Examples of Internet regulations around the world aimed at protecting children.

We have been writing extensively about the UK Online Safety Act, but I was interested to see how other countries deal with the same issues.

I have left the referring site links intact for anyone who fancies a trip down a rabbit hole today.

I had Copilot research for me and found an excellent piece from Ross Atkins of the BBC. Ros Atkins on… How different countries protect children online – BBC News

Here are examples of regulations aimed at protecting children online in Europe, the United States, and China:

Europe:

United States:

China:

IT Services West Sussex & the South East; Business and individual

Specialist IT Services & Products For Business

Since 2008, Tamite IT Services Sussex from Haywards Heath has provided support services to our clients. But don’t imagine that, as we have been around for a while, we aren’t forward-thinking; we are technology evangelists.

We strongly believe businesses can benefit from their technological investments by adopting AI, specifically Microsoft Copilot. We also develop Chatbots for clients that, believe it or not, aren’t as annoying as they used to be.

Contact us for a no-obligation discussion of your future plans. Click here

A future with a personal assistant on our desktop

Desktop personal assistants to deliver and support your projects

Personal assistants have come a long way since Clippy. They actively support you, provide hints and assistance as you work.

We prefer to think of AI as personal assistants, part of the team, capable of providing us and our company with numerous tasks within the business and even customer-facing tasks, such as being a more exciting way of delivering answers to faqs.

Employees and employers need not be concerned about the changes AI will bring to the workplace.

A personal assistant on every desktop can enhance productivity and improve security by reducing digital overload.

Your organisation is as good as the expertise of its teams; employee education will enable the realisation of the possibilities AI presents

IT support company east sussex, IT hardware support sussex, it support and consultancy

We believe that small and medium-sized businesses’ IT systems will benefit from AI technologies, which can leverage your existing applications and enhance cyber security.

Professional services users will especially find that Copilot AI simplifies and accurately summarises information, saving time searching for documents and content.

It also provides tailored recommendations and assists in creating content such as presentations, Word documents, Excel workbooks, PowerPoint presentations and summarised emails.

Save money, work more effectively, and integrate solutions seamlessly.

 West Sussex support company, technology partnerships, meeting customers expectations, phone support, consultancy, managed service

By utilising Microsoft Copilot features, users can overcome the initial difficulties of creating a document and hopefully contribute to a more satisfying work environment where AI personal assistants become valued team members.

However, it is vital to ensure that the environment in which Microsoft Copilot is introduced is secure.

Adding AI to your IT systems mix will inevitably highlight existing vulnerabilities within your IT infrastructure and cyber security practices.

Please read the NCSC article on employing the Principles of least privilege for more information.

IT Services & Support Sussex & Surrey, Support Contracts & System Health Monitoring

South east IT support, it support in the heart of sussex, we deliver hardware and software support service,

But what makes Tamite different to most of our IT Support competitors is that our focus is on preventing the issues arising in the first place.

We know that addressing your IT problem and getting it resolved quickly matters.

Customers rely on services, so with technical issues, prevention is better than cure for your business.

Our remote monitoring service allows us to check critical aspects of your PC or Server.

These include time to failure on your hard drive, disk space remaining, antivirus and firewall status, and many other aspects, including backup status, to allow us to monitor and anticipate problems with your systems before they become an issue.

Outsourcing backups and managed support solutions frees up your IT resources.

Backup technology, professional managed backup outsourcing, backup infrastructure, provide business backup support

Backup, Disaster Recovery, and Cyber Security are not just concepts for big business but also vital for small and medium-sized businesses.

We are a support provider dedicated to ensuring complete peace of mind, knowing that whatever technical issues happen, you are covered.

Email deliverability frustrates most companies; we provide a solution to monitor and manage your records and secure accounts.

More than just a support provider, expert advice and training.

Sussex Support, solutions company, your support team, meeting your IT needs, IT services Sussex

As a specialist in IT Security, we ensure your network is secure and free from threats, and your data is always available and adequately backed up.

In addition, we provide in-house business training for users to ensure they understand the basic rules and develop good habits that will allow them to work safely without compromising their IT security.

A Comprehensive Range Of Products & Support Services To Serve Your Business

In addition to practical assistance with technical and business processes, we have a portfolio of tried-and-tested products and IT services, all representing value and quality.

IT Security is central to our approach to supporting your business & being your trusted IT partner.

Software Solutions, complete peace through outsourced support, managed service solution,

Real Business benefits of artificial intelligence

The next few years in IT will be fascinating as AI will be genuinely transformative for many of the tools we currently use to run our business.

Artificial intelligence will also increasingly turn up on our phones and tablets and get involved in our leisure; imagine a personal assistant curating music and entertainment, suggesting recipes and getting the online shopping list ready. A practical and social secretary, though initially without the charm of Jeeves.

Implementing AI is not replacing human capabilities but creating a better customer experience.

Microsoft software with copilot AI, AI technology provider, we always listen carefully

AI as a tool is here. Developing your AI skillset is the best advice for anyone looking to succeed and progress, whether in their career, personal life or business strategy. Consider how artificial intelligence will affect your activities, and understand and embrace it.

