IT daily news: tháng 3 2017

Thứ Sáu, 31 tháng 3, 2017

GE aims to replicate Digital Twin success with security-focused Digital Ghost

In this Q&A with GE's Colin Parris, the company outlines how it wants to use monitoring physical conditions as a part of defending equipment from cyberattacks.

General Electric is planning to launch products based on what it calls a Digital Ghost, a combination of its digital twin efforts and industrial control technologies, to thwart cyberattacks.

This effort, which is likely to be commercialized in the next year, aims to us physics to thwart attacks. Industrial machines would be able to sense anomalies that would trigger an autoimmune response to attacks.

GE's plans could have broad implications for the smart grid as well as smart cities. GE has already used its Digital Twin technology, which are models that replicate usage and wear on physical engines and turbines, to make its maintenance services more efficient.

We caught up to talk shop with Colin Parris, vice president of software research for GE Global Research. Here are the key takeaways.

What's a Digital Ghost? Parris explained how the Digital Ghost effort aims to complement GE's Digital Twin. Essentially, a Digital Ghost is a virtual version of the control systems found in industrial technology. Should there be an attack, the sensors in the turbine--or other engine--would note the anomaly for further investigation. "We're using physics to detect what's going on," said Parris. "We know what the normal state is for the machine." For instance, if a cyberattacker were to spoof a sensor it may be obvious if one sensor says it's 20 degrees and another says it's 200.

Why control systems? Parris said that control systems all have chips and every pin in the processor is tied to the operations of a systems. Power, signature and physical changes are all part of the equations. By using control systems, a company would be able to better protect infrastructure. "You can segment the problem and keep the machine running by isolating the anomaly," said Parris.

Commercialization. Parris said that GE's Digital Ghost effort is now a prototype that is being put through the paces. Engineers will have to look at the data and test the approach in the field. "We're doing pilots now and testing gas and steam turbines," he said.

Industries. Parris said the Digital Ghost approach can be used for smart grids and cities. Any infrastructure that has a built-in control system could benefit from Digital Ghost tools. The first effort will revolve around legacy systems.

Digital Twins. Parris said GE has deployed about 600,000 twins so far and the approach to living digital models has made servicing equipment much more efficient. "If you have the exact digital model, you have all the data and information about the environment. This data can give an early warning for problems so you can bring equipment out of service and plan ahead," he said. For maintenance services, the Digital Twin approach has enabled it to repair damage with lower costs and less customer disruption. Digital Twins also account for unique conditions such as an airline that flies its engines in high heat and dust.

The data economy. Parris expects that Digital Twins and the data that comes with them will influence more industries. For instance, an airline with less failure and more of a heads up about maintenance may pay less in insurance. Financial services firms may be more willing to finance aircraft and utilities.

Historical data. GE's service contracts require the customer to share data. This historical data can be valuable to GE's machine learning, but there's a catch. "If you don't use data right away you're not sure what you have," said Parris. He noted that companies typically stored data without worrying about cleansing and format issues. "You find out that historical data may not be that accurate or that you didn't collect the right data before," he said. One example would be Chinese airlines that used to fly long-haul flights, but now have hubs and shorter flights. "Some of that data you can't use," he said.

Domain knowledge. If companies are going to utilize a digital twin to model physical infrastructure, understanding the industry is critical. Domain knowledge can lead experts to collecting the right data for a task and make sense of usage patterns over time. Not surprisingly, GE has focused its Digital Twin efforts on aviation, power, renewables, oil and gas, medical and utilities.

Expansion. Nevertheless, Parris said GE will expand use of its Digital Twin tools. Everything from toilets to elevators to buildings can be managed better with the right data and models. GE's field of play is anything with rotating machinery involved. GE could tackle mining, smart cities, shipping and other industries. "The big trick will be finding the right data," said Parris.

Also: GE-backed Carbon launches 3D printing system SpeedCell

GE, AT&T ink smart city deal around Current's CityIQ sensors
GE, Nokia, Qualcomm bet private LTE networks will play a role in IoT deployments
GE Transportation CEO Jamie Miller: Digital transformation requires a human touch
GE Power aims to connect its platform with energy trading player PowerCosts
GE Power lands Exelon as Predix customer, co-innovation partner

This is the dishwasher with an unsecured web server we deserve

Why wouldn't you want to have your restaurant's dishwasher hooked onto the internet at large?

In 2017, previous prognostications of Refrigergeddon -- where the internet of vulnerable things begins to turn malicious -- may have landed on the wrong whitegood, with manufacturer Miele showing how Washergeddon could start.

Over the weekend, CVE-2017-7240 appeared from Jens Regel of Schneider & Wulf, who said he found a directory traversal vulnerability on a Miele Professional PG 8528 appliance.

"The corresponding embeded webserver 'PST10 WebServer' typically listens to port 80 and is prone to a directory traversal attack, therefore an unauthenticated attacker may be able to exploit this issue to access sensitive information to aide in subsequent attacks," Regel said.

According to Regel, he was able to request the embedded system's shadow file -- and by extension any file on the filesystem -- and after making contact with Miele, did not hear back from them for over three months.

"We are not aware of an actual fix," Regel wrote.

On the Miele page for the product in question, it describes how an ethernet connection is used to retrieve text reports from the machine.

"The ethernet interface is the universal solution for data exchange," it states. "In comparison with other interfaces the user is offered a particularly high level of functionality."

Each washer comes with a 5m cable to allow the device to have connectivity, with the product's user manual offering these reassuring words: "Only Miele Technical Service may connect the cable to another interface".

