Research Says Memes Can Tell Between Humans and Bots

Researchers from the University of Delaware have concluded that when it comes to authentication for logins, Memes may be one of the strongest techniques to distinguish between a human and a bot.

The Bot Challenge

One of the great challenges to websites when it comes to authentication for logins is that software bots can fool relatively simple tests such as ticking a box to say, ‘I’m not a robot’ and CAPTCHA (both words and images). Also, neural networks and machine learning have helped to train bots to behave more like humans.  With more than half of web traffic believed to be made of bots and to stop bots gaining easy access to sensitive data, correct authentication needs to be based upon a system that can effectively tell humans and bots apart.

Memes Could Be The Answer

According to the University of Delaware researchers, the dynamic nature of memes and the fact that bots don’t get cultural references and online humour, and that humans are familiar with and can understand memes with a greater depth than bots could mean that memes could be the answer to the ‘bot or human’ authentication challenge.

Memes are activities, concepts, catchphrases, or pieces of media, often humorous and/or mimicking, and commonly in the form of an image, gif or video that have cultural meaning and tend to be shared widely on social media platforms.

How Could Memes Work For Authentication?

According to the researchers, after the correct username and password have been verified on login to a website, a meme could be displayed with a question about the meme that relates to something that bots wouldn’t be able to spot.  For example, this question could relate to the facial expression of the person in the meme or to the action taking place in the meme (bots wouldn’t be able to accurately tell what the facial expression is or what it means in relation to that meme). Several possible answers relating to that meme could be given and clicking on the right option will mean that a person is granted entry to the website.

The fact that there is a vast number of memes available online means that the meme and its answer options used for one authentication process can then be deleted from the database to ensure that no answers are stored and learned by bots.

What Does This Mean For Your Business?

With more than half of web traffic being made up of bots, and with bots being able to fool many existing systems and with the data security, privacy and fraud risks that bots pose, businesses need to know that their websites have an effective system that can accurately distinguish between humans and bots at the login stage, but not make the process of authentication too complicated or lengthy for registered users.

The cultural references, humour, and subtleties in memes could, therefore, make them an effective way to make that distinction, and could keep businesses ahead of the game until AI/machine learning in bots necessitates another change.

Tech Tip – Save a Web Page as a PDF

Sometimes, when researching online, it’s helpful to be able to collect information in a form that can easily be printed out, so here’s how to save a web page as a PDF from three popular browsers:

Google Chrome:

– Top right (three-dot icon), choose ‘Print’ (or use Ctrl + P)
– In ‘Destination’ choose ‘Change’
– In ‘Select a Destination’, under the heading ‘Print Destinations’ choose ‘Save as PDF’
– Work through the preview options and select ‘Save’

Microsoft Edge

– Choose ‘Print’ (top right of the browser) or Ctrl + P
– Under the ‘Printer’ drop-down menu select the ‘Microsoft Print to PDF’ option
– Go through the other options (margins and scale) and select ‘Print’

Firefox

– Use the Windows 10 Microsoft Print to PDF function
– Press Ctrl + P to display the print menu
– Select ‘Microsoft Print to PDF from the printer options, and click on ‘OK’
– Select name and save location and click on ‘Save’

Safari

– Under ‘File’ choose ‘Print’ (or Command + P)
– Select ‘PDF’ from the left-hand corner of the window
– For a basic save, select ‘Save as PDF’.

Scale of Police Computer Misuse Uncovered

A Freedom of Information (FoI) request made by think tank Parliament Street has revealed that 237 serving officers and members of staff have been disciplined for computer misuse in the last two financial years.

Sackings and Resignations

The FOI request, which was responded to by 23 forces also revealed that 6 employees resigned and 11 were sacked over failures in adhering to IT best practices e.g. for disclosing personal information.

Took Photos of Screen and Shared

In Hertfordshire, two incidents out of 16 disciplinary cases involved employees taking photographs of the screen of a (confidential) police computer system and sharing those photos via social media.

