Lord Toby Harris Logo

Archive for the ‘Technology’ Category

Monday
Jun 11,2012

A former senior analyst to the US Secretary for Defense has warned that:

“Chinese companies apparently have a covert capability to remotely access communications technology sold to the United States and other Western countries and could disable a country’s telecommunications infrastructure before a military engagement.”

 Writing on Friday, F Michael Maloof reported that:

“The Chinese also have the ability to exploit networks “to enable China to continue to steal technology and trade secrets,” according to the open source intelligence company Lignet, which is comprised of former U.S. intelligence analysts.

The issue centers on the Chinese firm Huawei Technologies Co. Ltd., which U.S. intelligence sources say has direct links to the Chinese government and the People’s Liberation Army, or PLA. These sources assert that Huawei and other Chinese telecommunications firms such as ZTE Corp. have “electronic backdoors” to telecommunications technology sold to the U.S. and other countries.”

This is the same Huawei that I have reported before as providing key components to this country BT network and is being investigated by the US Congress but not by any equivalent UK body.

Huawei tell me that they are much-maligned and say that they are not linked to the People’s Liberation Army, but are just a private company trying to expand their business outside China.

In the UK the Government seems to be unconcerned that increasingly large parts of the country’s critical national infrastructure are under foreign ownership or are dependent for key components on overseas suppliers (there are a series of stories in yesterday’s Sunday Times behind its paywall about Chinese or Russian interests buying into the UK energy supply industry).

It is not clear why it can be assumed that these interests are necessarily benign and the UK Government doesn’t even seem to be interested in asking the question let alone doing anything about it.

How complacent can they get?

 

Monday
Jun 11,2012

Michael Gove is to announce a new primary school curriculum.

Apparently, this will involve five-year-olds being required to learn poetry by heart and recite it aloud.  According to the Telegraph:

“Education Secretary Michael Gove will promise a new focus on the traditional virtues of spelling and grammar when he sets out his plans for the teaching of English in primary schools later this week.

At the same time, Mr Gove will put forward proposals to make learning a foreign language compulsory for pupils from the age of seven.

Under his plans, primary schools could offer lessons in Mandarin, Latin and Greek as well as French, German and Spanish from September 2014.

The Education Secretary is said to be determined to make the teaching of English at primary school ”far more rigorous” than it is at present.  …

It will also emphasise the importance of grammar in mastering the language, setting out exactly what children should be expected to be taught in each year of their primary schooling as well as lists of words they should be able to spell.”

Whilst I am not convinced about the value of reciting poetry, nor about learning Latin and (ancient) Greek, I do think that there is much to be said for instilling the basics of language in all primary age children.

There will also be a commitment to making sure pupils have some basic skills in maths and science:

“Pupils will be expected to memorise their tables up to 12 times 12 by age nine, and be able to multiply and divide fractions by the end of primary school under a major shake-up of the national curriculum.

Using decimals and basic arithmetic are also set to be a main focus of maths lessons in the future, a move which ministers said will help to raise standards in England’s schools.

In science, primary school children will be taught about key concepts such as static electricity, the solar system and how to name and classify objects in biology.”

That too is welcome.  But does it go far enough?

Earlier this year, John Naughton argued in the Guardian that:

“Starting in primary school, children from all backgrounds and every part of the UK should have the opportunity to: learn some of the key ideas of computer science; understand computational thinking; learn to program; and have the opportunity to progress to the next level of excellence in these activities.  …

We need to face up to a painful fact. It is that almost everything we have done over the last two decades in the area of ICT education in British schools has been misguided and largely futile. Instead of educating children about the most revolutionary technology of their young lifetimes, we have focused on training them to use obsolescent software products”

