Technology

Discovery of Microphone in Google’s Nest Guard Prompts Backlash

Posted on by Andy Miller

The discovery of a microphone in Google’s Nest Guard product that was not listed in tech spec has been put down to an erroneous omission by Google, but it has also caused a backlash that escalated to the US Congress.

What Happened?

One of Google’s products is the Nest Secure product which is a home security system that operates using a phone app, alarm, keypad, and motion sensor with Google Assistant built in (which is the main hub), Nest Detect Sensors for doors and windows, and a tag which the homeowner taps on the main hub when they enter the house to disarm the system. Earlier this month, the addition of Google’s digital assistant to the product led to the surprise discovery that the main hub unit has always had a microphone installed in it, but the microphone was not mentioned on the technical specifications for the product.

The discovery of what appeared to be a “secret” microphone has, therefore, prompted anger and discussion among privacy and security advocates and commentators, concern from consumers, bad publicity for Google, and calls for action by a Senator, a Congressman, and many others.

Google Says 

Google’s response to the discovery was simply to apologise for what was an “error” and oversight on its part for not listing the microphone in the tech spec for the system, and to stress that the microphone was not intended to be ‘secret’ and had not been used until the addition of the Google Assistant.

It has also been reported that Google has said that one of the reasons for the microphone’s inclusion had originally been to allow future functionality, for example, to detect breaking glass in the home.

Criticism

Google has faced anger and criticism from many different angles over the discovery of the microphone including:

  • Maryland Congressman John Delaney calling for privacy legislation to now be applied to a broad range of tech products.  Mr Delaney also proposed that electronic tech products should have labelling on them like that on food products, so consumers can be quickly and easily alerted to any privacy and security implications.
  • Virginia Senator Mark Warner, chairman of the Senate Intelligence Committee, calling for hearings with federal agencies and the U.S. Congress about the digital economy, and the smart home ecosystem.
  • The Electronic Privacy Information Center (EPIC) calling on the Federal Trade Commission (FTC) to request via an enforcement action, that Google divests of its Nest hardware products, and that Google disgorges any data that it may wrongfully have obtained from Nest customers.

What Does This Mean For Your Business?

Smart electronic products and devices are now in homes and businesses everywhere, but consumers and business owners should have the right to be clearly informed about the security and privacy implications of those products so that they can make an informed choice about whether to buy and operate them.

As some commentators have noted, the arguments that it’s easier to ask for forgiveness than seek permission or that ‘it’s in the fine print’, shouldn’t be acceptable privacy policies from tech companies.  The idea of food packaging-style labelling on smart tech products to help inform about security and privacy implications may not be a bad one, and if the tech industry can’t regulate itself on this matter then more legislation to protect consumers and businesses seems likely.

This is a damaging story in terms of trust and reputation for Google, particularly in the US where the story has been given greater prominence and may cause consumers to think twice about the kinds of smart products that they let into their homes and businesses.

Form-Jacking Attacks Hit High Profile Companies

Posted on by Andy Miller

Research by Security Company Symantec has revealed that high profile companies such as BA and Ticketmaster are among the many thousands of businesses whose websites are being targeted with “form-jacking” attacks every month.

What Is Form-Jacking?

Form-jacking involves inserting a small amount of malicious JavaScript code into the checkout web pages of e-commerce sites, thereby allowing attackers to monitor payment card information being entered and to then syphon that information off.

When a user hits the submit button on a checkout page that contains the malicious code, the user’s payment and personal details are sent to an attacker’s servers where the attacker can use this information to perform payment card fraud or sell these details on to other criminals on the dark web.

Pages that have been compromised in this way aren’t easy to spot, and to the naked eye, the checkout process looks normal.

How Big Is The Problem?

Symantec claims to have stopped more than 3.7 million form-jacking attacks in 2017, and between August and September 2018, the company says that it blocked 248,000 attempts at form-jacking.  The fact that 36% of these blocks took place from September 13th to September 20th was an indicator that form-jacking attempts were escalating towards the end of last year.

Symantec reports that 4,800 websites are being hit by form-jacking attacks every month.

Examples

High profile examples of victims of form-jacking given by Symantec include British Airways and Ticketmaster who were both targeted by the ‘Magecart’ hacking group.