As Artificial Intelligence technology develops, the threat to jobs and companies will actually come from the fact that, as with all new developments, we often feel threatened or fear change and resist it. Unfortunately, the people who resist digital personal assistants and don’t learn to work with AI will not be as efficient as their colleagues who have.

The sensible approach to AI is first to understand how to use it, train your employees, and plan to fully embrace a future in which AI will assist in most facets of the business.

We can confidently expect economic growth to experience a significant upturn, as we will see a productivity increase with AI in business. Having an AI colleague and assistant will greatly help many of us who currently feel we are struggling with information overload.

‘AI won’t steal your job, but people using it may’ – BBC News

We Support Sussex & Surrey businesses, but our services are Nationwide.

Although we are based in West Sussex and restrict our IT services to our local area, as we like to provide personal service and great response times, many of our products are UK-wide.

Tamite IT systems Featured product of the month:       

Keeper Password Manager

Keeper Password Manager, IT services West Sussex

 http://href=”https://tamitesecureit.com/keeper-security-business-password-manager/

People are notoriously useless at managing passwords; Keeper Security takes care of them for you. Keeper works brilliantly for individuals but has excellent team functionality that allows sharing credentials for groups within the business.

<a href='https://www.near.co.uk/computers/'><img alt=" Computers" src="https://www.near.co.uk/Images/LinkLogos/near-near.gif" /></a>

The UK Online Safety Act starts to make itself felt.

The Online Safety Act (OSA) was passed in October 2023 as a bill that effectively aims to make the Internet safe for all of us, especially our children. Ofcom, which has been handed the job of implementing the Act, now has the unenviable task of laying down the ground rules that will put it into effect.

One of the first areas is the rules intended to protect children and young people under the age of 18. These guidelines aim to clarify the new responsibilities and technical compliance that service providers must adhere to to comply.

The children’s safety codes published by Ofcom on 8 April 2024 set out around 40 measures designed to guide social media firms and other service providers to comply with their new legal obligations.

Ofcom to be given teeth to go with new offences

online safety bill

Measures currently under consultation and will come into force once approved by parliament. If companies fail to comply with the new rules, Ofcom have powers to enforce: fines of up to £18 million, or 10% of the company’s annual global turnover, whichever is greater criminal action against companies and/or senior managers who fail to comply with requirements or fail to follow requests from Ofcom business disruption measures, including preventing companies from being accessed or generating income in the UK.

Technology Secretary Michelle Donelan said (The Online Safety Act) “ensures the online safety of British society not only now, but for decades to come.”

https://www.computerweekly.com/news/366583794/Ofcom-publishes-draft-online-child-safety-rules-for-tech-firms

Ongoing Concerns Regarding the Online Safety Bill

Predictably, Social Media companies agree that “something must be done,” though they are not happy with the thought that they will have to do it and that it will affect their bottom line. Online safety is a key objective of the Online Safety Bill, which aims to create a safer life online by regulating harmful and illegal content.

Most people who see the tech company’s profits will probably not be sympathetic.

Tech giants make enormous profits from supplying media and messaging services that result in significant dangers and issues for society in general and, more specifically, their audience. Social media companies, in particular, must understand that internet safety and operating responsibly come with a cost and pay the bill.

Big Tech firms and social media companies are concerned about the implications of tighter regulations.

online safety bill, social media, safety bill

Inevitably, the OSA has caused concern among tech companies defaulting to its too complicated or using the freedom of expression argument to thwart any attempt to regulate their operations. Predictably, many online media companies are kicking back, lobbying, and raising objections to the measures.

The Privacy campaigners at Open Rights Group (ORG) who presumably don’t own cars or buy alcohol, claim that “the implementation of age assurance systems – including photo-ID matching, facial age estimation, and reusable digital identity services – to restrict children’s access could inadvertently curtail individuals’ freedom of expression while simultaneously exposing them to heightened cyber security risks”.

We believe that enforcing age limits through these systems is crucial

Regulated services are vital to protect children from harmful and illegal content and online abuse, aligning with the goals of the Online Safety Act.

Freedom of speech campaigners assert that this is a step too far. “Adults will be faced with a choice: limit their freedom of expression by not accessing content or expose themselves to increased security risks arising from data breaches and phishing sites,” said ORG executive director Jim Killock.

Well, Jim, that is called being an adult.

We adults face choices every day, and some of those choices involve modifying or curtailing our activities to protect our children.

In addition, if you presumably trust these “free” online platforms to provide you services and information, part of that deal is giving them information about yourself that lets them target you with news and advertising.

Supporters of the bill would say this highlights the importance of providing registered adult users with tools to navigate online spaces safely, emphasising the need for tech companies to conduct risk assessments to mitigate these online risks.

We need to trust Social Media companies, and they need to earn trust.

So yes, you, as an adult, will need to trust these platforms with additional information to enable them to implement systems to safeguard children. As a result, the platforms will need to take greater care of your data, and if you don’t trust them to keep that information safe, you can choose not to use their services.

Some overseas providers may block access to their platforms from the UK

Another objection is that “Some overseas providers may block access to their platforms from the UK rather than comply with these stringent measures”.

These presumably are the same overseas providers that profit from access to the UK market but choose to pay their tax overseas. This sounds like an empty threat, but it’s a win-win if more responsible providers replace them.

Tellingly, the arguments against the OSA’s provisions focus on educating children to self-censor and avoid using technology to filter the results.