Most Cases

The most individual computer misuse incidents were recorded by Surrey Police with 50. Second in the misuse ranking was the Metropolitan police where 18 people were disciplined (4 were accused of misusing social media) and one staff member was sacked for misusing the Crime Reporting Information System.

Greater Manchester Police managed to take the third position in the incidents rankings with 17 for misuse of force systems.

Other Incidents

Other incidents uncovered by the FoI request included 3 officers getting sacked from Gwent Police (for researching the crime database for a named person, disclosing confidential information, and for unlawful access to information) and 3 getting sacked form Wiltshire Police force for using the police databases without lawful access to the information. Also, one member of Nottinghamshire Police was disciplined for using the police computer system to search for information about a civil dispute they were involved in.

Case In July

These incidents were reminiscent of the case from July this year whereby a serving Metropolitan police officer was given 150 hours of community service and ordered to pay £540 after pleading guilty to crimes under the UK’s Computer Misuse Act, which included using a police database to monitor a criminal investigation into his own conduct.

What Does This Mean For Your Business?

We all must adhere to data protection laws (GDPR) and best practices to ensure that company computer systems are used responsibly and legally.  The irony of the information uncovered with the FoI request is that hundreds of those persons who are entrusted to uphold and enforce the law appear to be prepared to risk their jobs, break the law and betray public trust.  The fact that hundreds of police have been caught (there may be many more who haven’t) misusing police systems which contain large amounts of sensitive personal data raises serious questions about privacy and security.

This may indicate that police forces need to offer more education and training to employees about data protection and the correct (and legal) use of police computer systems as well as tightening up on monitoring, access control and validation/authorisation.

$20 Million Fight Highlights Value of Social Influence and PR

The popularity and influence of two YouTube celebrities making their boxing event an all-time global Top 20 pay-per-view phenomenon and splittin a $20 million prize is a reminder of the magnifying value of online PR.

What Happened?

Two of the world’s leading YouTube celebrities and ‘Generation Z’ heroes Logan Paul and Olajide “KSI” Olatunji followed up on their 800,000+ pay-per-view, £2.7 million earning 6-round boxing match from last year at Manchester Arena with the repeat bout at a Los Angeles basketball arena.  This time, after their fight in the early hours of Sunday morning they were able to split $20 million made from 2 million+ pay-per-view purchases generated from their combined 40 million subscriber fan-base.  Neither of these YouTube celebrities is a boxing professional and their fight was in stark contrast to that of two World Champions, fighting on the same bill, who were “only” paid less than $1 million.

Social Media Power & PR

The world’s biggest YouTube celebrities and social influencers, such as PewDiePie (102 million subscribers), Dude Perfect (47.1 million subscribers) and Badabun (43 million subscribers) are mainly young people who have managed to build a relationship with their generation audience by posting YouTube videos.  Generation Z subscribers (born between 1996-2010) who have grown up with the Internet and social media, and Millennials (born between 1981 and 1996) make up large parts of the subscriber audiences. Interestingly, in the case of boxing, this represents an opportunity for promoters to tap into a massive new audience who may not be familiar with the sport.

Even though these influencers may appear to be strongly linked to a generation that they have an innate understanding of (by being part of it) what they are essentially doing is leveraging public relations – building relationships with different publics, building their own credibility and raising their own visibility – on a grand scale. YouTube is simply the media and part of the message that allows them to achieve their PR aims.

PR Often Overlooked By Businesses

The power of PR to business is often overlooked in favour of apparently easier to understand advertising and measuring of responses, and rather than dismissing the kind of influence that some young people have via social media as a generational mystery that doesn’t apply to you, recognising that the value-adding use of PR is within the reach of all businesses is important.  So, what can PR do for your business/campaign/cause/event?