The attack on British Airways saw the Magecart attackers set up a spoof web domain designed to look like those of the legitimate company, and even purchase paid SSL certificates from Comodo to make it look more legitimate. Magecart was present on British Airway’s website from August 21 to September 5, and the 22 lines of digital skimming JavaScript code that it took to operate the form-jacking attack affected 380,000 transactions.  In the BA attack, the vital customer data was skimmed and stolen in a fraction of a second between the time the customer put the mouse over the submit button and before the data had a chance to reach BA’s servers as the customer clicked on the button.

In the case of Ticketmaster attack, which took place in June, attackers first compromised a chatbot from tech firm Inbenta that was used for customer support on Ticketmaster websites.  This chatbot then provided the way in for the Magecart attackers which enabled them to alter the JavaScript code on Ticketmaster’s websites so that payment card data from customers could be captured and sent to their servers.  It is thought that the form-jacking code remained undetected on Ticketmaster’s website from September 2017 to June 2018.

What Does This Mean For Your Business?

Cybercriminals have found that better back-up practices by businesses and home users have made attacks like ransomware less likely to pay, so may have moved into form-jacking. The fact that it only requires the insertion of a relatively small amount of JavaScript and that it can be very difficult to detect make it an attractive new way to get paid for many criminals.

Companies can use network-based and file-based protection against form-jacking, and ways to stop attackers getting in to inject the code include using firewalls to block all incoming connections from the internet to services that should not be publicly available, enforcing a (complex) password policy, turning off file sharing if not needed, turning off and removing unnecessary services, keeping patching up to date, and configuring email servers to block or remove emails that contains file attachments that are commonly used to spread threats e.g. .vbs, .bat, .exe, .pif and .scr files.

Also, companies should guard against software supply chain attacks by testing new updates, even seemingly legitimate ones, in small test/sandbox environments, and by monitoring the behaviour of all activity on a system to help identify any unwanted patterns.

Browsers Slowed By Adverts and Analytics

Posted on by Andy Miller

Research by developer Patrick Hulce has shown that around 60% of the loading time in a browser is caused by JavaScript code that is used to place adverts or analyse what users do.

Analysed Pages

The researchers analysed data from desktop and mobile versions of a million sites, including many popular ones, and sampled programs written in JavaScript, which is the code that is popularly used not only by developers to make sites interactive, but also by Google to help place ads on pages and analyse user activity.

Two-Thirds of a Second Loading Time Added

The analysis revealed that if ad-placing and analytics JavaScript code are used together on a page this can add more than two-thirds of a second to loading times.

WordAds Script

The JavaScript code that was found to add the most time to page downloads was the WordAds script that’s used in WordPress blogs.  This was found to add a staggering 2.5-second delay to the arrival of a page.

Other Causes

The research did acknowledge that there are other popular causes of slow loading pages including network delays, large file sizes for some content, and even ad-blocking programs which increase script execution time.

Problems Caused By Slow-Loading Pages

Slow-loading pages can cause problems such as frustration to (and loss of) visitors from web pages, and pages being penalised by Google’s search rankings for desktop and mobile search results.

Google sends out Google speed updates for mobile search rankings of the slowest of sites on the Internet. The updates are directed to those who have verified properties in Google Search Console and are aimed at reducing the search rankings of really slow mobile pages.  The updates give site admins recommendations about how to measure and fix slow-loading page problems.  In October 2018 for example, Google announced that it had begun (since July 2018) incorporating a new Speed update algorithm in the mobile search results as a search ranking factor.

Run A Test

It has long been known that JavaScript can add extra time to page downloads.  If you’d like to check whether your pages are being slowed down by JavaScript you can, for example, go to https://www.webpagetest.org/ or Google’s https://developers.google.com/speed/pagespeed/insights/.

What Does This Mean For Your Business?

Slow-loading web pages can frustrate users and lose your business customers, as well as damaging the position of your web pages in Google search results. Web pages that load quickly are known to have longer average session times, lower bounce rates, and higher viewability, and Google suggests that a good target time in which a page should load is under 2 seconds.

Test tools such as webpagetest.org are good ways to see how your pages currently perform.  Ways to improve slowness caused by JavaScript include only loading the JavaScript needed for the current page / prioritizing what a user will need and lazy-loading the rest with code-splitting and optimizing JavaScript.  If, for example, you have a WordPress website, you can use plugins to help reduce your page load time.