The Online Safety Act serves as the legislative framework guiding these discussions, emphasising the role of the online safety regulator, Ofcom, in enforcing the bill and ensuring companies comply with its provisions to combat illegal content, including child sexual abuse and illegal drugs.

The Open Rights Group claim that despite OSA, “Risks to children will continue with these new rules. Regulators must shift their approach to one that empowers children to understand the risks they may face, especially where young people may look for content, whether it is meant to be available to them or not.”

This attitude from Groups such as Open Rights ignores the fact that, at a minimum, the regulation will reduce the risk of harm to children from content that is currently all too accessible; each child that is exposed to images relating to self-harm or other harmful content or other age-inappropriate content is a victim of a system that is failing them and that a reduction equates to a real number of actual children saved from harm.

When you look at the argument this way, it underscores the necessity of the safety bill to regulate content promoting self-harm, among other harmful online behaviours, aiming to keep young people safe online.

The approach backed by the ORG inevitably puts the costs of dealing with the fallout from tech companies’ commercial activities back on governments and societies. Presumably, empowering children through education means making children responsible for the content they consume.

Education is important but existing technologies and Artificial Intelligence can help suppliers meet their obligations under the new rules

The problems caused by the companies that dominate content on the Internet are technical but the solution must in part be regulation.

Organisations like banks, the media, and other industries that profit from society expect to be regulated where their services may cause harm. The Internet giants are no different, and they must expect to bear the financial burden.

Robin Tombs, CEO of biometrics firm Yoti, argued while there is “no one silver bullet when it comes to child safety”, the influential age-checking tech will be an essential part of protecting children from accessing harmful content online.

What is the Online Safety Act, and how can you keep children safe online?

Ofcom move to protect young people from harmful online content

Ofcom has notified social media providers that they face being named, shamed, and even banned from providing service to under-18s if they don’t comply with new online safety rules in the Online Safety Act (according to this BBC article).

Social algorithms must change to protect children – Ofcom – BBC News

As a parent, I’m very interested in regulating social media giants. Young people are understandably drawn to content. Mine constantly search stuff about hair care and, bizarrely, over-the-hill football icon Ronaldo.

Apparently, the Ronaldo vs Messi GOAT argument is still being argued in school playgrounds.

National online safety for kids

social media, connection, icons, young people, older children, potential risks, advice, resources

Young people lack a sense of “why this stuff” is being served up to me, a problem I honestly can’t relate to as the Internet wasn’t a thing when I was a kid, and CBBC and Teletext were hardly a challenging technology environment.

So I’m very much pro-regulation of the Internet, especially where children are concerned; even the “Wild West” finally got regulation, but not before a lot of people ended up shot.

Make online safety a priority.

Making sure your children are safe online can’t be left to regulation; children hopefully receive online safety training at schools. Parents should take the opportunity to sit with their children to discuss online bullying and fake news and expand on the online safety they learnt at school; make it part of a daily conversation, and you will learn as well.

Childnet created the digital leaders programme for schools. They give practical guidance, resources, materials and key online safety topics. https://www.childnet.com/parents-and-carers/have-a-conversation/

Contact Us

What online safety parental controls are available?

filter pornographic content, protecting young people online,

Don’t forget there are things you can do for yourself to keep your children safe online; on computers, set up separate profiles for you (the parents) and each of your family, which can support age-specific limitations.

Protecting phones and tablets is slightly more problematic, but remember that you can, with a little effort, make these safer environments and protect young people and adults by using the security settings provided by your Internet service provider.

This guide from the UK Safer Internet Centre covers some leading UK providers.

https://saferinternet.org.uk/guide-and-resource/parental-controls-offered-by-your-home-internet-provider

Don’t neglect your antivirus software’s ability to protect your online world. Products like Eset Home Security offer parental control.

Online safety advice

young people and website security, children online security, internet a safe place

In future blogs, I will cover how to set secure age-specific profiles for kids of different ages on PCs and software you can use to create your own safer Internet environment for you and the kids.

Next week, I will publish a list of the most responsible Internet providers and the tools they provide to protect you and your children and keep you safe online.

The Online Safety Act 2023 is a UK law regulating the duties of care of providers of online services, such as user-to-user and search services. Its purpose is to protect users, especially children, from illegal, harmful, and fraudulent advertising.

Here are some key points about the Online Safety Act and tips on keeping children safe online:

We as parents need to be conversant with the new rules.

What are the new rules for technology companies?

Providers’ Duties of Care:

The Act places duties of care on providers of user-to-user services (such as social media platforms) and search services (like search engines).

Providers must assess and manage risks related to illegal and harmful content and children’s access to their services.

Illegal Content Risk Assessment:

Providers must assess the risk of illegal and harmful content on their platforms.

They are responsible for promptly removing or restricting access to illegal and explicit content.

Children’s Safety:

Providers must consider children’s risks when designing their services.

They should take measures to protect children from harmful content and ensure age-appropriate experiences.

User Empowerment:

Providers must empower users to manage their online experience.

This includes features like reporting content and setting preferences.

Codes of Practice:

The Act allows for creating codes of practice to guide providers in fulfilling their duties.

These codes cover principles, objectives, and specific content protection measures.