The security situation of IoT is unlikely to improve anytime soon, with Mikko Hyppönen, chief research officer at F-Secure, saying last week manufacturers will continue putting cheap hardware into their devices to collect data.

"The price of turning a dumb device into a smart device will be 10 cents," Hyppönen said.

"It's going to be so cheap that vendors will put the chip in any device, even if the benefits are only very small. But those benefits won't be benefits to you, the consumer -- they'll be benefits for the manufacturers because they want to collect analytics."

"The IoT devices of the future won't go online to benefit you -- you won't even know that it's an IoT device."

Whenever the Washergeddon cycle begins, one thing is clear, it is not going to be pretty.

Yuneec Typhoon 4K: High-end drone for beginners and pros alike

Along with Galaxy S8, Samsung lifts lid on Google Wifi rival that runs your IoT security

Samsung doesn't just have a new Galaxy S8 to show off, but the new Connect Home Wi-Fi router that crams in a SmartThings hub.

The Samsung Connect Home router and app aim to make it easier for people to manage their connected things.
Image: Joshua Goldman/CNET

Samsung's new Connect Home will offer a rival to Google Wifi or the Eero mesh router, but also features Samsung's SmartThings hub to manage IoT devices in the home.

The Korean giant is pitching the product as a convenient answer to the many things that can go wrong with the security of IoT devices.

Samsung acquired SmartThings in 2014 and has sold the product to help people coordinate and manage their connected devices. With Samsung Connect Home, consumers will get the SmartThings Hub as built-in features.

ZDNet sister site CNET reports that the Samsung Connect Home hardware itself includes a package of up to three small wireless routers, with one connecting to the broadband modem and the other units acting to boost Wi-Fi coverage in the home.

According to Samsung's fact sheet, Samsung Connect will help people simplify control and management of their connected things. A new Samsung Connect smartphone app features a dashboard that displays the status of different connected devices and allows settings to be changed from the screen.

Samsung Connect can discover SmartThings IoT devices and works with Samsung's Smart TVs, providing alerts to a TV or phone for "enhanced security and connectivity". It will work with a range of Samsung household products, including cameras and larger appliances.

The hardware uses the Zigbee and Z-Wave wireless protocols, as well as Bluetooth 4.1, and is compatible with third-party products such as the Philips Hue lights, Netgear Arlo, and Ring Video Doorbell.

Users can also create custom modes, such as a morning or movie mode that would adjust lights, music and speakers for those occasions.

The Samsung Connect app is for now pre-loaded on the new Galaxy S8 and S8+, and will eventually be available on Google's Play Store as well as Apple's App Store.

Samsung will be releasing a standard Connect Home and Connect Home Pro with better specs, but only available as a single unit. The standard unit will deliver 866Mbps on the 5GHz band, while the Pro will give 1.7Gbps on 5GHz. Both offer a 1,500 square foot range on a single device, so a pack of three will cover 4,500 square feet.

Samsung hasn't revealed pricing or availability though the product is likely to hit store shelves by the second half of 2017, according to CNET.

VIDEO: Smart router: Manage all your Samsung home appliances with one app

Nokia to smartphone owners: Malware infections are far higher than you think

Nokia warns that mobile malware infections grew dramatically in the second half of 2016.

Overall, the monthly smartphone infection rate averaged 0.90 percent, an 83 percent increase over the first half of 2016.
Image: Nokia

Nokia no longer makes mobile devices but it's carving out a new business in mobile and Internet of Things security. Now new research from the unit is reporting a 83 percent rise in monthly smartphone infections in the second half of 2016.

Two years ago Verizon challenged assumptions about the spread of mobile malware, reporting that just 0.03 percent of smartphones on its network were infected with 'higher-grade' malware. It was much lower than the 0.68 percent infection rate estimated in Kindsight Security Labs' biannual report.

But a new report from Nokia, based on data from mobile networks that have deployed its NetGuard Endpoint Security, suggests infections are actually far higher.

According to Nokia, the monthly rate of infections in mobile networks peaked at 1.35 percent in October, and averaged 1.08 percent in the second half of 2016. The average infection rate in the first half was 0.66 percent, translating to a 63 percent rise between the periods.

It also measured monthly infections on smartphones and says the average rate was 0.9 percent in the second half, up 83 percent from 0.49 percent in the first half.

Over the entire year, it says smartphone infections rose a whopping 400 percent.

Nokia's data included around 100 million devices across Europe, North America, Asia Pacific and the Middle East. It says that 81 percent of infections were on Android devices, 15 percent on Windows devices, and four percent on iPhones and other mobile devices. It notes that Windows share of infections it counted shrank from 22 percent in the first half of 2016.

Although Nokia's report doesn't exclusively deal with Android, it offers a contrast to Google's assessment of malware infections in its Android Security 2016 Year in Review report, released earlier this month.

Google reported Android device infections at 0.64 percent in the first quarter of 2016 growing to 0.77 percent in the second quarter, and then moving to 0.67 percent and 0.71 percent in the third and fourth quarters, respectively.

Google's measure is based on the frequency it finds PHAs or potentially harmful applications during a "routine full-device scan" with its Verify Apps Android anti-malware service.

Google said since 2014 infections on Android have been less than one percent. It also noted that users were 10 times more likely to download malware from outside Google Play than inside its store in 2016.

While Nokia reports that infections on mobile networks are increasing, infections on fixed-line residential networks have been falling since the beginning of 2015, despite a bump in early 2016 due to a surge in adware.