Scooter Hack Threat

Posted on by Andy Miller

An investigation by researchers at Zimperium® found a security flaw in the Xiaomi M365 electric scooter (the same model that is used by ridesharing companies) which could allow hackers to take control of the scooter’s acceleration and braking.

Xiaomi M365

The Xiaomi M365 is a folding, lightweight, stand-on ‘smart’ scooter with an electric motor that retails online for around £300 to £400. It is battery-powered, with a maximum speed of 15 mph, and features a “Smart App” that can track a user’s cycling habits, and riding speed, as well as the battery life, and more.

What Security Flaw?

The security flaw identified by the Zimperium® researchers is that the ‘smart’ scooter has a Bluetooth connection so that users can interact with the scooter’s features e.g. its Anti-Theft System or to update the scooter’s firmware, via an app. Each scooter is protected by a password, but the researchers discovered that the password is only needed for validation and authentication by the app, but commands can still be executed to the actual scooter without the password.

The researchers found that they could use the Bluetooth connection as a way in.  Using this kind of hack, it is estimated that an attacker only needs to be within 100 meters of the scooter to be able to launch a denial-of-service attack via Bluetooth which could enable them to install malicious firmware.  This firmware could be used by the attacker to take control of the scooter’s acceleration and braking capacities. This could mean that the rider could be in danger if an attacker chose to suddenly and remotely cause the scooter to brake or accelerate without warning.  Also, the researchers found that they could use this kind of attack to lock a scooter by using its anti-theft feature without authentication or the user’s consent.

Told The Company

The researchers made a video of their findings as proof, contacted Xiaomi and informed the company about the nature of the security flaw. It has been reported that Xiaomi confirmed that it is a known issue internally, but that no announcement has been made yet about a fix.  The researchers at Zimperium® have stated online that the scooter’s security can’t be fixed by the user and still needs to be updated by Xiaomi or any 3rd parties they work with.

Suggestion From The Researchers

The researchers have suggested that, in the absence of a fix to date, users can stop attackers from connecting to the scooter remotely by using Xiaomi’s app from their mobile before riding and connecting to the scooter.  Once the user’s mobile is connected and kept connected to the scooter an attacker can’t remotely flash malicious firmware or lock the scooter.

What Does This Mean For Your Business?

This is another example of how smart products/IoT products of all kinds can be vulnerable to attack via their Bluetooth or Internet connections, and particularly where there are password issues.  Usually, the risk comes from smart products from the same manufacturer all being given the same default password which the user doesn’t change.  In this case, the password works with the app, but in this case it appears as though the password isn’t being used properly to protect the product itself.

There have been many examples to date of smart products being vulnerable to attack.  For example, back in November 2017, German Telecoms regulator the Federal Network Agency banned the sale of smartwatches to children and asked parents to destroy any that they already have over fears that they could be hacked, and children could be spied-upon.  Also, back in 2016, cyber-criminals were able to take over many thousands of household IoT devices (white goods, CCTV cameras and printers), and use them together as a botnet to launch an online DDoS attack (Mirai) on the DNS service ‘Dyn’ with global consequences i.e. putting Twitter, Spotify, and Reddit temporarily out of action.

Manufacturers of smart products clearly need to take great care in the R&D process to make sure that the online security aspects have been thoroughly examined. Any company deploying IoT devices in any environment should also require the supply chain to provide evidence of adherence to a well-written set of procurement guidelines that relate to specific and measurable criteria.  In the mobile ecosystem and in adjacent industries, for example, the GSMA provides guidelines to help with IoT security.

As buyers of smart products, making sure that we change default passwords, and making sure that we stay up to date with any patches and fixes for smart products can be ways to reduce some of the risks.   Businesses may also want to conduct an audit and risk assessment for known IoT devices that are used in the business.

Kellogg’s Uses Virtual Reality To Sell More Cornflakes

Posted on by Andy Miller

Breakfast cereal manufacturer Kellogg’s has been working with third-party VR companies to help it determine the best way to display its new products in stores.

Who?