New Criminal Offences:

The Act introduces new criminal offences related to online safety.

It grants powers to the regulator (Ofcom) to enforce the framework.

Tips for Keeping young people Safe Online:

Set a good example

Open Communication:

Regularly talk to your child about online safety.

Encourage them to share any concerns or experiences they encounter online.

Parental Controls and Filtering:

Set up parental controls on devices and apps to limit access to age-appropriate content.

Use home filtering tools to create a safe online environment.

Educate Your Child: Online safety

Teach your child about privacy settings, safe behaviour, and recognizing red flags.

Discuss the importance of keeping login details and passwords secure.

Supervise Online Activities:

Monitor your child’s online activities, especially for younger children.

Check their profiles and posts periodically.

Safer Internet Day 2024 & information sources for parents

Safer Internet Day is a global annual event focusing on online safety and well-being for children and young people. In the UK, it took place on Tuesday, February 6, 2024

The Internet Watch Foundation (IWF) is a UK-based charity focused on eliminating online child sexual abuse imagery and content. https://www.iwf.org.uk/

Trust – advice on your child’s first phone -NSPCC

Computer support, IT advice,

Working for a safer internet for children and parents.

Tamite is committed to protecting our online lives. We provide advice, support, training resources, teaching resources, and cyber security products that are just as valid for home users as business users.

IT Support Sussex – IT Services For Business

We believe IT should enable your business, so why are system issues holding you back?

Our support team provide our clients compiance services using a range of products using our partnerships with best of breed IT security vendors.

Our managed service desk is here to support your business through issues as they arise, but the most essential part of our service is our comprehensive suite of managed services.

  • Your systems are continuously monitored for health, reliability and security, and our managed backups ensure resilience.

Contact us to discuss our range of services and outsourcing from your IT support provider in Sussex and the South East.

computer repair, it support, sussex, business support agreements,

Core IT services and the environment will be revolutionised in the next few years.

As Artificial intelligence will increasingly allow users to address some of the low-level issues that currently get passed to their IT support provider just by asking their AI assistant to fix the problem.

According to Bill Gates, Artificial Intelligence (AI) will revolutionise computing in the next five years, and we will be using computer applications in a completely different way from how we do it today.
Gates Notes

We provide onsite and off-site support of computers and servers to support your business. Message us for details.

How we deliver Support Services will be radically changed by integrating Artificial Intelligence into business applications.

Copilot will provide business expertise benefits, support and skills to all business users in education and professional services outside working hours

We can help you personalise Copilot to your company by creating personalised prompts and ensuring that users only access current data suitable for the task and necessary for the job function.

AI assistants like Copilot will transform IT services and environmental management by offering more intuitive and proactive support. Here’s Here’sanded view on how AI will help users:

Streamlined IT Support:

AI will simplify IT troubleshooting and enhance response times by allowing users to resolve common issues through natural language commands.

So, for instance, if a document is accidentally overwritten, you will ask the AI to “restore” the last saved version of the document,” and “the AI will handle the retrieval process.

Our Team provide Computer support, Project support Sussex, phone support, West Sussex, DMARC manage Email compliance service, network solutions and support Sussex and UK

Proactive System Maintenance:

AI could predict system failures or detect real-time anomalies, initiating preventive measures to avoid downtime. As a result, users can expect less reactive support and more consistent uptime.

Customised User Experience:

AI will adapt to individual user preferences and work habits, customising the user interface and functionalities of software like Word, Excel, or Outlook to enhance productivity and user satisfaction.

Enhanced Collaboration:

teamwork solution, discuss, professional computer support Sussex, remote control and support, IT solution Small & large companies

AI will facilitate seamless collaboration across different platforms and time zones, translate languages in real-time, and transcribe meetings, making global teamwork more effective.

As AI technology advances, its ability to understand context, predict outcomes, and learn from interactions will improve. As a result, AI will become an indispensable tool for everyday tasks and complex problem-solving.

AI assistants will revolutionise IT services and contribute significantly to creating a more sustainable and efficient world.

More productive IT is supported by AI and a range of new AI-based tools.

IT systems and those using them will become more efficient, and our customers will become more productive.

We believe the future of the IT services we provide businesses will increasingly involve showing and training our clients how to use the services to gain the most benefit and offering expert advice on applying AI within your businesses.

Onsite and remote Support for Windows and Apple customers

Our service desk has an experienced team of IT professionals.

We provide a managed service to keep your business running smoothly. We monitor IT Systems, Backups, and Cyber Security to prevent potential problems and provide on-site and remote support.

computer, desktop, phone support, office,Tamite IT support company provider onsite computer support in Sussex, West Sussex, East Sussex

IT Services with Security at the centre.

Our goal is the high availability of customers’ IT systems; achieving this requires more than maintaining the company infrastructure.

Patch Management

Your system’s reliable and secure operation relies on Security and software updates to support hardware and software.

Our patch management service automatically manages this for you.

Security Management

By monitoring the antivirus, antimalware, and firewalls, we will monitor these services and deal with any issues promptly.

Hardware Monitoring

Ensure that your company hardware runs correctly and has no service issues such as disk space, disk errors, memory, etc.