Samsung opts for smarter smart TV experience

Samsung has powered-up its Smart TV experience with a 'One Remote' control and an upgraded voice recognition feature that will allow consumers to use smart features more smartly, says its development team.

Making TVs "smart" is one thing, but being able to use them smartly and to their full potential is another.

Smart TVs have come a long way since Samsung first introduced theirs as a "connected-TV" back in 2009. In 2011, Samsung was the first to use the term "Smart TV" that converged the computer and its integrated internet, a conventional TV, and set-top boxes.

TVs remain the primary gateway for easy content consumption in the home, despite the fact that it no longer holds a monopoly thanks to the compatibility of PCs, tablets, and smartphones for viewing content. Gimmicky features and other functions that overlapped with other screened devices introduced in earlier launches have disappeared, and TV remains the best device to watch content.

However, thanks to internet access and the variety and availability of content, smart TV menus have become more complicated. The biggest hurdle in using smart TV smartly has become menus that are easier to navigate.

To tackle this, Samsung introduced the One Remote last year as a cure-it-all remedy. For the 2017 version, it has made the remote simpler with one home button that controls all functions, an accompanying TV User Interface (UI), and a power-upped voice command that the company says will allow consumers to use their smart TVs to their full potential.

One remote to rule them all and one-screen UI

With the introduction of the One Remote control, Smart Hub 2.0's UI has been altered to match the simple up, down, left, right menu interface.

"It took two years of negotiations with content providers to get agreements on the concept we had in mind," said Minsup Kim, product manager for QLED TV and the One Remote control of Samsung's Visual Display (VD) division, in an interview at Samsung's headquarters in Suwon, south of Seoul. "For example, content providers can request how their logos are exposed on screen with other logos."

"On the technological side, as set-top vendors have their own protocol, understanding them [is] always a challenge. We leverage our worldwide network to negotiate with content providers and at the same time worked without regional offices to collect information from local set-top vendors," said Kim.

The concept of the One Remote and a matching UI that shows all content began back in 2011. It materialized in mid-2015, before the launch of the first version of the universal remote in 2016. "One home button that can gather all those icons in one screen with seamless control, as a service, we believe is a huge step forward. A big hurdle for consumers [is] to navigate bulletin or app-style menus; I think having overcome that is an innovation in terms of service."

Jiyoung Song, who developed the Smart View that allows smartphones to control Smart Hub 2.0, said that there was a lot of back-end work that took them long to complete. Smart Hub 2.0 now reads the set-top connected to its HDMI 1, 2, 3, and 4 immediately when hooked and processes it to show accessible content on-screen.

"We can confidently say we cover over 90 percent of existing set-up boxes. We can deploy those contents on a worldwide scale," he said.

The One Remote has been put in as a UI in Smart View. Smart Voice can be used on Smart View just like with the control. Smart View was previously fragmented; different versions of apps for different yearly models were required. But the latest Smart View processes all the UIs of TVs made after 2011.

Direct to content with voice command

Samsung believes voice command -- its Smart Voice -- is the best complement to its One Remote, and will allow consumers to cut through navigating menus to reach the content they want directly. There are more and more functions on a TV, including VOD, live-streaming, apps, and internet connectivity. This is where voice recognition comes in, according to Jihye Chung, in charge of the Smart Voice engine. The microphone is in the remote control and is activated by pressing the voice button.

"Our goal for this year's voice command was to have it cover all functions of the TV, which it does, and reduce the 'depth' of the process," said Chung. "Our 2017 Smart Voice for this year allows you to cut through the processes and go to the content you want directly."

Research conducted in 2015 by Samsung Consumer Experience Lab, or CX Lab, at Silicon Valley and UX Group at Seoul R&D Campus, found that there was an upward trend of more active use of voice command. But it was also found that firstly, consumers didn't know that many of the functions they use remote control for can be done more easily, and secondly, they didn't know what to say as a voice command.

"Old habits die hard. Our research shows that elderly almost never use voice command. Another consistent complaint -- which I guess will always be there -- is that they wish their TVs would know what they are saying better," said Chung.

Using its big data base, which will be even expanded further going forward, recognition capability of Smart Voice has been improved. There is also now a user guide that explains how to use the function.

Like last year's model, through Smart Voice consumers can go directly to the channel they want by saying the number or name of the channel. This year's model allows consumers to say a genre, which will then display related TV shows. Surfing through set-top boxes can also be done through voice.

"You can just say the number to control volume, said Julia Yoingjoo Lee, product manager for Smart Voice. "You can go directly to the setting menu, configure modes, and execute contextual commands such as schedule, say, 'turn off the TV in 3 hours'."

When the consumer wants more choice, they can say more intuitive commands, such as "show me sports channel", and will have the TV display all relevant channels for the consumer to say the next command, she said.

"If there is a feature that is actually more convenient with voice command but the user attempts to use the remote control button, the TV will show at the bottom of the screen that an easier voice command is available," she said.

Personalization and security

Personalized voice commands is a possibility for the future, according to DK Bae, who is in charge of Smart Voice apps. This will allow the remote or TV to identify the speaker and configure settings or limit the navigation scope, such as preventing children from reaching adult content.

"Personalization requires login. But using voice, you can have it detect who the speaker is, which is technologically not that difficult," said Bae. "There are some hurdles how well voice recognition reads utterance or the commands themselves, but having it detect different voices is not that difficult. We are preparing and may launch this as a service at a later date, but not this year."

Samsung was open to new technologies from artificial intelligence and machine learning, but there is a need for broader and deeper research on how people use voice commands. "Our research showed that different people used the same word for different meanings. Someone can say a celebrity's name [to look] for a shopping site with the person's catalogue. Somebody else might be looking for the program he or she is on," said Chung.