Kellogg’s is reported to have been working on a pilot scheme with Accenture and Qualcomm.  Accenture is a Dublin-based global management consulting and professional services firm with a strong digital skill-set, and Qualcomm Inc is a US-based world leader in 3G and next-generation mobile technologies.

What?

The pilot’s aim was to determine the best in-store placement for Kellogg’s new Pop Tart Bites.  This involved the use of Accenture’s Extended Reality (XR) software and Qualcomm’s VR headsets.  This combination gave test subjects an immersive and 360-degree experience of a simulated store environment in which they were able to ‘virtually’ pick products, place items in shopping trolleys and make purchases.

Monitoring

The VR headsets and XR software enabled Kellogg’s to closely and precisely monitor the user’s eye movements.  The analytics meant that this test was also able to yield data such as which new products the test subjects looked at and how long they looked at the products.

New Insights Reveal Surprising Result

Whereas traditional understanding of in-store product placement points towards eye-level (or close to it) as an ideal spot, the new insights that the technology provided in this pilot concluded that positioning the new product on a lower shelf could increase sales of the product by 18%.

Growing Trend

The use of a combination of VR, AR and analytics in retail environments has been a growing trend among big brands in recent times.

Brick-and-mortar retail chains have, however, been criticised for reacting slowly to the introduction of technology that could help them and have found themselves at a disadvantage to online retailers who have been able to use digital technology to hyper-personalise retail experiences for their customers. The brick-and-mortar retailers have also been faced with challenges caused by economic and cultural shifts, e.g. customers moving more towards online shopping.

Change In The Landscape

It’s not just manufacturer brands that are now able to take advantage of the technological change in the landscape to benefit sales.

Retailers now have access to many affordable and relatively easy-to-use AI development tools available, such as those offered by big tech vendors e.g.  Google, Microsoft and Amazon. This means that building an AI system/machine learning system has never been easier.  Retail chains, for example, also have the advantage of having access to massive amounts of data which can be used in a value-adding way with analytics and AI.

What Does This Mean For Your Business?

This story illustrates how the combination of new technologies such as VR, AI and advanced analytics have yielded new insights which could make a greater contribution to sales than more traditional methods.

The portable nature of the technology (and the AI aspect) mean that they are also able to deliver these value-adding insights more quickly and cheaply than before, thereby contributing to faster and more effective product launches and more successful product strategies.  The superior insights gained from combining new technologies such as these mean that it is now possible for business product placement decisions to be made that could positively impact total brand sales, versus only single product sales.

Could 5G’s High Frequency Be Dangerous?

Posted on by Andy Miller

5G may be the next generation of mobile internet that could provide new and innovative opportunities and boost to new industries, but there have been some concerns that its high-frequency mmWave spectrum could pose new health risks.

Long-Held Concerns

Ever since there have been mobile phones, there have always been concerns that prolonged exposure to low-energy, non-ionising electromagnetic radiation radio waves, the type used by current mobile phones, could increase a person’s risk of health problems such as developing cancerous brain tumours. This radio frequency (RF) radiation does not have enough energy to ionise an atom or molecule, and therefore, is unlikely to have enough energy to damage cell DNA in a way that would cause cancer.  This is the reason why recent research has shown that it is now believed to be unlikely that radio waves from mobile phones or base stations could increase the risk of any health problems.

Even though it is now generally accepted that normal use of current generation mobile phones is relatively safe, the World Health Organization’s International Agency for Research on Cancer (IARC) has still given a cautious classification of RF radiation as “possibly carcinogenic to humans”.

What’s Different About 5G?

5G is different because it will use 3 Spectrum bands, low-band spectrum (LTE), mid-band spectrum, and what some believe to be the potentially dangerous mmWave high-frequency spectrum.

The mmWave spectrum, however, is still not close to the kind of ionising wavelengths that can cause damage to DNA.  In fact, mmWave high-frequency spectrum technology appears to be quite some way from the maximum human RF absorption frequency of about 70MHz. Also, mmWave will mostly be deployed in a spectrum that suffers from high reflection rates – 24 to 29GHz.  This should mean that any absorption by the body will be confined to the surface layers of the skin rather than the deeper tissue that is reached by lower frequency radiation.

So, Is It Safe?