  • As YouTube celebrities show, influence is something that PR can achieve. Your own expertise and inside knowledge of your business and industry can be a valuable and persuasive asset in your messages that can make you appear to be a trusted and objective source.
  • Finding or creating an interesting and compelling story with a link to your products, services and brand can mean that the ‘reach’ of your message is increased as different outlets and channels pick up on it and share it.
  • The cost-effectiveness of your advertising can be dramatically increased when combined with PR.
  • The search engine optimisation (SEO) of your website can get a real boost from PR as you receive more visitors to your website and more shares of your story on social media and on other websites, and more links to your website thereby giving your rankings a boost for important key phrases.
  • Getting your own feature in an important publication can be a great way to attract investors and new customers as it strengthens your credibility.
  • Talented people such as potential employees and businesses as potential strategic alliances can also be attracted by good PR about your organisation.

What Does This Mean For Your Business?

The boxing event was not a demonstration of sporting expertise and prowess, but of the power of influence gained through social media and PR.  This event showed that business (and something that’s arguably greater than the sum of its parts) can be generated through paying attention to the building personal brands and online relationships with specific audiences which, over time, can generate its own momentum. One of the key messages for businesses to take away from this is that PR opportunities already exist all around and tapping into them could be a cost-effective way of boosting the power and reach of your messages.  This may be something that has been overlooked in your promotional mix but could make all the difference.

Google Announces New ‘Teachable Machine 2.0’ No-Code Machine Learning Model Generator

Two years on from its first incarnation, Google has announced the introduction of its ‘Teachable Machine 2.0’, a no-code custom machine learning model generating platform that can be used by anyone and requires no coding experience.

First Version

Back in 2017, Google introduced its first version of Teachable Machine which enabled anyone to teach their computer to recognise images using a webcam. This first version enabled many children and young people to gain their first experience of training their own machine learning model i.e. teaching their computer how to recognise patterns in data (images) and assign new data to categories.

Teachable Machine 2.0

Google’s new ‘Teachable Machine 2.0’ is a browser-based system that records from the user’s computer’s webcam and microphone, and with the click of a ‘train’ button (no coding required), it can be trained to recognise images, sounds or poses.  This enables the user to quickly and easily create their own custom machine learning models which they can download and use on their own device or upload and host online.

Fear-Busting and Confidence

One of the key points that Google wants to emphasise is that the no-code, click-of-a-button aspect of this machine learning model generator can instil confidence in young users that they are able to successfully use advanced computer technology creatively without coding experience.  This, as Google mentions on its blog, has been identified as being important by parents of girls as girls face challenges in becoming interested in and finding available jobs in computer science.

What Can It Be Used For?

In addition to being used as a teaching aid, examples of how Teachable Machine 2.0 has been used include:

  • Improving communication for people with impaired speech. For example, this has been done by turning recorded voice samples into spectrograms that can be used to “train” a computer system to better recognise less common types of speech
  • Helping with game design.
  • Making physical sorting machines. For, example, Google’s own project has used Teachable Machine to create a model that can classify and sort objects.

What Does This Mean For Your Business?

The UK has a tech skills shortage that has been putting pressure on UK businesses that are unable to find skilled people to drive innovation and tech product and service development forward.  A platform that enables young people to feel more confident and creative in using the latest technologies from a young age without being thwarted by the need for coding could lead to more young people choosing computer science in further and higher education and seeking careers in IT.  This, in turn, could help UK businesses.

No-coding solutions such as Teachable Machine 2.0 represent a way of democratising app and software development and utilising ideas and creativity that may have previously been suppressed by a lack of coding experience.  Businesses always need creativity and innovation in order to create new opportunities and competitive advantage and Teachable Machine 2.0 may be one small step in helping that to happen further down the line.

‘Moore’s Law’ and Business Innovation Challenged By Slow-Down In Rate of Processing Power Growth

Many tech commentators have noted a stagnation or slow-down period in computing related to ‘Moore’s Law’ being challenged, but has the shrinking of transistors within computer chips really hit a wall and what could drive innovation further?

What Is Moore’s Law?

Moore’s Law, named after Intel co-founder Gordon Moore, is based on his observation from 1965 that transistors were shrinking so quickly that twice as many would be able to fit into a micro-chip every year, which he later amended to a doubling every two years.  In essence, this Law should mean that processing power for computers doubles every two years.

