I have to admit that I’m not much of a public transport person; the word ‘public’ being the clue as to why I prefer travelling in the chav-free environment of my eco-friendly little Fiat 500 whenever possible. However, when I do risk jumping on a bus, or have won the lottery and can afford a train journey, I am always near terminally confused by the various ticketing options. What I would want, were I a regular public transport using type would be some kind of secure token system that I could just wave at a reader device and be on my way. Such things exist, of course, but there are a myriad different types and standards which just serve to confuse things as much as the paper ticketing mess does. And if things are bad for the consumer of such things, they are even worse for the transport providers when faced with proprietary technologies that are not interoperable across devices,which can be hellish expensive to acquire, deploy and maintain and, worse of all, are not as secure as they could be.

Read more

I recently exclaimed “Leave my laptop alone. I MEAN IT!” here at IT Pro, and was surprised at the venom of smartphone and tablet users who not only disagreed with me that the laptop was far from dead, but suggested I should join it. Proving that I am either thick-skinned or just thick, I thought I’d repeat the claim that laptops are just, well, better at so many things. This time the thing in question being shopping, and this time I am far from alone in making the claim.

A new survey on mobile commerce habits, published by a strategic information management company called Stibo Systems, suggests that most consumers remain unsatisfied with m-commerce with only 27 percent apparently bucking that trend and a meagre 8.6 percent rating the experience as excellent. Falling into the 73 percent majority myself, a very active user of mobile devices but not a very satisfied mobile shopper, I have been taking a closer look at the findings revealed within the ridiculously long-winded titled Stibo Systems’ ‘UK Online Shopping Trends 2001: Product Information: the key to successful multi-channel retail strategy’ whitepaper.

Read more

Children, often too young to be reading yet, are being targeted by cyber-scum in the latest wave of malware attacks. Why bother targeting young kids, you may ask? To get access to your data, I might reply.

According to security vendor BitDefender, online games are being used as a vehicle for spreading malware with a deliberate intention to bypass security checks by encouraging kids to install the software with big flashy click buttons. Many of the games concerned would seem to be of the ‘virtual pet’ or ’swipe to paint a picture’ variety, obviously aimed at the very youngest of children.

During the last week alone, researchers at BitDefender have uncovered half a dozen such examples of these Flash-based, very colourful and highly attractive to kids type games which come complete with Trojans that are designed to steer the youngsters towards sites which download and install malware capable of stealing financial data.

Read more

It’s amazing the havoc a dodgy oyster creates. After eating that one manky mollusc, if evacuation was an Olympic sport, I got the gold. Three weeks up and still going, so to speak.

Gold is a target Microsoft’s boss, Steve Ballmer, is avoiding as he aims at a lowly bronze instead. He reckons Microsoft has got what it takes to become a “very strong third ecosystem” in the world of smart phones. As he announced at his company’s recent Financial Analyst Meeting. It seems strange to hear him admit that Google and Apple have beaten Microsoft.

Beating Apple is something I’d love to do at the moment. Preferably around the head with a large and heavy stick. The new iCloud, Apple’s third attempt at on-line services, will not include their iDisk storage. This is the one facility I am happy to pay for at mac.com and the stupidly named MobileMe.

The iDisk is just about the easiest way to share large files. Access can be at desktop level with files dropped into a local mirror, or mounting the iDisk as an external hard drive, or by web browser or WebDAV application. The latter being the quickest way to send and receive files. iDisk is also a good way to exchange files between Macs and computers running *nix or Windows and more recently iPhones and iPads.

In full-colour illustrated publishing, where we can work with enormous amounts of data, an iDisk is almost de rigueur. Editors and authors, many of whom are not techo-savvy, use a variety of different computers, anything that will run Word. Giving them an easy way to send large files or to view PDF proofs is essential and the iDisk does exactly that.

There are many alternatives, such as Dropbox, but they are often more expensive and all have idiosyncratic ways to use them even if they have more facilities than an iDisk. Virgin Internet have even given me free and unlimited on-line storage space but without the ease of use that comes with an iDisk.

All is not lost yet because Apple has not finalised the services iCloud will offer and are open to ideas. Developers who have been given access to iCloud already, have been doing exactly that but there is no guarantee anything will change.

The other alternative is to run something in-house. This is fine if you have fast Internet and luckily we have. Our mini cloud runs via a Pogoplug connected to a cheap 2TB drive. All for the cost of a couple of years subscription to Dropbox. But I’d still have an iDisk if one is available.

The news that the Information Commissioner’s Office (ICO) has determined that yet another NHS trust is in breach of the Data Protection Act comes as no real surprise to anyone who has been following the myriad security breaches suffered by the NHS during recent years. But what does surprise me is the apparent lack of concern that the ICO has failed, yet again, to really do anything about it.

The University Hospital of South Manchester NHS Foundation Trust is quite a big name, yet ironically the data that it lost was contained on a very small thing: an unencrypted USB stick. Oh sweet Jesus H Christ, you heard that right, the NHS is still allowing staff to use unencrypted USB sticks to shift data around on. I’m sure that there will be some who disagree with me and point out that the NHS trust in question was following the NHS Connecting for Health guidelines on data security and forbidding any such thing. Unfortunately folks, my definition of ‘allowing’ stands: if you have a policy which says one thing but comes with no real world method to enforce that thing, then when someone breaches your policy you have for all intent and purposes allowed it to happen. See what I mean? And so it was, that this particular NHS trust allowed a medical student working in the burns and plastics department to put data relating to the treatment of more than 80 patients around on his own USB stick for ‘research purposes’ which was, as I’ve said, not encrypted at all. Said student then lost the USB stick, and all the patient data upon it.