Based on the science of radiation, and current evidence and limits relating to mobile phone use, there’s nothing to directly suggest 5G mmWave poses a significant health risk, but 5G is not here and in popular use yet, so more research will need to be done on the subject in future.

What Does This Mean For Your Business?

5G represents a great opportunity for business.  Its increased speed and lower latency allow the downloading of films and games in seconds and watching them without any buffering, and this kind of speed will allow all kinds of new opportunities for presentation media e.g. in advertising, on social media and on websites.

Many different types of businesses could benefit from improved connectivity with remote workers or with salespeople in remote areas.

Also, the news from an O2 forecast is that 5G could deliver time savings that could bring £6 billion a year in productivity savings in the UK and that 5G-enabled tools and smart items could save UK householders £450 a year in food, council and fuel bills.

Safety, however, is a major concern for all businesses, but even though 5G will use a higher frequency, there is no compelling evidence to date to show that it would pose new health risks to users.  In the UK, it will be some time before 5G networks are up and running to any significant level, and this means that there will be time for research to be conducted in areas where 5G use is at a more advanced stage.

Report Says 90% of NHS Jobs Will Need Digital Skills, But AI and Robotics Could Enhance Services

Posted on by Andy Miller

A report, commissioned by health secretary Matt Hancock and led by US academic Eric Topol, has found that even though AI and robotics will enhance healthcare services, 90% of NHS staff will require fresh digital skills within 20-years.

Robotics and AI Enhancements

According to the report, although there has been fear that the implementation of AI and robotics to the NHS could be a step towards replacing human practitioners, they will in fact enhance services.

Smart Speakers Could Help

For example, the use of smart digital assistants such as Alexa and Siri could free-up more time for doctors which could be spent with patients. It is anticipated that smart speakers could reduce time spent on paperwork, possibly saving 5.7 million hours of GPs’ time across the country per year.

Mental Health Triage Bots?  

The suggestion that smart speakers could somehow be used as effective “mental health triage bots” by engaging in conversations while analysing text and audio for any suicidal ideas and emotions has been dismissed by mental health professionals. A smart speaker may be capable of listening and talking but as mental health professionals point out, smart speakers can’t pick up many of the visual cues that a skilled human professional can, they can’t quickly develop a relationship with a patient (as is needed in mental health assessment situations), and they may not be particularly useful in a situation where a patient is disordered.

Patient Records

The report indicates that smart speakers could also enhance the capabilities of NHS workers to update patient records.

Three Main Changes

In the report, Mr Topol predicts how, over the next 20 years there will be three main developments that will change patients lives, and how training should begin now to ensure that NHS staff have the skills to make the most of those changes going forward.  According to Eric Topol, who is a cardiologist, geneticist, and digital medicine researcher, the three main changes will be:

  1. Patients having their genome sequenced.  This can help determine things like a person’s predisposition to certain diseases and how they will respond to medication or treatment.
  2. Patients being able to generate and interpret much more of their own health data at home.
  3. AI helping to exponentially increase the speed, accuracy and scalability of medical data interpretation.

Digital Appointments

Health Secretary Matt Hancock, who commissioned the report, has also called on GP practices in the UK to be able to offer digital appointments within five years e.g. using Skype and Google.

What Does This Mean For Your Business?

According to this report, AI, robotics and other new technologies could provide enhancements that may enable patients to be ultimately better informed about their own medical position and may help NHS staff to deliver a better quality of service while freeing them from spending too much time on paperwork and spending that time instead with patients.

There is, however, a challenge to be met in terms of making sure that NHS staff receive training that will enable them to make the best use of new digital technologies, and this will need planning and will have cost implications.

It is also important to consider, however, that the amount of data gathered about patients e.g. genomic information could be intrusive and has security and privacy risks.  Also, if AI bots are used to handle some communications with patients, those patients need to be informed that they are communicating with a bot and not a person.  Too much reliance on technological innovation could also bring some inequalities. For example, poorer people and ethnic minorities have been shown to have a lower uptake of things like digital health records.

UK Solar-Powered High Latitude Drone Presents New Mapping Opportunities

Posted on by Andy Miller

The Astigan high-altitude “pseudo-satellite” (HAPS) drone, built in Somerset using British Technology, and co-developed with Ordinance Survey, could succeed where other earth-mapping efforts by tech giants have failed, and provide a wealth of other opportunities.

