25 years since first email attachment

It is 25 years since the invention of Mime, or Multipurpose Internet Mail Extensions – the system that made it possible to send attachments.

Since 1992, people have gone on to send rather a lot of them, as the BBC’s Rory Cellan-Jones explains.

Article source: http://www.bbc.co.uk/news/technology-39231308

Google develops invisible web security Captcha form

I'm not a robot - Captcha form

Image caption

Captcha forms may soon disappear

Website security checks that challenge people to prove they are human are likely to “disappear” in favour of a new system developed by Google.

Captcha checks typically ask people to complete a puzzle that a computer would struggle to complete correctly.

They are designed to stop automated bots accessing and using websites.

Google’s new system tracks how a person interacts with a website to prove they are real, so the puzzles are no longer necessary for most people.

Captcha checks are often deployed by concert ticket websites to stop people setting up automated bots to buy all the best tickets. They also appear when somebody is trying to log in to a website with the wrong password, to spot automated attempts.

Image copyright

Image caption

Traditional Captcha checks ask people to read wobbly text

The puzzles present challenges that people find simple but computers can find more difficult, such as:

  • identifying photographs of dogs in a gallery of animal pictures
  • typing numbers from a photograph of a road sign into a box
  • listening to somebody reading out numbers over music and typing the numbers into a box

The puzzles also benefit companies such as Google by helping train artificial intelligence algorithms. For example, if Google’s AI can not recognise a house number in a photograph taken by a Streetview car, it may add the photo to its Captcha system to get human input.

However, genuine users can find the interruption by puzzles a nuisance.

Google’s reCaptcha system has already simplified the process by asking users to tick a check box on the website they are using. The box monitors how each person has interacted with it, to separate natural human clicks from bots.

For example, an automated script might take just a second to fill in a form on a website, and may not move the mouse at all during the process.

Google’s latest development removes the check box as well, and instead analyses how people have interacted with other elements on a website such as the “submit form” button.

However, in some cases “suspicious” activity will still trigger a puzzle.

Article source: http://www.bbc.co.uk/news/technology-39231307

The smart button controlled by your fingerprints

A smart button controlled by your fingerprints was one of the gadgets on display at the recent Wearable Technology Show.

The device can be programmed for each part of each finger to activate a different function.

BBC Click’s Lara Lewington reports.

See more at Click’s website and @BBCClick.

Article source: http://www.bbc.co.uk/news/technology-39229217

Facebook Messenger adds Snapchat features

Facebook has added Snapchat-style disappearing photos to Messenger, in its latest move to ape its popular messaging rival.

The social network has already added vanishing stories to its Instagram and WhatsApp products.

The BBC’s Chris Foxx asked Facebook’s Peter Martinazzi why people would want to post disappearing selfies on so many apps.

Article source: http://www.bbc.co.uk/news/technology-39222358

Sinclair ZX Vega+ funding campaign halted by Indiegogo

ZX Spectrum Vega+Image copyright
Retro Computers Ltd

Image caption

RCL promised that the Vega+ would come with 1,000 licensed games

Crowdfunding platform Indiegogo intervened to stop a handheld retro computer console campaign from acquiring further funding, the BBC has learned.

The Spectrum ZX Vega+, backed by Sir Clive Sinclair, had achieved its original crowdfunding target.

But then Indiegogo halted further fundraising because of delivery delays and a lack of communication to backers.

The project’s organisers had asked the BBC not to reveal the development.

The BBC understands no consoles have been delivered to backers, despite a pledge last month that they would “ship after 20 Feb 2017″.

And the company behind the project – Retro Computers Limited – suggested these details might put its team at risk.

“Following a credible threat of violence against personnel of Retro Computers Limited, including threats made as recently as last night, we asked [technology desk editor] Leo Kelion and the BBC to refrain from publishing a story we believe to be factually inaccurate and might put people at risk of physical harm, alarm and distress,” Retro Computers Limited founder David Levy said in a statement on Wednesday.