The Challenge

The challenge to this Law that many tech commentators have noted is that technology companies may be reaching their limit in terms of fitting ever-smaller silicon transistors into ever-smaller spaces, thereby leading to a general slowing of the growth of processing power.  The knock-on effect of this appears slowing of computer innovation that some say could have a detrimental effect on new, growing industry sectors such as self-driving cars.

What’s Been Happening?

Big computer chip manufacturers like Intel have delayed the next generation of smaller transistor technology and increased the time between introducing the future generations of their chips. Back in 2016 for example, Intel found that it could shrink chips to as little as 14 nanometres, but 10 nanometres is going to be a challenge that would take longer to achieve.

The effect has not only been a challenge to Moore’s Law, and a challenge to how the big tech companies can keep improving their data centres, but also how computers are able to work for (and keep up with) the demands of business.

Mobile devices, which use chips other than Intel’s may also have the brakes put on them slightly as they now also rely, to a large extent, on the data-centres to run the apps that their users value.

What About Supercomputers?

Some experts have also noted that the rate of improvement of supercomputers has been slowing in recent years and this may have had a negative impact on the research programs that use them.

That said, the cloud means that IBM is now able to offer quantum computing to tens of thousands of users, thereby empowering what it calls “an emerging quantum community of educators, researchers, and software developers that share a passion for revolutionising computing”.  It is doing this by opening a Quantum Computation Centre in New York which will bring the world’s largest fleet of quantum computing systems online, including the new 53-Qubit Quantum System for broad use in the cloud.

What Does This Mean For Your Business?

Many smaller businesses that are less directly reliant upon the most-up-to-date computers may not be particularly concerned at the present time about the challenge to Moore’s Law,  but all businesses are likely to be indirectly affected as their tech giant suppliers struggle to keep improving the capacity of their data-centres.

Many see AI and machine learning as the gateway to finding innovative solutions to improving computing power, but these also rely on data-centres and other areas of computing that have been challenged by the pressure on Moore’s Law.

A more likely way forward may be that chip designs will need to be improved and highly specialised versions will need to be produced, and Microsoft and Intel have already made a start on this by working on reconfigurable chips.  Also, the big tech companies may need to collaborate on their R &D in order to find the way forward in increasing the rate of improvement of computing power that can ensure that businesses can drive their products, services and innovation forward.

Microsoft Edge Gets Business Upgrade

Billed as “the browser and search engine for business”, Microsoft’s new Chromium-powered version of Edge (and now more serious competitor to Google’s Chrome) is set to be released in January with new business-focused capabilities.

Chromium Source

Back in December 2018, Microsoft announced that it was adopting the Chromium open source project, which is the web rendering engine that powers Google Chrome.  This forms the basis for the new, upgraded version of Edge which many see as a serious attempt by Microsoft to make it more relevant, particularly to larger business customers, and compete more seriously with Google’s Chrome.

January 2020

The new business-focused version of Edge has only been released as ‘Beta version 79’ (the final Beta before it becomes a general “Release Candidate”), with the general release of the download of the stable version for Windows and macOS scheduled for 15 January 2020.

More Productive At Work

One of the key challenges that Microsoft says it’s trying to address with the improved version of Edge is difficulty in finding and accessing corporate information that is known to exist on company intranets.  With this in mind, Microsoft says that it has added “new experiences” to Microsoft Search in Bing such as enabling users to type in the address bar to search for people on the company Intranet, using natural language, such as by their title, team name and office location.

Also, users will be able to:

  • Search for office location and find answers that show floor plans for directions.
  • Get definitions for company acronyms.
  • Use a broad set of question and answers to find internal company information.

What Else?

Other business-focused features that the new version of Edge will offer are:

  • Expansion of Microsoft Graph connectors which expands the reach of Microsoft Search for 365 customers by adding over 100 connectors including Salesforce.com, ServiceNow, and Box. This will mean that business users can find more using Microsoft Search.
  • The ability to easily access Search in Bing on a mobile phone so that workers can search for company information on the go.
  • SmartScreen and Tracking prevention to protect users from phishing schemes, malicious software and new types of malware (crypto-jacking).
  • A new InPrivate mode for Microsoft Edge and Bing (for searching and browsing) to help improve privacy and security
  • A ‘Collections’ feature for Microsoft Edge to help users to collect web content, organise research and export that content into Word and Excel for analysis and collaborative working.