Recent leaked documents from Wikileaks say CIA and MI5 tested out whether they can spy on Samsung smart TVs via malware installed through USB. The targeted models were those of 2012 and 2013, and physically connected USBs were needed to install the malicious software. Patches since then have superseded the hacking methods described in the report, the development team said.

Samsung also removed the camera and the microphone from their TVs since last year's model. The decision to have the microphone as a press-to-command on the remote control was strictly out of convenience, the development team said.

The Future

On Monday, Samsung announced that its Bixby voice interface, to make its debut on the Galaxy S8, will be applied to all of its devices going forward.

The smart TV development team said the VD division was working closely with other divisions such as mobile to unify the brand and experience into one platform. "We do have plans but we can talk again in a year," said Chung, without providing further details.

On whether voice recognition will replace the remote control entirely, Samsung's smart TV team remains skeptical, despite new technologies. "There are so many, many more peripheral devices that connect with the TV, [and their] functions are more easily accessed using the remote control," said Song.

Voice recognition was convenient when a user's eyes are caught on something else, the collaborated research by UX Group showed, and can be used as the preferred choice for some consumers for certain functions of the TV. Whether it be remote, voice command, or smartphone, the important thing was to have each preferred method available.

"Each has different advantages. Voice and remote you can use together while looking away from the screen. Smartphone, via Smart View, requires you to look at the screen. So it really comes down to preference of the consumer. All three can be used together or separately to allow the consumer to reach the content in the best way possible," said Song.

"TV is not a personal device. It is family device. The TV has to be very easy to use, even if the technology behind is complicated," he said.

Google Home and Google Wifi launch in the UK

Google's smart speaker and mesh-networking Wi-Fi router cross the pond.

Google Home, with different coloured bases, and Google Wifi (left).
Image: Charles McLellan/ZDNet

Google has launched its Google Home smart speaker and Google Wifi wireless router in the UK. Both products have been on sale in the US since late last year.

The Google Assistant-powered Home is Google's answer to Amazon's Alexa-driven Echo and Echo Dot. With the distinctly utilitarian wake-phrase 'OK Google', the £129 smart speaker will give voice-driven access to Google services like Search, Maps and Translate.

You can access media such as Google Play Music, Spotify, TuneIn and BBC Radio, playing music either on the Google Home device itself or on other connected speakers around the house, and send video to a Chromecast-connected TV. You can also create and query information in your Google calendar, set timers and alarms, and create to-do lists. Other compatible smart home devices from Nest, Philips and Samsung Smartthings can be controlled via Google Home too.

Google Home will be available on 6 April from the Google Store, at £129. It will also be on sale at Argos, Dixons, John Lewis and Maplin, and (soon) EE. The Google Store will sell you coloured bases for £18 (fabric) or £36 (metal).

Google Wifi

Google Wifi is a puck-shaped 802.11ac router that plugs into your broadband connection and can create a mesh network delivering whole-home internet coverage. You can buy Google Wifi in single units (suitable for a small home) or as a two-pack system.

Google Wifi will also be available on 6 April, costing £129 (1-pack) or £229 (2-pack) at the Google Store. Argos, Dixons, John Lewis, and Maplin will also sell the router, as will Amazon.

According to Google, there are a few 'British treats' secreted in the UK version of Google Home, which ZDNet looks forward to discovering when review units become available.

Thứ Hai, 27 tháng 3, 2017

How Google Eddystone EID and Bluetooth beacons help this startup find lost luggage

A Catalan firm has developed the Bluetooth beacon technology used in Samsonite's secure Track&Go product for locating lost luggage.

Accent Systems has been flirting with connected devices for 10 years, long before the Internet of Things concept entered the wider public consciousness.

It all began in startup mode in an attic, when Jordi Casamada, now CEO of the company, and a friend developed an electronic remote control for slot-car racing brand Scalextric, which celebrates its 60th anniversary in 2017, and began selling it.

After setting up the company, they started specializing in connected devices. Today, Accent Systems, located in Castellar del Vallès, some 25 miles or 40km from Barcelona, employs 25 people in a large open office and notches up a turnover of more than €2bn ($2.13bn).

At the recent Mobile World Congress, along with its other flagship projects, Accent Systems showcased Track&Go beacon technology developed for Samsonite, which enables travellers to locate and recover lost luggage. It could prove a useful solution given that in 2015, 23.1 million pieces of luggage were lost, six percent of which vanished completely.

The Catalan firm, which also has a branch in New York, acted as hardware partner for Samsonite. Vodafone also took part of the project to trial its narrowband IoT (NB-IoT), a low-power, wide-area tech standard agreed in June 2016 and to be deployed this year.

Mobile agency In the Pocket helped develop an app that provides specific notifications to travellers when their bags get out of range.

The first version of the solution is operated with a Bluetooth low-energy beacon installed inside the suitcase, because the technology suits airport buildings which are indoor places containing many people, Accent Systems CEO Casamada tells ZDNet.

Google's open-security Ephemeral Identifier protocol, or Eddystone-EID, prevents users from being identified by malicious third parties, even when sharing their luggage information with others.

Now, the second version of the Track&Go product has evolved to get the most out of geolocation and NB-IoT. It's still built into the suitcase but offers a number of advantages over the initial offering, says Casamada.

It uses less power, so it can accommodate smaller batteries with longer life, which could be important for long flights, and the subscription of about €2 ($2.16) a year to the operator is much cheaper than 4G, for example.