“Since December 2016 the BBC have formally been on notice that this is a police matter, and we ask that the BBC and Mr Kelion do not compromise the police investigation.”

The BBC delayed publication of this report to give RCL managing director Suzanne Martin time to provide evidence of the threats, but she did not do so.

In the meantime, the Gizmodo news site also published and then deleted an article about the matter because it too was told of threats.

Refund requests

RCL had already received more than £513,000 ($624,000) from Indiegogo crowdfunders for the Vega+ .

And before the fundraising campaign was halted, the project had been listed as “in demand” to allow new people to become backers, despite having already reached its funding target.

But in recent weeks, many backers have expressed anger that they still have not received their console and claimed their requests for more information were going unanswered by the company.

Although, Indiegogo is clear in its terms and conditions that those who back a project are supporting an idea rather than buying a product – and that hardware in particular tends to be more difficult to deliver.

In 2015, RCL brought a different Sinclair computer to fruition after a smaller campaign.

Image copyright
Retro Computers Ltd

Image caption

A previous Spectrum Vega console was delivered to backers and put on sale

Lawyers’ letter

RCL originally said the new Spectrum ZX Vega+ was due to go into production in the summer of 2016 and it might even “be able to improve on this delivery date”.

But in December 2016, after the BBC contacted RCL to ask about the status of the Vega+, the broadcaster was threatened with legal action.

“Our clients are concerned that the BBC is in fact supporting and participating in a malicious campaign intended to denigrate our clients’ reputation,” wrote lawyers Michelmores LLP in a letter to the broadcaster.

They went on to request that the BBC show them its report at least 48 hours ahead of publication so they could identify any false information, which the BBC refused to do.

Image copyright
Retro Computers Ltd

Image caption

The campaign said the Vega+ is designed to be used as a handheld but can also be connected to a TV

Ms Martin then apologised to backers for the delays and said there had been unexpected issues with the console buttons.

“In November, we identified an improvement we believed was essential to the Vega+ gaming experience,” she said at the time.

“An improvement that would make the feel of the product far better, including a correction in the design of one of the buttons, making it more robust and able to withstand the rigours of extended game-play.

“We also wanted to make sure we did justice to the Sinclair legacy.

“This change has caused a brief delay, and we are truly sorry about that, but we needed this time to improve the product, and we have now completed the necessary revisions, and we are delighted to announce that we will ship the first units in February 2017.”

Since then, RCL has suggested it had been unable to respond to some backers’ requests because of a business dispute with two former directors.

And in its last public update, 11 days ago, the company released some technical details about software used by the device.

‘Last chance’

Many recent comments left by backers on RCL’s Indiegogo page, which remains live but has stopped taking funds, are requests for refunds.

“I don’t expect a response. I’m just being polite in letting them know this is their last chance before they have to deal with small claims court,” wrote a backer called Paul Brookfield.

“Please receive this email as written notice of cancellation of my pledge and a request for a refund,” wrote Drew Miller.

“I no longer believe you are capable of providing the product I pledged for in April, considering the drastic number of delays and your lack of communication toward fellow backers.”

Article source: http://www.bbc.co.uk/news/technology-39191064

Wikileaks is offering tech firms CIA files first

Wikileaks founder Julian Assange at the Ecuadorian embassy in central London, 5 February 2016Image copyright
Getty Images

Image caption

Julian Assange has sought asylum at the Ecuadorean embassy in London since 2012

Technology firms will get “exclusive access” to details of the CIA’s cyber-warfare programme, Wikileaks has said.

The anti-secrecy website has published thousands of the US spy agency’s secret documents, including what it says are the CIA’s hacking tools.

Founder Julian Assange said that, after some thought, he had decided to give the tech community further leaks first.

“Once the material is effectively disarmed, we will publish additional details,” Mr Assange said.

US federal agencies have launched a criminal investigation into the release of the documents.