Extras For IT Professionals

The new version of Edge will also include some new features for IT professionals including the expansion of the Microsoft FastTrack deployment program to deploy the new Microsoft Edge in Q1 2020, the expansion of the App Assure program to cover Microsoft Edge in Q1 2020, and a new security baseline for the new Microsoft Edge.

What Does This Mean For Your Business?

The migration to Chromium last year was a clear sign that Microsoft was looking to make Edge browser a much more serious competitor to Google’s Chrome.  Microsoft has identified some key challenges that businesses (with Intranets and programs like Salesforce) have with accessing important company information through a browser search.  Microsoft has, therefore, incorporated some very business-focused, productivity-boosting solutions in this version of Edge that can help office and mobile/remote workers.  Focusing on the needs of business-users could help Microsoft maintain its position at the top of the business OS market as well as giving its Edge browser a long-overdue boost.

Tech Tip – Snip & Sketch

If you need to be able to quickly grab areas of your screen, annotate them and share them, Windows 10 has an easy to use Snip & Sketch app.

To use Snip & Sketch:

– Hold down the Windows key + Shift + S to bring up a snipping toolbar.

– Snip the required area of your screen which will then be automatically loaded to your clipboard.

– You will then receive an invitation (bottom right of the screen) to mark up and share the image you’ve clipped. Click on the words ‘Select here’.

– This will load the Snip & Sketch app.

– Annotate your image with the pen symbols and click on the save or share icons (top right).

Microsoft Announces New, Integrated ‘Office’ Suite App For Mobile Devices

Microsoft has announced that it is working towards the launch of its ‘Office’ mobile app (currently only available in public preview) which integrates Word, Excel, and PowerPoint mobile apps into a single app.

The ‘Office’ Vision

Microsoft says that the mobile app, called simply ‘Office’, represents their vision for what a productivity solution would look like if first built for mobile devices.

The idea is that users have all their Office documents together in one place, can reduce the need to switch between many different apps, and can reduce the amount of space that they use on their phone compared to multiple installed apps.

“Simple, Integrated Experience”

The ‘Office’ app is intended to provide users with what Microsoft describes as a “simple, integrated experience”.

The app combines Word, Excel, and PowerPoint, access to recent and recommended documents stored in the cloud or on a user’s device, the ability to search for documents across a user’s organisation if using a work account, and easy access to Sticky Notes e.g. for reminders and writing down ideas.

What Can You Do?

Microsoft’s Tech Community web pages say that users of ‘Office’ will be able to create content “in uniquely mobile ways” such as snapping a picture of a document and turning it into an editable Word file with just the press of a button or transforming a picture of a table into an Excel spreadsheet so that users can quickly work on the data. Also, a new Actions pane in the app will enable users to complete tasks such as creating PDFs with their camera and signing PDFs just by using their finger or scanning QR codes to open files and links.

Public Preview and Only On Phones

The Office app is currently available in public preview for Android and iOS, can be downloaded and used for free, and doesn’t require a sign-in to use it.  Those with work, school, or personal Microsoft Accounts can, however login and gain access to their files stored in the cloud via the app.

Microsoft has said that it will continue to support and invest in the existing Word, Excel, and PowerPoint mobile apps (‘Office’ isn’t replacing them), and that the new ‘Office’ app is currently only available for phones, although plans are afoot to extend this to tablets.

What Does This Mean For Your Business?

