have appeared to be an inappropriate way and style to reveal what the app is capable of. This is likely to prompt complaints from some customers, and could harm the reputation of MoviePass.

If you are worried about the security implications of apps of this kind, for example, you could try to limit location data collection by going into your phone’s app settings. One other, obvious way to avoid any problems with the app would be to avoid MoviePass for now.

The introduction of GDPR in May this year is also likely to have implications for how MoviePass deals with the data of any EU citizen subscribers, as the company will need to comply with the new Regulation.

Amazon’s $1 Billion ‘Smart Doorbell’ Purchase

Amazon has paid $1 billion for ‘Ring’, a smart doorbell company, so that it can improve how it delivers parcels, and compete with Google and Apple in expanding the opportunities for their digital assistants and app ecosystems.

What Is Ring?

Ring, run by CEO Jamie Siminoff, is a US company that primarily manufactures ‘smart doorbells’. These doorbells work by recording live videos of customers’ doorsteps, then sending the videos to their smartphones.

Filming Couriers

There are obvious security benefits for customers from an innovative IoT product of this kind. In this case however, there is also a big benefit for Amazon in helping its customers trust its new service which allows couriers open people’s front doors and put deliveries inside. The new service, which was first announced in October last year, requires a leap of faith from customers, as they have to trust couriers to enter their premises unaccompanied to deliver parcels (while being filmed).

In the original plans for the service, smart locks and Cloud Cam cameras were to be used to monitor couriers who would scan a package barcode outside the door, and once the delivery has been verified online, the camera would record the delivery person unlock the door (using an app) and making the delivery. The purchase of ‘Ring’ enables Amazon to acquire the system to operate this service effectively in the marketplace very soon.

Part Of A Bigger Battle

The purchase of Ring for $1 billion is further serious evidence of Amazon competing with multiple rivals for all aspects of our homes, and invariably, our business premises.

For example, back in September 2017, Nest (owned by Alphabet / Google) released an internet-connected intruder alarm, a video-streaming doorbell, and a door lock system that was developed in collaboration with Yale. Nest has also just announced that it will be incorporating Google Assistant into its products so that they will work with Google Home.

It is, therefore, not just the lure of the lucrative and growing smart home security market that Amazon has been interested in, but also the competition among the big players – Google, Apple and Amazon – to link up their digital assistants with many different smart home devices e.g. to control the lighting, heating, and now the security.

What Does This Mean For Your Business?

Many businesses receive frequent parcel deliveries during the day, and this type of service may, therefore, be a useful one (particularly for smaller businesses), and could minimise disruption and help efficiency. Amazon has the parcel delivery network, the services e.g. Amazon Business (its online trade counter), and now its point of delivery security system.

This product is an example of how multiple technologies have linked together to provide another new business opportunity in a new and growing market. Some critics have, however, pointed out that this service requires some serious faith and trust from customers, and that it would only take a few incidents to kill that trust and to force the expensive idea onto the back burner. There is still, of course, the broader, general problem of IoT security, which has not been fully addressed in many other products, and could still prove to be the Achilles Heel in this one.

This story is also an example of how Amazon is expanding and diversifying into many different aspects of our home and business lives e.g. parcel delivery, groceries, and now smart security. The story is also an example of how the big home digital assistant manufacturers are now locked in competition to expand the number of products and services that link up to their devices e.g. Amazon Echo, and this market could provide many business opportunities for many other tech companies and manufacturers in the along the way.