Samsonite's Track&Go Concept Case is not ready for large-scale production, but the company is committed to developing it further. Meanwhile, Accent Systems aims to introduce new NB-IoT products, with projects related to wearables, healthcare, and access control.

Nuru AI chatbot helps to solve day-to-day problems in Africa

In the Western world, everyone is talking about messaging apps and chatbots. Now, users in Africa and other low-income countries can use chatbots instead of text messages to ask questions.

The African smartphone market is gaining rapid traction. According to predictions, smartphones sold this year will outnumber feature phone sales, and mobile penetration is far higher than line-based internet access.

Currently, most people in Africa use text messages to send money with a service called M-Pesa from the largest tech start-up in Kenya.

Now, chatbots could potentially replace text-based transactions altogether.

Budapest-based Hungarian start-up UXstudio has created a chatbot called Nuru. The app can help smartphone users in Kenya and Ghana in four different ways: Agriculture, classified ads, finances, and healthcare.

It wants users to interact with a chatbot and see a familiar conversational interface. Africa has 5.3 million Facebook users, and 78 percent of smartphone owners use their device for social networking and chatting.

However, currently, text-based interactions still dominate mobile user transactions in Kenya and Ghana.

Ghanan start-up Esoko offers text-based market price information for farmers, so they can sell their crops at a fair price. Users send a code by text and get back the information they require.

If a farmer uses the Nuru chatbot to help sell their product, they do not need to set a price. It can calculate the price based on the type of produce and the quantity they have to sell. The farmer can change the price if required or get a fair price suggestion via the app.

Kenya is a world leader in mobile money transactions, due to the widespread use of M-Pesa across the country.

Nuru secures the transaction by asking for your password to be repeated before any transaction can be made.

If you use the app to purchase something, select the seller, type in the amount you want to pay them, and press confirm to complete the transaction.

The app can also provide users with health information, and it aims to bring empathy into the digital conversation.

The Kenyan TotoHealth service helps women with text message notifications and advice during their pregnancy.

Nuru will ask you whether you have seen a doctor and If you have not seen one, it can suggest doctors in your area.

If women want to get health tips during pregnancy, it will ask questions like which week of the pregnancy it is before giving tips and advice.

If the user asks for job suggestions, the app will list all the opportunities nearby. Further information on the job can be acquired via text or a phone call.

Since chatbots work like the current services already in use in Africa, the technology can streamline solving day-to-day problems and make information more accessible for users. Chatbots can also connect people that use basic entry level smartphones.

UXstudio thinks that the chatbot is faster than asking people. It says that most people do not see Google as a way of problem solving, as they would rather ask a friend. With a chatbot, they can quickly access the information they need.

Chatbots are also perceived to be more trustworthy. A friend might not be the most reliable source of information, whereas a chatbot can get accurate information rapidly.

Mark Zuckerberg visited Nairobi in September 2016 to learn about mobile money and payments to build businesses and help communities.

The chatbot revolution in Africa could certainly make it a "future hub of global growth" as former US President Barack Obama pointed out in July 2016. The growth of smartphones in Africa shows that this is now a real possibility.

VIDEO: iRobot now pinpoints your dirtiest floors, offers Alexa voice commands

Slack's CSO calls for industry-wide security transparency

Slack's security head has doubled down on transparency within his organisation and wants to see his competitors follow suit.

Cloud-based collaboration tool Slack is in the business of making work life simple, but the startup darling's chief security officer Geoff Belknap is in the business of making sure this comes with an unsurpassable level of trust.

The route Belknap has taken is one of honesty, providing Slack's customers with as much transparency as possible -- which means divulging as much information as possible.

"The reality is -- from our perspective -- trust is about a constant open conversation," Belknap said.

"Trust is not: 'Well, they've probably got it covered'. That is not a reasonable process. The more we talk about it, the more we have these conversations ... the better that is for everybody."

Speaking with ZDNet in Sydney, the CSO explained that his role as the company's security head sees him constantly think about both the customer and the end user when protecting the platform and how to securely store data. Belknap said being transparent is often difficult, however, as a lot of people do not comprehend the benefits in highlighting something like a security breach.

"In our case we've been very open about how our bug bounty works, how the features work, what features we have, and I think in some cases it's very difficult, and it's almost a little bit risky, to bet on transparency -- my hope is long term that this is the right bet," he explained.

"I think at our end especially sharing more information, being transparent, and being direct about what we're doing and how we think about it, in the long run is beneficial and actually protects people.

"I'd love to see some of our largest competitors go that route as well."

Belknap feels it important for cloud providers -- startup or not -- to show security is at the forefront, noting consumers tend to hold a presumption that an established software company is secure.

"If they've been in the market for 10 or 15 years, they get a default pass on a lot of things which is probably undeserving, and not so safe if you're making those assumptions. At the same time, I think there's an extra onus on newer technology companies to establish that they care, that they're taking due steps, and that they are going to protect customers' data," he said.

"I think the onus is on people like myself to make sure that we're actually doing things to protect customers' data and to explain to them what we're doing and how we're doing that."

Earlier this month, Slack revealed that it had fixed a security flaw that let hackers steal user authentication tokens used to gain full and complete access to accounts and messages.

The vulnerability was luckily found by a security researcher, who scored $3,000 from Slack for highlighting the oversight.

Belknap is of the opinion that a breach at any cloud service provider -- even his competitors -- hits his business, as the stigma attached is often hard to shake from public perception.

As a result, Belknap is on the Bay Area CISO council, which sees 50-odd security heads from Silicon Valley's tech organisations get together to exchange information.