Back in February, Microsoft announced its new, free “Office” app for Windows 10 as an update to the former My Office app, and as a way for those who do have a 365 subscription and have Microsoft’s apps installed on their device to open Office from the Office app, and those who don’t have a subscription to be automatically directed to the online version.  This latest announcement of the preview stage, available to all, soon-to-be-launched ‘Office’ mobile app is a progression of Microsoft’s move to publicise, raise awareness about, and get more people using its (free) versions of Office.  This will also help Microsoft adapt and compete with rivals, such as Google, and appeal to business and other existing Microsoft Office users who are now used to being able to carry out most of their business on-the-go with mobile devices and apps.  Some of the features, such as taking a picture of a document and turning that into an editable file are likely to add value for many business users who are spending less time at the desktop.

The new app could mean time-savings (not switching between multiple apps), convenience and greater leverage of mobile capabilities for users, and for Microsoft, it offers them a way to keep existing users loyal to their OS and Office Suite, gain new users, and stay competitive in a rapidly evolving mobile working market.

Office 365 Voicemail Phishing Scam Warning

Security company McAfee has reported observing a phishing scam which uses a fake voicemail message to lure victims into entering their Office 365 email credentials into a phishing page.

How The Attack Works

According to McAfee’s blog, the first step in the phishing scam is the victim being sent an email informing them that they have missed a phone call.  The email includes a request to login to their account to access their voicemail.

The email message actually contains an HTML attachment which, when loaded, re-directs the victim to a phishing website. Although there are slightly different versions of the attachment, the most recent examples are reported to contain an audio recording which is designed to make the victim believe they are listening to the beginning of a legitimate voicemail.

Once re-directed to the bogus Microsoft account login page, the victim will see that their email address has already been loaded in the login field, thereby helping to create the illusion that this is their real Microsoft login page.

If the victim enters their password, the deception continues as they are shown a page saying that their login has been successful, and they are being re-directed to the home page.

Three Different Phishing Kits

Cybercriminals frequently buy-in phishing kits to launch their attacks. These are collections of software tools, created by professional phishers, that can be purchased and downloaded as a set. These phishing kits make it much easier for those with limited technical and coding skills or phishing experience to launch a phishing attack.

McAfee reports that as many as three different phishing kits are being used to make the fake websites involved in this scam. These are:

  1. Voicemail Scmpage 2019 – being sold on an ICQ channel, and used to harvest your email, password, IP Address and location details.
  2. Office 365 Information Hollar – similar to Voicemail Scmpage 2019 and used to harvest the same data.
  3. A third unnamed kit, which McAfee says is the most prevalent malicious page they have observed in the tracking of this particular campaign.  McAfee says that this kit appears to use code from 2017 malicious kit that was used to target Adobe users.

File Names For The Attachments

To help you spot this phishing attack McAfee has listed list the file names for attachments in the phishing email as being:

  • 10-August-2019.wav.html [Format: DD-Month-YYYY.wav.html]
  • 14-August-2019.html [Format: DD-Month-YYYY.html]
  • Voice-17-July2019wav.htm [Format: Voice- DD-MonthYYYYwav.htm]
  • Audio_Telephone_Message15-August-2019.wav.html [Format: Audio_Telephone_MessageDD-Month-YYYY.wav.html]

What Does This Mean For Your Business?

Reports indicate that this phishing attack has proved quite successful up until now, partly because the pages and steps appear authentic (and load the users email address as real login page does), and it uses social engineering and urgency (with audio) in a way that may prompt may people to suspend their critical faculty long enough complete the few short actions that it takes to give their details away.

The advice to businesses is, therefore, to be vigilant and to not open emails from unfamiliar sources or with unfamiliar attachments.  You may also want to use Two-Factor Authentication (2FA) where possible, and enterprise users may wish to block .html and .htm attachments at the email gateway level so that they don’t reach members of staff, some of whom may not be up to speed with their Internet security knowledge.

There is also a strong argument for not using the same password for multiple platforms and websites (password sharing).  This is because credentials stolen in one breach are likely to be tried on many other websites by other cybercriminals (credential stuffing) who have purchased/acquired them e.g. on the dark web.

Keeping anti-virus and software patches up to date and making sure that staff receive training and education about cybersecurity risks and what procedures should be followed if suspicious emails or other messages are spotted can also help companies to maintain good levels of cybersecurity.