There are developments like Raspberry Pi that are intended to provide a cheap and accessible platform for young children to learn simple programming.
The hope is that Gove will recognise that revitalising the primary school curriculum is about equipping today’s under-11s not with the skills their grandparents and great-grandparents may have learned, but the skills that they will need to grow up in the 2020s and 2030s.  And that those skills can be the basis for the UK’s future economic growth.
Poetry has its place, but programming is the future.
Monday
May 28,2012

Seven and a half years ago, I warned in a debate in the House of Lords about the risk to the nation’s critical national infrastructure of a concerted cyber-attack, saying:

“As a nation, the systems that are essential for our health and well-being rely on computer and communications networks – whether we are talking about the energy utilities, the water and food distribution networks, transportation, the emergency services, telephones, the banking and financial systems, indeed government and public services in general – and all of them are vulnerable to serious disruption by cyber-attack with potentially enormous consequences.  …

The threat could come from teenage hackers with no more motivation than proving that it could be done, but even more seriously it could come from cyber-terrorists intent on bringing about the downfall of our society. “

The Ministerial reply I was given at the time bordered on the complacent – even though I was assured that it wasn’t:

“there are also terrorists who would challenge and seek to undermine democratic society using any methods within their grasp. It is not complacent to say this; but perhaps it should be made plain that at the moment they do not appear to be interested in attacking us electronically.”

Late last year, the Wall Street Journal reported that:

“British intelligence picked up “talk” from terrorists planning an Internet-based attack against the U.K.’s national infrastructure, a British official said, as the government released a long-awaited report on cyber security.

Terrorists have for some time used the Internet to recruit, spread propaganda and raise funds. Now, this official said, U.K. intelligence has seen evidence that terrorists are talking about using the Internet to actually attack a country, which could include sending viruses to disrupt the country’s infrastructure, much of which is now connected online. The official spoke on condition of anonymity and didn’t say when the infrastructure threat was detected and how it was dealt with.

Terrorists, however, are still more focused on physical attacks that lead to high casualties and grab attention. “For the moment they prefer to cover the streets in blood,” he said.”

Again, the official line was inclined to dismiss the likelihood of an attack …
Now comes news that a video captured by FBI agents last year and now released by the Senate Committee on Homeland Security purports to show an al Qaeda leader calling on ”covert mujahidin” to launch cyber attacks against The video explicitly calls for cyber attacks against the networks of both government and life-sustaining critical infrastructure, including the electric grid, and compares vulnerabilities in U.S. critical cyber networks to the vulnerabilities in our aviation system prior to 9/11.
PHOTO: In this screenshot obtained by the FBI, an Al Qaeda video calls upon the ?covert Mujahidin? to commit ?electronic jihad?.
So – boringly – I was right (again).
The question remains are our cyber-defences going to be adequate.
Wednesday
May 2,2012

As the Government potentially dilutes police accountability with the abolition of police authorities, new technology will increasingly create a new way of ensuring that the police act responsibly.

I have commented before on the impact of citizens with video-enabled mobile phones being able to post on the internet videos of interactions between the police and the public within seconds of the interaction happening.  This means that some incidents that might not previously have received wide coverage now do so.  This places a great pressure on the police to act responsibly at all times, even though what may be an entirely reasonable response to, for example, violent behaviour may not look so reasonable when a 10-second clip is viewed without the context of the preceding incident.

Today, however, I heard of another development that will also potentially have far-reaching consequences. Wired reports that three developers from Tulse Hill in south London have build an app that aims to give the public a way to hold the police more accountable:

“Users can upload information when they’re stopped by the police to the Stop and Search UK site, including the location of the stop, the badge numbers of the officers involved, and any feedback they’d like included. There’s also a guide to the law regarding being stopped and searched, to help educate people about their rights.

The hope is that, over time, a wider picture of stop and search powers will emerge across the country, which will in turn increase accountability over a police power which has drawn controversy in the past.”

This effectively creates a crowd-sourced monitoring system and, whilst the data will not be entirely systematic or representative, the information it produces will be a powerful tool for those who want to argue whether or not the stop-and-search tactic is being used fairly, appropriiately and proportionately.