We listen carefully to our clients, our team support businesses with managed DMARC services, monitoring email health and compliance

Spam Email Filtering & Fraud Detection, Mail Management & Monitoring

17% of breaches are directly attributable to Phishing. The recent Google Mondiant Special Report 2024 highlighted that Phishing remains a favourite tool for Cybercriminals.

Recent changes to Spam handling by platforms such as Gmail, Hotmail, and Apple have focused on implementing DMARC.

Our expertise in this area has benefitted our clients as we provide managed solutions to manage the security policies and records that underpin email.

Our clients can expect to save money as we can help them leverage existing capabilities.

Sussex Computer Support

M365 Copilot, an AI-powered tool that promises to improve productivity significantly, was launched in the first quarter of 2024.

To learn how your organisation can prepare for Copilot, check out our blog post or request a copy of our new Tamite Secure IT White Paper.

Contact Us

The adoption of AI needs to be part of your future plans.

Presuming Artificial Intelligence (AI) doesn’t rebel and decide to end humanity or enslave us, we will likely see AI becoming increasingly involved with our work and home lives.

Over the next few years, many of us will see AI within the products we know and love assisting us and doing stuff on our behalf.

Goldman Sachs predicts an increase in Global GDP of 7%

service, computers, repair , support services sussex, surrey, kent, phone support

Goldman Sachs predicts an increase in Global GDP of 7% over the next decade due to improvements in productivity due to Artificial Intelligence.

In the future, we will all have personalised assistants (Alexa on steroids), but before that comes to pass, we can expect AI to be bolted onto all sorts of things we are already familiar with. So, what will these integrations look like?

AI is poised to revolutionise the field of information technology (IT), offering innovative solutions that enhance productivity, streamline processes, and optimise operations. Microsoft 365 (formerly known as Office 365) exemplifies how AI is being harnessed to improve and assist us as support providers in various aspects of IT.

Understanding the threats is critical to a coherent cybersecurity strategy.

Our team provide IT Support service for customers in Sussex, West Sussex, East Sussex and the South East, comprehensive patch management from Heimdal.

Existing Exploits 38%

Google Mandiant’s special report concludes that 38% of attacks resulted from exploiting existing exploits, 17% from Phishing, 15% from prior compromise and 10% from stolen credentials.

Phishing 17%

You don’t have to be an IT Guru to prioritise reading this report; all business owners and most IT users will benefit from being informed about this subject. From Micro businesses, SMEs and Enterprises, the data in the report will guide you on the main areas to prioritise when planning your security strategy.

Prior Compromise 15%

We can help you with your strategy, but you know your business, how it operates, and your priorities; these factors will feed into your ongoing strategy.

The figures (17%) highlight that Phishing remains a favourite tool for Cybercriminals. Google’s Mandiant report shows that vulnerability exploitation has become the primary method for attackers to gain initial network access (38%).

In 2023, around 100 zero-day vulnerabilities were actively exploited in the wild by espionage groups and financially motivated attackers, who used zero-day exploits to infiltrate systems and steal valuable data.

Stolen Credentials 10%

Accordingly, it’s important to note that industry experts anticipate the persistence of phishing and vulnerability exploitation as significant cybersecurity threats in 2024 and beyond.

Tamite Featured Product

Trillion Leaked Credential Dark – Web Monitoring

Trillion’s leaked password database and algorithms provide an unrivalled ability to detect data breaches and give you a vital early warning of a potential data leak in your organisation.

https://tamitesecureit.com/trillion-leaked-password-database/

Example approaches Vulnerability Management for business.

Our team deliver Support, projects, outsourcing Solutions, infrastructure,  Microsoft and Apple solutions to companies in Sussex, West Sussex, East Sussex and the South East, UK

1. Identify vulnerabilities:

Use automated tools to scan your systems and applications for known vulnerabilities.

2. Categorize and prioritise:

Rank the identified vulnerabilities based on severity, exploitability, and potential impact on the business environment.

3. Remediate:

Address the highest priority vulnerabilities first, typically starting with those most severe and straightforward to exploit. This may involve patching software, changing configurations, or implementing additional security controls.

4. Verify and review:

After remediation, verify that the vulnerabilities have been addressed and regularly review your vulnerability management process to adapt to new threats.

Blogging Sussex computer support

 

Tamite Apple Mac support Sussex believe FBI v Apple court case may open Pandora’s Box

Governments around the world struggle to come to terms with the issues surrounding the security of data.

We try to keep you informed about Apple Mac related stories Sohail Yousaf who provides Apple Mac support Sussex for Tamite has been following this story for us.

The Apple v FBI case currently being played out in US courts is the culmination of a long running row that has been brewing between intelligence agencies and the technology industry.

Governments or rather intelligence agencies have been long-time critics of the growing availability of encryption, a technology which is being increasingly used to make data secure on networks and devices and only available to authorised users and intended recipients.

Encryption is an old technology literally thousands of years old, Caesar wasn’t just responsible for creating salad dressings he also had his own cypher.

Sohail of Tamite Apple Mac support Sussex comments that with the advent of computing and the development of more complicated algorithms has resulted in encryption that to all intents and purposes is unbreakable. Yes of course all encryption is in theory breakable, but when the time taken to break it is greater than the average lifetime then it becomes a pointless exercise.