High Altitude Hover For 90 Days, With No Re-Fuelling

The fixed-wing aircraft, which has solar panels across 38m wingspan and only weighs 149kg (328lb), can be set to hover for 90 days at a time at an altitude of 67,000ft (c. 20,420m), without re-fuelling.  It is controlled from the ground and can be set to map large areas of interest or made to hover continuously over one geographical area.

Carries Cameras

The Astigan ‘drone’ has been developed to carry cameras like those on mapping aircraft, and due to its co-development with Ordnance Survey, its initial purpose is to provide high-resolution images for mapping, supported by field surveyors on the ground, and data from local authorities and the land registry.

Advantages

The advantages that this kind of drone has over existing mapping technologies such as satellites are that:

  • It’s much cheaper to build and operate e.g. there are no huge satellite launch costs.
  • It provides higher-resolution images.
  • It is more flexible e.g. it is easier to divert a drone than an orbiting satellite, and several drones can be deployed at a time, perhaps in the same area.

The Technology

The technology and know-how come from the 1999 ‘Solar Impulse’ project where Brian Jones, former RAF pilot and balloonist, recorded the first non-stop around the world balloon flight.

Same Factory As Facebook Drones

Just as this project appears to have succeeded where drone-development projects by tech giants have failed, it operates from the same factory that once housed Facebook’s Aquila internet drone project until Facebook abandoned its drone plans.

Opportunities

As Neil Ackroyd (co-founder of Bridgwater, Somerset-based Astigan) has been quick to point out, even though the drone has many advantages over other earth-mapping methods, it has a huge number of potential other uses.  For example, the drone (or fleets of drones) could be used to help with land management and urbanisation, monitoring environmental change, and even helping with environmental disasters e.g. hovering over areas where there are forest fires.

It is, of course, also possible to envisage that drones like these could have military and state surveillance uses.

Trouble Over Bridgwater – Criticism

Back in 2013, The state-owned national mapping agency Ordinance Survey was criticised by some for paying £700,000 for what was then the little-known aerospace company Astigan.  OS was the subject of complaints by some competitors and suppliers of OS that it may have stifled competition, and may, in effect, have received illegal state aid.

What Does This Mean For Your Business?

The ability to provide a low-cost, effective way of supplying high resolution photos and maps of the earth could feed into (and add value to the work of) many businesses and organisations around the world.  The opportunities are many, and it is good news too that the technology has been developed in the UK.  It has been reported that the platform will also be made available to companies who want to attach their own sensors and cameras to the drones e.g. to track climate change. 

ROI Index Shows That Facebook & Google Offer Best Value For Mobile Advertisers

Posted on by Andy Miller

Marketing report company Singular has produced an ROI index for mobile advertising, based on its own research which shows that Facebook and Google appear to offer the best value for mobile advertisers.

The Research

Singular sampled over $1.5 billion of spend in mobile advertising, including over a half a billion installs and almost $3 billion in revenue.  From this, the company was able to produce an ‘ROI Index’ that ranks the best-performing ad networks for mobile marketers on iOS and Android globally.

Singular’s backers include Norwest Venture Partners, General Catalyst, Thomvest Ventures, and Method Capital, and Singular’s customers (as a marketing intelligence platform) include companies like Airbnb, LinkedIn, Symantec, and Twitter.

Facebook & Google – Best Value

Given the popularity and scale of Google and Facebook, and the economies thereof, and the fact that they can deliver results, it is perhaps not surprising that Singular’s ROI Index put Facebook and Google at the top for delivering the best return on investment.

The Index showed that Facebook won the global rankings, but Google came top in all three key regional rankings: EMEA, APAC, and Americas.

Ad Fraud Levels Also Taken Into Account

Singular’s ROI Index also considered advertising fraud levels, and it has been reported that a record number of 15 companies were deleted from its rankings this time around because of “excessive” fraud.

Snap No.3

The Index shows Snap (the advertising network for Snapchat) improving its rankings on most of the lists, and it is now the No. 3 network for non-gaming ads on both iOS and Android.