"It's all the cloud providers that everyone is trusting," he said. "One of us being left unsecure hurts everyone."

Slack currently boasts 4.9 million daily active users, including 1.5 million paid users.

The Californian-based startup also employs 650 employees across eight offices, with Belknap recently going on a hiring spree, bringing in staff to cover security, operations, engineering, product security, incident response, compliance, regulatory, and risk areas.

Next Insurance launches Facebook Messenger chatbot to replace the insurance agent

Next Insurance makes it easy for small businesses to buy insurance via a chatbot.

From IT consultants to personal trainers, therapists, coaches, photographers, and maintenance engineers, the small business sector is vast and expanding.

However, the small business insurance market seems to be dominated by generic policies that do not align with the nuances of each individual type of business.

Chatbot technology is redefining the way we view and engage with some of the largest and most traditional industries, including insurance.

Call centers, websites, and mobile apps are no longer the only means of interaction with brands. Chatbots are fast becoming a business imperative for businesses that want to engage with their customers.

Online chat through chatbots has grown faster than any prior channel. Now, with artificial intelligence and natural language processing, online chat is becoming the preferred way to communicate with the brand for many users who want an on-the-spot answer to their query.

Palo Alto, Calif.-based start-up Next Insurance has launched an insurance chatbot to enable small businesses to quote and buy insurance via a Facebook Messenger chatbot.

It partnered with enterprise-focused chatbot developer SmallTalk to provide tailored insurance policies for small businesses via a social channel.

Smalltalk works with enterprise customers to help them identify where bots can drive new revenue or bring efficiencies to business processes.

The company has been able to create tailored insurance programs built to match the business owners' needs.

It has direct access to its customers through the platform to identify the best policies, prices, and processes that match the customer need whilst ensuring a higher bottom line for insurance companies.

Founded in 2016 by a team of serial entrepreneurs, Next Insurance has received $13 million seed funding from Ribbit Capital, TLV Partners, and Zeev Ventures.

Next reckons that current insurance services on offer are inadequate. Some are improperly priced, or "fail to account for fundamental needs of small businesses," and it said that there is "something broken in small business insurance."

Guy Goldstein, co-founder and CEO of Next, said: "70 percent of our customers are buying insurance on their phones.

Enabling customers to buy insurance through a chatbot on Facebook Messenger brings simplicity, transparency, and easy access. We're making sure that insurance is working for the small business owner and not the reverse."

VIDEO: Facebook now auto-plays videos with sound: Here's how to mute them

Qantas on the hunt for startups to support its innovation agenda

Qantas and Slingshot are currently looking for 10 startups and scale-ups to participate in the 12-week Avro accelerator program.

Qantas has commissioned Slingshot to run an accelerator program for startups and scale-ups that can support the airline's innovation agenda.

The Avro Accelerator, named after Qantas' first aircraft, will be a 12-week mentorship-driven program with 10 startups or scale-ups receiving AU$50,000 upfront in exchange for up to 10 percent equity. A further AU$100,000 will be invested in those showing promise at the end of the program.

Qantas also flagged the opportunity for additional investment from its venture capital arm, as well as its investment partners beyond the accelerator program.

The airline said it is looking to invest in ideas that will help it create "seamless" travel experiences, streamline processes, build connected platforms, and identify the next "breakthrough" business opportunity.

Beginning in June, the program's participants will receive mentorship from executives at Qantas Group, while having access to the airline's operational data and anonymised customer information.

"Customer needs keep evolving, and the limits of technology are constantly expanding, so there is a clear business imperative for us to find new ways to improve how we operate," Qantas Group CEO Alan Joyce said in a statement.

The Avro Accelerator program will be run from Slingshot's premises at the WeWork coworking space in Pyrmont, Sydney.

Qantas said it has been stepping up its focus on innovation lately, citing its investments in onboard Wi-Fi as a recent example of that.

In February, the trial of Qantas' on-board Wi-Fi system saw 140 of its passengers connected to the internet. During the flight, the system delivered typical download speeds of between 7Mbps and 12Mbps to each connected device, with Qantas noting that connection speeds of approximately 1.5Mbps are required to comfortably stream movies on most handheld devices.

According to the national carrier, the faster connection speeds are made possible through the use of the NBN Sky Muster satellite service, and represent a significant upgrade over older satellite technology accessed by most airlines around the world.

In October last year, GE Aviation and Qantas announced that its data scientists, engineers, and software designers would be working together to analyse some of the 10 billion data points produced by the aviation sector annually to help the Australian carrier cut fuel costs and carbon emissions. This includes analysis of flight paths, replacement cycles, and engine optimisation.

Previously, Qantas turned to Amazon Web Services to help with flight planning, as its legacy systems could not handle the compute power required to run analysis around determining if certain flights were possible.

Since commencing its transition to the cloud, the national carrier managed to speed up its booking processing times from batch to batch to real time; increase data processing time by 100 times; reduce the amount of code required to do the same workload by 90 percent; and cut the cost to run the service by 80 percent.

Commonwealth to rid provider panels to make room for startups

Assistant Minister for Digital Transformation Angus Taylor's grand vision for innovation within government starts with opening up procurement opportunities to smaller Australian tech players.

In order for the "big bureaucratic beast" known as the Australian government to make good on its promise to undergo a digital transformation, it needs to change the way it procures products and services, and according to Assistant Minister for Digital Transformation Angus Taylor, one of the key places to start is ridding its innovation-stifling service provider panels.

Speaking with journalists on Sunday, Taylor criticized the procurement method currently in place for lower cost government projects, highlighting that the panel process has been a big barrier to smaller, innovative companies getting access to government opportunities.