No doubt this app will prove controversial with police officers who will feel that this is yet another impediment to them being able to do their job effectively.  However, conscientious officers will have little to fear and a greater confidence in the police that may stem from better accountability can only be a good thing.

If nothing else, it should act as a spur to  the Home Office and local police services to ensure that their adoption of mobile technology to properly record and document interactions with the police is speeded up.

As I have previously commented, recording such encounters is an important safeguard against the over-use or inappropriate use of the power against particular individuals or groups.  It is also incidentally a safeguard for officers who might otherwise be accused of abusing the power who will now be able to point to statistical evidence of how they have used the power properly and proportionately.

Saturday
Apr 21,2012

I have been delighted to contribute a foreword to a guide produced by my good friends at The Risk Management Group for parents to help them keep their children safe online.

The guide “The A to Z of Safe Children Online” is available here.

Sunday
Mar 18,2012

Nearly three years I posted about the threat of an electro-magnetic pulse that could permanently disable the electricity grid and most electrical systems.  I followed this up with some parliamentary questions and a further post this time last year that concluded:

“So the good news (heavy irony) is that the Government may have got round to working out what “the reasonable worst case scenario” might be.”

At the risk of coming over all I-told-you-so-ish, we now learn in today’s Observer that:

“Explosions on the sun that blast solar winds towards the Earth have been identified for the first time as one of the biggest threats to the UK’s ability to carry on normal daily life, according to a new official government register of major risks to the country.

A significant event on the sun could leave large swaths of the country without electricity, lead to the immediate grounding of planes, disable communications and even destroy household appliances.

The danger has been prioritised in the Cabinet Office’s National Risk of Civil Emergencies as the sun enters the most active point in its 10-year cycle – its solar max – raising the chances of a damaging burst of radiation, plasma or energetic particles (such as neutrons).

More significantly, the UK is regarded as particularly vulnerable because scientific advances have made the country more dependent on technology than ever before. Ministers have been advised by scientists that the most advanced technology is also the most delicate and that “high levels of energetic particles produced in the atmosphere by solar radiation storms can greatly enhance error rates in ground digital components found in all modern technology”.

The newly published risk register lists severe space weather alongside terrorist attacks, coastal flooding and pandemic influenza as likely sources of “serious damage to human welfare”.

It says: “Severe space weather can cause disruption to a range of technologies and infrastructure, including communications systems, electronic circuits and power grids.”

The register adds: “While storm impacts in the early- to mid-20th century appear relatively benign, dependency on technology vulnerable to space weather has pervaded most aspects of modern life, and therefore the disruptive consequences of a severe solar storm could be significant.”

The threat was placed on the register after a panel of experts, including two scientists from the Meteorological Office, produced a “reasonable worst case scenario” for ministers.”

 Only took a year, so lucky that last week’s solar flare passed off without problems.

 

Friday
Feb 17,2012

There is an excellent article in the New York Times that explains the behavioural psychology that is now linked to supermarket loyalty cards and on-line shopping patterns to target and personalise adverts and offers.

It describes an incident in a Target store (a major US chain) as follows:

“a man walked into a Target outside Minneapolis and demanded to see the manager. He was clutching coupons that had been sent to his daughter, and he was angry, according to an employee who participated in the conversation.

“My daughter got this in the mail!” he said. “She’s still in high school, and you’re sending her coupons for baby clothes and cribs? Are you trying to encourage her to get pregnant?”

The manager didn’t have any idea what the man was talking about. He looked at the mailer. Sure enough, it was addressed to the man’s daughter and contained advertisements for maternity clothing, nursery furniture and pictures of smiling infants. The manager apologized and then called a few days later to apologize again.

On the phone, though, the father was somewhat abashed. “I had a talk with my daughter,” he said. “It turns out there’s been some activities in my house I haven’t been completely aware of. She’s due in August. I owe you an apology.”