Other Findings

The ROI Index also showed other important results for:

  • Japan-based mobile messaging service LINE (700M users), ranked three times.
  • Twitter, which showed a resurgence with 11 rankings on global, regional, and platform-specific charts. These included second on iOS for retention: providing users/customers who stay engaged.
  • Unity, the games ad network, ranking third on Android and fourth on iOS globally.
  • BlueStacks, the US technology company that produces the BlueStacks App Player and other cloud-based cross-platform products, is delivering significant ROI on its own on-platform ad network.

Android More Volatile

Singular’s ROI Index also shows that one-third of the global Android index is brand-new compared to only two new networks joining the corresponding iOS index.  This indicates that the Android ad ecosystem is more volatile than iOS.

What Does This Mean For Your Business?

With all of us now using mobiles for our personal and business lives, mobile advertising has become a very important way for businesses to reach customers.  Google and Facebook are widely known among marketers, but many marketers now know they need to consider using more than just two media partners in order to get the most value out of their advertising budgets.

In an increasingly complicated and segmented media marketplace an ROI Index such as the one produced by Singular can provide valuable marketing intelligence, perhaps provide new ideas for promising ad networks to try, and can give businesses a way to get some measurement of ROI from different touchpoints across multiple channels that can help guide ad spend in order to produce the best value results.

Russia Plans Disconnect From Rest of World Internet For Cyber-Defence Test

Posted on by Andy Miller

Russia has set itself a deadline of 1st April to test “unplugging” the entire country from the global Internet for reasons relating to defence and control.

Giant Intranet Dubbed “Runet”

The impending test of a complete ‘pulling up of the drawbridge’ from the rest of the world is being planned in order to ensure compliance with a new (draft) law in Russia called the Digital Economy National Program.  This will require Russia’s ISPs to show that they can operate in the event of any foreign powers acting to isolate the country online with a “targeted large-scale external influence” i.e. a cyber-attack.

The plan, which is being overseen by Natalya Kasperskaya, co-founder of Kaspersky the antivirus company and former wife of CEO Eugene, will mean that Russia can unplug from the wider Internet, and create its own internal ‘Intranet’ (the ‘Runet’) where data can still pass between Russian citizens and organisations from inside the nation rather than being routed internationally.

Moving Router Points Inside Russia

A move of this scale involves attempting to move the country’s key router points inside Russia. This means that ISPs will have to show that they can direct all Internet traffic entering and leaving Russia through state-controlled routing points, whereby traffic can be filtered so that, if required, traffic destined for outside Russia is discarded, and attempts to launch cyber-attacks on Russia can be more easily detected and thwarted.

Own Version of DNS

Other measures needed to give Russia the ability to completely unplug include building its own version of the net’s DNS address system. This is currently overseen by 12 organisations outside Russia, but copies of the net’s core address book now exist inside Russia.

Why?

Russia has been implicated in many different international incidents that could provoke cyber-attack reprisals and misinformation interference. For example, the alleged interference in US presidential election campaign and UK referendum, and the Novichok attack in Salisbury.  There has also been deterioration of the relationship between the US and Russia, and widespread criticism of Russia in the western media.

Censorship and Control?

Even though the word from Russia is that the ability to ‘unplug’ is for defence from external aggression, many commentators see it as a move to be able to exert more state control in a way that is perhaps similar that seen in China with its extensive firewall.

In Russia, control of social media could, for example, thwart attempts from the people to organise mass protests against Putin, such as those seen in 2011-13.

Also, the ability to control what people can see and say online can mean that websites that promote anti-state views and information can be blacklisted. It has been reported that there is already an extensive blacklist of banned websites and that Russia now requires popular bloggers to register with the state.  There have also been reports of Russians facing fines and jail for social media posts that have been judged to have ridiculed the Kremlin or Orthodox Church.

What Does This Mean For Your Business?

Business and trade tend to benefit from open channels of communication, and when states move to shut down communication channels in this way, it prevents the promotion and advertising of products, creates costs and bureaucracy, and damages the prospects and competitiveness of those organisations exporting to and from Russia. This kind of communications shutdown may be useful for the purposes of the state, but it can only really be harmful for international trade, and for those businesses within Russia itself looking to sell overseas.

Anything that portrays the image of a controlling and/or inward-looking state can also damage industries such as tourism and can make companies in those states appear to be risky to deal with.