"Panels are a really good example of well intentioned policy leading to less than ideal outcomes," he said.

The assistant minister explained that often panels are being used by government for projects that lie within the AU$80,000 to AU$5 million bracket, as they have previously not been large enough to require a customised solution, or large enough that provider selection warrants intervention from government.

Taylor explained this spend bracket is also the sweet spot for small-to-medium enterprises (SMEs), as generally the projects can be turned around quickly, and allow for a single technology solution to a problem that is reasonably digestible.

"We know that by increasing our spend on SMEs we can create a whole industry in this country. An allocation of 10 percentage points more of our IT spend -- of AU$9 billion -- to SMEs will be one of the biggest investments in innovation in this country's history," Taylor said.

"In money terms, it will be double the size of the first round of the National Innovation and Science Agenda.

"If we want to transform the digital government sector in Australia, the most important thing we can do is be a better customer."

The government's Digital Marketplace, launched days shy of 12 months ago, is an initiative aimed at getting SMEs involved in the government's IT spend. It's touted by the government as an ecosystem where government buyers and sellers can "connect" with smaller suppliers.

"Since the Digital Marketplace's launch ... we've had over 250 sellers come on, with many millions of dollars of opportunities on the platform. 93 percent has gone to small-to-medium enterprises," Taylor explained.

"I love this project because it demonstrates how with technology you can level the playing field and the government can stimulate innovative companies without resorting to hand outs."

To Taylor, success in getting smaller Australian tech players involved will require the government putting words into action.

"We've got to get our act together. We've got to create smaller, more modular projects, and we've got to reduce the barriers to entry through the current panel process," he said.

"We've got to have a procurement process that allows for innovation, just doesn't define the spec in gory detail without allowing the innovators to come to us and say: 'Look, this is what is possible, you haven't thought about it hard enough'.

"All of that needs to happen."

However, the startups and entrepreneurs need to want to play, as well.

"Digital government has to be a focus for the entrepreneurial tech sector in Australia and that's something I want to make happen as fast as we possibly can," he said, adding he wants to see 10 percentage points -- in IT spend -- given to SMEs as soon as is reasonably achievable.

In order to usher in the new wave of tech procurement, Taylor said the government needs to kick off change in other places.

This will require government to break up contracts and projects into smaller pieces, with Taylor saying that tenders tend to be indigestible for Australia's SMEs, and that the government also needs to build internal projects with the ability to integrate them with projects within other departments and agencies.

Taylor also said there is a need to drive the uptake of the cloud.

"These things have been identified time and time again to break down the tendency to make safe choices and those so-called safe choices prohibit innovation," he said.

Currently, 0.5 percent -- the equivalent of AU$60 million -- of the federal government's IT spend goes to the cloud, a figure Taylor said is "simply not enough", considering about AU$700 million is pumped into the purchase of hardware.

Pointing to the protected-level approval given by the Australian Signals Directorate to two Australian cloud providers last week, Taylor said innovation is breaking through to the "hard parts" of government.

"This is an illustration of what we can do with the government's IT spend if we get our act together," he said.

"Which is why having two local protected cloud providers now ... is such a breakthrough because we now -- we've broken into if you like the hard parts of government where protection of data is absolutely central."

Disclosure: Asha McLean attended Tech Leaders as a guest of MediaConnect.

iPhone, iPad users can now automate their lives for free as Apple buys Workflow app

Apple has snapped up task-automation tool Workflow and, unlike its practice with other acquisitions, hasn't yanked it off the App Store but instead is offering it for free.

Apple has acquired Workflow, an automation app for the iPhone and iPad that helps users program tasks between other apps.

Two years ago Workflow won an Apple Design Award and got a glowing review from Apple's accessibility engineer due to the app's support for iOS accessibility features. Today, the app and its developers are part of Apple.

The acquisition gives former iPhone jailbreaker and Workflow creator Ari Weinstein a tidy payoff for developing a utility that helps iOS users cobble together repetitive tasks between several apps.

Users of the service IFTTT would call them 'recipes'. Office users might call them macros.

Unlike previous acquisitions, Apple isn't removing the app from the App Store but rather is making it free. It used to cost $2.99.

Apple confirmed the acquisition to TechCrunch.

"The Workflow app was selected for an Apple Design Award in 2015 because of its outstanding use of iOS accessibility features, in particular an outstanding implementation for VoiceOver with clearly labeled items, thoughtful hints, and drag/drop announcements, making the app usable and quickly accessible to those who are blind or low-vision," Apple said in a statement.

One potential direction for Apple to take Workflow is integration with Siri. As the publication notes, the app's automation capabilities are due to its use of deep links within each app that it instructs to complete different tasks.

Workflow developers will now have greater access to the Siri APIs that Apple has not made publicly available.

Apple has not disclosed how much it paid for the app.

VIDEO: Apple buys Workflow, an iOS automation app

e4 launches virtual ID verification service in Australia

e4 Australia has launched its virtual biometric identity verification service targeting mid-tier lenders, non-traditional banks, and credit unions.

South African regulation technology company e4 on Tuesday launched its virtual biometric identity verification service in Australia.

Virtual verification of identity (VOI) allows lenders and mortgage brokers to verify new customers to relevant anti-money laundering (AML) and counter terrorism financing standards through a cloud-based application.

Typically, when consumers fill out a mortgage application online, they will need to visit a bank or post office branch to verify their identity in person.

Stuart Hosford, e4 Australia managing director, told journalists on Tuesday that old-school verification processes are cumbersome for banks and consumers alike.