Read more

Stealing data is so flipping simple. There are so many ways to do it as well, not just through infecting machines with pernicious malware either.

As many simpleminded creeps have noted, buying up domains similar to big name companies and adding little typos into those domains can bring in that valuable data. People send emails to these domains – possible examples being Gookgle.com or Fleecebook.com – not realising they could be posting their data to the wrong people. Sometimes these people will be naughty boys and girls.

This is known as typosquatting. It’s a simple trick, but seemingly a rather effective one too. Surely you can’t get hold of actually valuable data with this technique though, right? Wrong.

During six months, two researchers, Peter Kim and Garrett Gee, managed to acquire a hoard of interesting data just through buying up 30 internet domains similar to Fortune 500 companies bar a few spelling mistakes.

They received 120,000 emails during that time. These included rather important things like passwords for an IT company’s external Cisco routers, as well as VPN details and passwords for a system managing road tollways.

There are more worrying consequences as well. By performing a remarkably simplified version of a man-in-the-middle attack, the researchers could have sent on the original email to the intended company, modifying their messages to feature a bogus return address. Just as in any standard MITM attack, they would be the silent middlemen watching over interactions between two parties who believe they are talking in private.

Is there much a company can do to solve this? On the sender’s behalf, simply getting the spelling right might help. As for companies who don’t want their name used in vain, buying up similar domains to their own is a good start. Of course, that requires time and money – something many of us are short on.

So encryption is the key (puntastic!). Encrypt all sensitive data being sent over emails. Simple advice that is so often not taken.

I did a bit of quick and dirty research with absolutely no statistical value and it revealed that headline writers love saying that the PC is dead, the laptop is dead, in fact anything other than the tablet and smartphone is dead. But is it true? I’m in the No Way Jose camp myself, and here’s why.

While the Office for National Statistics may have just issued a news release informing anyone who’s listening that 45 percent of all Internet users (well, all of those who they actually bothered to ask) have accessed the Internet by way of a mobile phone so far this year, and amongst 16-24 year olds that figure jumps to 71 percent, it doesn’t mean that they only go online that way. Nor does it imply that the laptop is dead, although I have already heard some media commentators extrapolating exactly that conclusion from this seemingly innocuous data. Some, who really should know better, have even seen the word ‘mobile phone’ and morphed it past a smartphone and into a tablet in order to support the laptop R.I.P argument.

Read more

In a bid to save money and regain a little of my moribund fitness, I decided to start walking to work earlier this year. But yesterday, as the rain returned to batter Londoners’ hopes of an Indian summer, I took to the bus.

This is something I reserve for days of truly inclement weather and yesterday reminded me how anathema getting on UK public transport is to me.

The whole process may be improved with a TfL app though, which will soon tell me when my bus is due. Having just tested out the beta version, which appears to be working rather well, it should at least not leave me in the lurch in terms of having a modicum of knowledge about when to actually vacate my flat.

As pointed out by my editor though, the bus arrival notifications at many bus stops in London are far from accurate. For those who’ve been promised a bus is due by those machines watching over their waiting, only to be left standing another five minutes staring desolately into the rain spattered road wondering how things got so bad, you know what I’m talking about. This app appears to offer little more. Look, even the ‘Countdown’ test page has a picture of one such ‘timetable update’ machine included on it:

It seems the timetable data will be based on “bus departure predictions” although there is a promise of “real-time departure information” on  the service’s corporate page. Will it really be real-time? I’m dubious. It’s just a web version of the already unreliable bus stop countdown machines, isn’t it?

Can’t we track every bus and then see exactly where it is via an app? That way we’d really know when the bus was coming. Given our movements are apparently followed by tech companies and Governments alike, surely this wouldn’t be too much of a stretch. Finally, a positive side to tracking software. Huzzah!

But it doesn’t appear that will be the case. Furthermore, having read around the development of this app, it appears TfL is rather late to the game, just like our buses so often are. Scots in Edinburgh and Finns in erm… Finland have grown used to such services already, according to the Guardian.

Oh and if you want to use the text service, you can expect to pay the standard rate for each message. So that’s more money down the (already-flooded) drain if you want to be organised… or avoid the atrocious English weather.

Sometimes I am not sure if I should be banging my head against the desk because of surveys that ‘reveal’ the obvious, or because there are businesses out there providing the ammunition for such research by refusing to remove their heads from their collective arses. Today I am leaning towards the latter as I read the new KPMG e-Crime report.

The survey itself was of 200 senior security decision makers, although I have to say that description seems almost laughable given the results, from global businesses including a bunch of FTSE 100 listed outfits. Here’s why my head is so sore, in a nutshell:

Read more

Is it just me, or does anyone else just want their satnav to tell them how to get between points A and B (possibly via C) as quickly as possible? I ask as I have a press release here that assures me TomTom is introducing a new feature that will satisfy that greatest of needs of the average motorist: the ability to automatically tell everyone on Twitter not only where you are going but when you are likely to arrive there.

Don’t worry, the press release reassuringly informs me, broadcasting my destination and ETA isn’t going to cause me to crash as the Twitter message is “pre-set by the user before they set off, so they can concentrate safely on the road without worrying about informing people when they’re going to arrive”. Well thank goodness for that, one less worry before I set off down the M62 again. Not!

Read more