As an expert in IT security and a specialist in Apple Mac support Sussex Sohail points to the fact our own GCHQ have been stressing over the fact that the encryption gives any self-respecting terrorist the ability to communicate securely with a minimal chance of the content of the message being read by hostile agencies.

On a more positive note they are probably finding it quite difficult to snoop on the rest of us.

So what is to be done, well the authorities would like to have back doors built in to the security so that they can access the information that encryption increasingly denies them.

The industry argues that by providing backdoors for government agencies, will be counter-productive, criminals and terrorists will just refrain from using systems that they know will be compromised. By building in vulnerability the same back doors are available to potential hackers, building in vulnerabilities goes against the grain for companies that have spent time and money on trying to eradicate vulnerabilities to make their products more secure for the end user.

Because of the issues surrounding Cybercrime customers are becoming increasingly aware of the volumes of data our every-day devices store, the companies behind those devices have responded to those concerns by adding layers of security to the devices.

Tamite Apple Mac support Sussex comment on the Apple vs FBI case
The Apple vs FBI case

The FBI and Apple are fighting a public battle in US courts that may have long term ramifications for the IT Security industry.

The FBI want Apple to assist it in removing a security barrier on the iPhone of Syed Farook, one of the people responsible for killing 14 people in San Bernardino last year.

The fact that Farook’s iPhone may hold vital evidence led to the legal cases between Apple and the FBI in America, the FBI believe that Farook’s IPhone may hold vital clues to the case but are unable to access it without Apples assistance, Apple and the majority of the technology industry who are watching developments anxiously feel that by unlocking Farook’s iPhone they may just open a Pandora’s box.

Sohail of Tamite Apple Mac support Sussex concludes that It is easy to see how the situation could easily repeat in the UK, the British Government’s Draft Communications Data Bill (AKA the snoopers charter) shows the anxiety of UK Intelligence Agencies when faced with the new digital reality.

To access the iPhone, the FBI have asked Apple to effectively hack their own device, as since iOS 8, Apple has included device-specific encryption methods but claims the FBI would get around this by rolling back to a previous operating system.

Apple – and other Silicon Valley firms – believe that setting such a precedent would harm American citizens and by extension the rest of us, and is fighting the case in a California court and Congress.

Meanwhile, the judge overseeing the court battle between the two organisations has heard that criminals have been switching to the newer iPhone models as their “device of choice” to commit offences thanks to the tough encryption present in each handset.

Of course the cynical amongst us might point out that Apple are in something of a win win situation here. Win or lose Apple have demonstrated that their devices are taking data security seriously and that they are willing to stand up to governments to protect the integrity of their products.

West Sussex Apple Mac specialist says Safari Crashes due to bug

West Sussex Apple Mac specialist asks has your Apple Mac, IPhone or IPad been acting as if it were possessed

Well join the club, according to West Sussex Apple Mac specialist Sohail “the problem you have been experiencing was due to an update issue on 26th January and was responsible for introducing a bug that caused Safari to crash when Mac and iPhone / iPad owners attempted to search within the address bar; The issue lasted for several hours”.
According to Apple “only people whose Safari suggestions data storage updated during early AM hours” were affected.

The bizarre bug caused the hugely-popular iOS web browser to CRASH whenever a user tried to enter a new search or URL into the address bar.

Apple say the issue only affected iOS and OS X users whose Safari Suggestions data was updated late on the 26th January, Greenwich Mean Time.

Apple has now rolled out a fix for the glitch, but some users could still be experiencing the infuriating bug.

“Apple now believes it has resolved a bug with its Safari browser on both OS X and iPhone that caused the web browser to crash for users around the world”.

If you are still experiencing issues we suggest

Apple Clear history image
Clearing your history may help

 

West Sussex Apple Mac specialist Sohail suggests; “If you’re still having trouble, your iPhone or iPad almost certainly still has the problematic data cached

Clearing the cache should solve the issues for good. To do that, head to Settings > Safari then tap Clear History and Website Data”.

“This will wipe the web history from any devices signed into your iCloud account, so don’t panic if your MacBook also loses any record of your browsing”.

The latest update from Apple has now resolved the issue, which made Safari on iOS unusable so finally check your IOS version is the most recent version iOS 9.2.1

Reached through Settings>General>Software Update

Tamite IT provide support for both Windows PCs & Servers and are specialists in Apple Mac support

 

 

TalkTalk Data-breach

Talking the TalkTalk – The TalkTalk Data-breach

The databreach at Telecoms provider TalkTalk has brought into sharp focus the havoc that can be created and the fallout brands experience as a result of a data breach. Especially if as is the case with TalkTalk and parent company Carphone warehouse you are serial offenders.

At the time of writing as a result of the TalkTalk data-breach more than 10% has been wiped off of the groups share price representing some £360 Millions in value.

Tamite Secure IT believe the time has come for companies of all sizes to look at their individual risk and commit to spending on security commensurate with the risk. If you are in the Telecoms industry with lists of customers that include banking details you must realise you are high up on the Cyber criminals list of high value victims.

Between them Carphone Warehouse and TalkTalk have been victims three times this year and in Talk Talks case it really could be three strikes and you are out.

carphonewarehouse TalkTalk2

 

 

 

 

Dido’s Stuttering Performance on TalkTalk Data-breach

Dido Harding Talk Talks Chief Executive is taking lots of flack and rightly so, but the Chief Executive has been either incorrectly briefed or she has been incapable of accurately presenting the situation around the TalkTalk data-breach, maybe she thought nobody understands IT anyway, as some of her statements have been well off the mark; so in case you are reading this Dido.