I suspect these systems are now so sophisticated and analyse so much data about individual’s behaviour that they far surpass even the databases held by the most anti-civil libertarian governments.
But for some reason you don’t hear so many complaints ….
Saturday
Feb 11,2012

A Police Service with a sense of humour?

How would the Met shape up if their website was hacked?

Sunday
Jan 29,2012

John Naughton in today’s Observer has an interesting article on the proposed new EU data protection directive and the way in which Facebook is getting “its retaliation in first”.  The proposed “right to be forgotten” is likely to conflict with Facebook’s newish “timeline” facility.  And the retaliation?  This is how John Naughton puts it:

“The day before the commission made its announcement, Facebook’s chief operating officer, Sheryl Sandberg, gave a speech to a technology conference in Munich. Her menacing subtext was neatly summarised by the New York Times thus: “Concerned about privacy? Maybe you should be concerned about the economy instead.” Translation: mess with us, Eurotrash, and we’ll screw you.

Sandberg’s speech was revealing because it exposes the line of argument that Google, Facebook, et al will use to undermine public authorities that seek to control their freedom to exploit their users’ identities and abuse their privacy. The argument is that internet companies create lots of jobs and are good for the economy and European governments shouldn’t stand in their way.”

Apparently, to back this argument Facebook referred to a report that they had commissioned from Deloitte which concluded that Facebook had  indirectly helped create 232,000 jobs in Europe in 2011 and enabled more than $32bn in revenues.

John Naughton is sceptical pointing out that Facebook itself only has about 3,000 employees world-wide and he continues:

“Inspection of the “report” confirms one’s suspicion that you couldn’t make this stuff up. Or, rather, only an international consulting firm could make it up. Interestingly, Deloitte itself appears to be ambivalent about it. “The information contained in the report”, it cautions, “has been obtained from Facebook Inc and third party sources that are clearly referenced in the appropriate sections of the report. Deloitte has neither sought to corroborate this information nor to review its overall reasonableness. Further, any results from the analysis contained in the report are reliant on the information available at the time of writing the report and should not be relied upon in subsequent periods.” (Emphasis added.)

Accordingly, continues Deloitte, “no representation or warranty, express or implied, is given and no responsibility or liability is or will be accepted by or on behalf of Deloitte or by any of its partners, employees or agents or any other person as to the accuracy, completeness or correctness of the information contained in this document or any oral information made available and any such liability is expressly disclaimed”.”

Although Deloitte is normally regarded as a respectable organisation, these caveats plus the rather tendentious conclusions should raise alarm bells.

Or as John Naughton puts it:

“The sole purpose of “reports” such as this is to impress or intimidate politicians and regulators, many of whom still seem unaware of the extent to which international consulting firms are used by corporations to lend an aura of empirical respectability to hogwash.”

Yet reports like this with sensational conclusions seem a particular feature of commentary on the internet.

And especially so in respect of information security, last year the UK Government published figures saying UK cyber crime was costing £27 billion per year and not to be out-done Symantec suggested that the global figure was $388 billion.  The reality is that all these figures are unverifiable – and whilst I am quite clear that cyber-crime is a very serious problem for the world economy these estimates are, to use John Naughton’s word, “hogwash”.

Spurious precision – whether it is Symantec’s $388 billion or Facebook’s 232,000 jobs in Europe – should always be treated with caution.

Sunday
Jan 22,2012

The Government’s e-petition site has rejected an e-petition calling on the Government to improve “the flow of passengers through busy London Underground stations” by installing slides in place of escalators.  The e-petition also suggests that:

“Small prizes should be available for those reaching the bottom in the fastest time. These would be paid for out of the savings of not having to maintain and operate down escalators.”

The e-petition has been rejected because this is a matter for a devolved authority – in this case the Mayor of London – and therefore it is for the Mayor of London to consider this proposal.