"If I, as a digital consumer, want to initiate this process online, which a lot of lenders are facilitating now, it's quite frustrating to get to a certain point and then have to break that digital communication to go do something different," Hosford said.

The way that Virtual VOI works is the broker or lender will initiate a video and audio call to a customer, asking them to provide photo identification and other supporting documentation to assist with the verification process.

The customer -- for whom the entire experience is mobile-based -- will take photographs of the documents and upload them for review. Those documents are validated through independent industry data sources including the Australian Attorney General's Department Documentation Verification Service, credit bureaus, foreign national identity services, and the watch lists.

During the call, the broker or lender will also perform a facial match to the ID documentation supplied by the customer, as well as validate the location of the customer.

"The purpose of [these technology components] is not to create any single pass or fail in the process. It's about running a series of checks to build an overall confidence in [the verifier's] understanding of who this person is," Hosford said.

"A very important part of the digital proposition is not to get rid of the interpersonal component. We still want to have the interpersonal component, but we'll do that over a video feed much like Skype or FaceTime."

All components of the interaction -- including the audio, video, and digital documents -- are saved and stored for future reference and proof of due diligence. At the end of the call, Virtual VOI also auto-generates a report.

"If there is an issue later down the line in terms of suspected fraud, it's [the bank's and broker's] obligation to be able to prove they did their due diligence in the identification of this person," Hosford said. "What's really valuable to them is the fact that everything is recorded from start to finish and available to the verifier."

The company is currently focusing on residential mortgage applications, though Hosford said VOI will likely be applied to other financial products in the future.

The target market for Virtual VOI is small to mid-tier lenders, non-traditional banks, and credit unions, Hosford said. The company is currently in talks with ING Direct, Bendigo and Adelaide Bank, HSBC, Credit Union Australia, and Gateway Credit Union.

However, initial distribution will be through aggregator groups such as Australian Finance Group, Aussie, Connective, and HashChing.

While Aussie is owned by Commonwealth Bank, Hosford said he is deliberately not engaging with the big four -- at least not yet.

"The big four banks are not necessarily incentivised or motivated to keep people out of branches ... They like to get people in the branches because they can cross-sell, they can maintain a relationship. It's not really in their interest to keep people out of branches," Hosford said.

"Like anything fintech, the big four will engage when they're forced to engage ... As soon as they start to get pressure from the smaller to mid-tier [banks], then they do have to jump on board."

Virtual VOI currently works on Android and iOS devices. The company will integrate Touch ID in the next iteration, with iris scanning and voice recognition also a possibility in the future, according to Hosford.

Coinciding with the rise of digital wallets such as Alipay, Apple Pay, Samsung Pay, and Android Pay, Capgemini Australia banking practice lead Phil Gomm predicted there would soon be a shift from the concept of "card present transactions", where the card is presented physically at point of sale, to the new idea of "card holder present", confirmed through the use of smart device access verification via biometric and PIN options.

In February, Commonwealth Bank announced that it had partnered with Airtasker to provide the task outsourcing company with an identity verification function for its online platform, with the pilot expected to run for some months.

Thứ Bảy, 25 tháng 3, 2017

HP Elite x3 Lap Dock, First Take: An add-on laptop experience for your Windows 10 Mobile phablet

Acer Swift 5 review: A decent ultrabook at an affordable price

Apple to start building iPhones in India within 6 weeks

India's federal government didn't accept most of Apple's demands for concessions, but manufacturing of the iPhone 6, iPhone 6S, and iPhone SE will start soon.

Apple will begin iPhone manufacturing in India within the next four to six weeks, a government official told the Wall Street Journal on Thursday.

The iPhone 6 and iPhone 6s are said to be the first products manufactured by Apple partner Wistron in India, with iPhone SE set to come off assembly lines in roughly three months.

"Almost all preparations have been done for launching Apple's first phase project in Bangalore through Wistron," a government official said.

Apple couldn't immediately be reached for comment.

Manufacturing iPhones in India, even if not the latest version, could allow Apple to gain a stronger foothold in the budding smartphone market where it only holds a roughly five percent share.

Apple has been working with Prime Minister Narendra Modi for months to manufacture products in India, mainly seeking tax concessions that would allow the company to lower the cost of the iPhone.

In December 2016, it was reported Apple sent a letter to India's government outlining manufacturing plans and asking for financial incentives. Earlier this week, a government official told the Economic Times India has not accepted "most of the demands."

Apple market share in China slips for first time: IDC:

Samsung announces LTE version of Gear S3 Classic smartwatch

If the Gear S3 Frontier isn't your style, there's good news: Samsung is adding LTE to the Classic variant.

The Gear S3 is easily one of the best smartwatches Android users have the option of using.

Between its circular design with rotating bezel for navigating the interface, to Samsung Pay built into the watch, and compatibility with nearly all Android devices (not just Samsung phones), there's a lot to like about the Gear S3 lineup.

Up until now, potential users had to decide between the Frontier or Classic models, with the former being the only one to include LTE connectivity. If you wanted to forgo the need of constantly having your smartphone by your side, you had to pick the Frontier.

On Thursday, however, Samsung announced it is adding LTE to the Classic model.

Exact pricing and release details aren't known, with Samsung stating wireless carriers will make their own announcements.

We do know that Verizon, AT&T, and T-Mobile will each carry the smartwatch.

As a refresher, the Classic model features a leather band and more classic (for lack of a better word) watch look and feel. The Frontier is the ruggedized version, complete with a rubber watch strap.