For your information, the TalkTalk data-breach was not the result of a DDoS attack, data is not leaked as a result of DDoS attacks in fact almost the opposite, your servers are so overwhelmed by incoming requests they are incapable of supplying the data they are supposed to, serving up “webpages”, let alone divulging the contents of the company database.

When you said sequential attack I think you probably meant SQL Injection attack. The second most common database exploit on the net, and you really should have had that one covered.

The fact that a fifteen year old from Ireland has been detained as part of the investigation seems to add weight to the growing feeling that TalkTalk have not been as diligent as they should have been when it comes to protecting customer information.

The possibility that a fifteen year old could have orchestrated the DDoS attack and carried out the SQLi attack is not beyond the realms of probability. DDoS tools can be readily accessed and attacks need surprisingly few resources.

SQLi hardly qualifies as a zero day threat and the information on how to go about it is out there.

Bearing in mind Dido Hardings recent pronouncements that TalkTalk are head and shoulders ahead of their competitors when it comes to Cyber Security we can only fear for the rest of the industry.

Reaction to the TalkTalk Data-Breach

Since the breach TalkTalk’s website has displayed a list of data that is thought to have been released.

talktalk

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

On the plus side TalkTalk put their hands up early and made statements to the effect they knew they had been hacked but couldn’t be sure how much data had been exposed, just demonstrated how little confidence they had that it wasn’t all of it.

Baroness Harding said she reported the security breach to BAE Systems and detectives from Scotland Yard’s cybercrime unit are also investigating the crime.

She told the Daily Telegraph: “Do I wish I had done more? Of course I do. But would that have made a difference? If I’m honest I don’t know.

“This is happening to a huge number of organisations all the time. The awful truth is that every company, every organisation in the UK needs to spend more money and put more focus on cyber security – it’s the crime of our era.”

The police are investigating ransom calls to TalkTalk last week seeking payment.

Baroness Harding warned that it would be “naïve” to think an attack like this would not take place in the future.

She told The Guardian: “It would be naive to say something like this will never happen again to any business.

Some financial commentators have already made the point that TalkTalk are by no means in shape to weather this particular storm.

Performing as they do in a tough and competitive environment TalkTalk have been making bold statements about taking costs out of the business and setting tough financial targets for the coming year. Indeed some of these were based on reducing customer churn, they must now have a hollow ring, when put against the cost of rescuing a reputation that had already been damaged by shortcomings in customer services recently highlighted by the telecoms regulator.

Neither Talking the TalkTalk or Walking the WalkWalk.

Ironically Baroness Harding who was elevated last year to the peerage, possibly rashly announced that rather than seeing the position as a cushy extra, Dido Harding is determined to make her time on the red benches count.

Announcing to the press that she is in a race to make the internet safer for children and families. (Read More)
Her shaky grasp of the state of IT in her own company would appear to make her ideal material for her other governmental post UK Business Ambassador for the Technology and Communications Sector.

She has certainly done her bit when it comes to showcasing the state of IT Security in many British companies.

Yesterday TalkTalk came out with a statement to the effect it could have been worse. I think your customers and shareholders might have the final say on that one.

The damage done to the TalkTalk Brand has been immense, it may even have been damaged fatally.

What the Data Commissioner will make of all this is yet to be seen but don’t be surprised if they are inclined to be punitive, wanting to make an example of such a high profile breach.

Also don’t be surprised if the TalkTalk brand is consigned to history as The Carphone Warehouse may seek to dispose of a fatally damaged brand in a fire sale as soon as the dust has settled.

Haywards Heath IT security specialist asks what can we learn from Kaspersky

The way that data breach has been handled by these two organisations provides valuable insight into how it should be done.

Haywards Heath IT security specialist Gary Johnston has been taking a particular interest in events at Kaspersky and the US Office of Personnel Management.

As an IT security specialist when stories of this kind unfold it is always interesting to see how they are dealt with by the companies involved, very often unfortunately the answer is badly.

Haywards Heath IT security specialist Gary Johnston says Kaspersky and The US Office of Personnel Management provide contrasting examples of how to deal with a data breach.

Tamite Haywards Heath IT security specialist comment on Kasperky & US Office of Personnel Management data breach

Kaspersky have given a text book demonstration of how to handle the potentially embarrassing fact that they have been the victim of data breach. Kasperky disclosed the fact that during the testing of a new product designed to search for APTs (Advanced Persistent Threats) they had actually discovered an intrusion on their own network.

The phrase not knowing whether to laugh or cry comes to mind. I should imagine that the event was akin to the head designer at Dyson plugging in the latest design, pushing a button, watching his own workshop disappear up the nozzle and saying to the assembled audience, “well that worked”. Presumably the new product has passed its Beta testing with flying colours.

Kaspersky unlike previous victims of this type of event, have actually in some ways turned what could have been a hugely embarrassing event into something a little more positive. They promptly admitted to the breach and the investigation showed that the attack was highly advanced. Using what Kaspersky have dubbed Duqu 2.0 which presumably infers a link to Duqu 1.0 (BBC News) which was famously uncovered by Kaspersky in 2011 to eves drop on the organisation.

Gary Johnston of Haywards Heath IT Security specialist Tamite Secure IT comments that Kaspersky appear to have been open about the scope of the breach from the start, including the extent and the timeline of the attack and the fact that within a short period of being discovered it appeared to uninstall itself and attempt to cover its tracks (Computer Weekly), it makes fascinating reading and gives a real feel for the sophistication of the APT.

July was also a good month to bury bad news as the events at Kaspersky were possibly over shadowed news wise by the events at The US Office of Personnel Management (US OPM) who managed to leak tens of millions of records relating to government employees. (BBC News)

In contrast to Kaspersky the reaction of The US OPM went through the usual phases, of denial, to grudging acceptance while still understating and minimalizing the extent of the breach. The classical pattern was almost complete when after having been over taken by events, The US OPM finally resorted to a hand wringing confession to the true extent of the breach. The final phase was marked by the inevitable and ritual decapitation of the person deemed most culpable. In this case the Director of US OPM Katherine Archuleta who announced she would step down to help the department “move beyond the current challenges”.

However of the two events, the one at Kaspersky is the more troubling, it seems to be a universal fact that governments don’t do a great job of IT or IT Security per se and in any case the USOP have what is known as previous. The fact that Kaspersky who do IT Security well have been spied upon for an indeterminate period should be seen as sinister.

Gary Johnston Haywards Heath IT Security Specialist goes on to say that there are three scenarios that have been mooted.

1. The Israelis who have plenty of “previous” spying on the Iranian Nuclear Arms proliferation talks and wanting early warning if their latest piece of Spyware has been exposed.

2. GCHQ, Nation state China, US NSA etc. a security service wanting to know how to circumvent the latest security products.

3. Three Cyber criminals least likely but similar motive.

The comments in this blog represent the thoughts of Haywards Heath IT security specialist Gary Johnston of Tamite IT

Email on the dark side – Spear Phishing

The need for spear phishing awareness training is demonstrated by the events at US Office of Personnel & Kapersky 

 I think we need to come clean about the purpose of this weeks blog on the subject of Spear Phishing and come right out and admit that it has been written with the intention of gaining your attention and trust, with the ultimate aim of (shock horror) selling you our spear phishing awareness training and other services.

Why do I feel the need to say this, before we get into the main topic of this weeks blog.  Well it’s because the stories we want to draw your attention to this month all probably began with a carefully crafted message.

At this point I will point out that our “carefully crafted” message has been produced with the intention of increasing your awareness of the risks that cyber crime poses both to the individual and business. We know that any effort at tackling Cyber security begins with awareness of the issues. Not in a scary technical way. Just the basics of why, what and how.

Kaspersky-Labandusdop

There have been two major stories this month, one hacking and the other a combination of hacking and the use of advanced spyware known as Ducu 2.0.

Both Kapersky the Russian security software specialist and the American Government have suffered major breaches. In the case of the American Government the breach resulted in millions of employee records being stolen, these records are now being sold on the dark Internet presumably for the purposes of identity theft.

The Kapersky breach was in all probability espionage as the tools used in the breach were state of the art and probably the product of a spy agency, fingers are being pointed at Israeli Intelligence but who knows. (I will be publishing blogs covering both breaches in more detail next week).

The thing that both breaches have in common is they probably came about as the result of what is known as a Spear Phishing attack, where email carrying a carefully crafted and targeted message (yes probably even better than this one) are directed at an individual or individuals in an organisation.

Because the email comes from someone or an organisation (possibly posing as internal mail) they trust and contains information on a subject that is of current interest and because the criminals have already been researching the victim to find out what they are interested in.

Because the victim believes in the validity of the sender and the message they make a single simple mistake. Almost certainly in each case the carefully crafted (Spear Phishing) email was received by the carefully targeted victim and they opened it and possibly followed a link. Unfortunately from that point on they have unleashed a series of events that eventually will lead to a full- fledged breach.

So what can I as a business owner do to protect myself against these threats?

The first thing we would recommend is that you look at the way you are dealing with SPAM; Probably you haven’t thought much about it and have gone for the default position which is to use the filtering built in to Microsoft Outlook or whichever mail client you presently use. You may even be using something slightly more sophisticated that came with your Antivirus software and if you are lucky this will result in at least some Spam being automatically removed.
Most likely you have never put any real thought into it.

Well luckily for you, we have. Our conclusion is that the best option in almost all cases, is to deal with Spam before it even reaches your desktop. Using highly sophisticated cloud technology that results in most of the Spam around 98% being removed before it ever reaches you. Even the dangerous stuff.

So now you have more time to deal with the messages you need to deal with and less time deleting the dross.

Consider spear phishing awareness training for your staff.
Spear Phishing is something we all need to be aware of, when someone of the sophistication of Kapersky fall victim it is an indicator that we all need to be on our guard.

Protecting your customers data and your companies own assets is vital, as it is central to what you do.

This is why you need IT Security to be part of the responsibility of every employee. Basics of IT Security & Spear Phishing awareness training need to become intrinsic to your company operations.

Gary Johnston
IT Security Product Director
Tamite Secure.IT