In response to the revelations, CIA spokeswoman Heather Fritz Horniak told the BBC: “As we’ve said previously, Julian Assange is not exactly a bastion of truth and integrity.

“Despite the efforts of Assange and his ilk, CIA continues to aggressively collect foreign intelligence overseas to protect America from terrorists, hostile nation states and other adversaries.”

In the first tranche of leaks, Wikileaks alleged that the CIA had developed what Mr Assange called “a giant arsenal” of malware to attack “all the systems that average people use”.

Tech firms, including Google and Apple, have said that they are developing counter-measures to combat any malware that the CIA may have developed.

Mr Assange said that his organisation had “a lot more information on the cyber-weapons programme”.

He added that while Wikileaks maintained a neutral position on most of its leaks, in this case it did take a strong stance.

“We want to secure communications technology because, without it, journalists aren’t able to hold the state to account,” he said.

Mr Assange also claimed that the intelligence service had known for weeks that Wikileaks had access to the material and done nothing about it.

He also spoke more about the Umbrage programme, revealed in the first leaked documents.

He said that a whole section of the CIA is working on Umbrage, a system that attempts to trick people into thinking that they had been hacked by other groups or countries by collecting malware from other nation states, such as Russia.

“The technology is designed to be unaccountable,” he said.

He claimed that an anti-virus expert, who was not named, had come forward to say that he believed sophisticated malware that he had previously attributed to Iran, Russia and China, now looked like something that the CIA had developed.

“The type of attack system corresponds to a description we published of that attack system unless of course China has already got hold of these parts of the CIA arsenal and is using it to pretend to be the CIA,” said Mr Assange.

He said that the intelligence agency could potentially be causing the tech industry “billions of dollars of damage”.

Article source: http://www.bbc.co.uk/news/technology-39221421

Tomorrow’s cities: Stockholm turns green

Media captionWATCH: Cities Skylines shaping Stockholm

Smart is a word that has long prefaced a whole range of technology, from watches to fridges to homes.

It might sound cool to marketers, but consumers are increasingly questioning just how clever these devices really are.

Now, cities are jumping on the bandwagon and giving themselves the same title whenever they implement technology solutions.

For some, that involves flashy and expensive command-and-control centres from which they view traffic flow and data collected from sensors around the city.

Sweden’s capital, Stockholm, has taken a different, quieter approach, but, along the way, has garnered over seven million euros (£5.9m) of EU money and become a leading example of how to do “smart”.

Image copyright

Image caption

Stockholm has been designated a lighthouse city for smartness – showing others the best way to be green

It has been designated as an EU “lighthouse” city – alongside Barcelona and Cologne – meaning the projects it implements, if successful, can then be copied in other European towns.

Stockholm’s interpretation of smart is about becoming greener – it hopes to be fossil-fuel free by 2040 and sees eco-policies as the smartest thing not only for the city but for the planet.

Stockholm is already pretty eco-friendly.

Bio-fuel, generated from sewage, is available at petrol stations around the city, and regularly used by taxis and cars.

And now, the city wants to extend its use to larger vans and lorries, which are particularly polluting, and explore ways to make the fuel more efficient.

“One hundred people going to the toilet powers one car, but if we add organic household waste, that goes down to 60 people,” said Gustaf Landahl, who heads up the Grow Smarter project.

The smart cities which never sleep

The future of a good night out

Are our cites killing us with bad air?

What it feels like to fly a jetpack

Read all of the BBC’s Tomorrow’s Cities season here

Stockholm is also working with energy company Fortum to take advantage of a city-wide heating system, to use waste electricity generated from data centres, supermarkets and stadiums to provide heat for residents around the city.

The fact the city has a network of underground pipes means that waste heat – in the form of hot water – can easily be added to the grid.

Currently the system serves about 9,000 residents and is being expanded to provide heat from a 30,000-seater stadium to a nearby development of houses, shops and restaurants.

Another deal has just been reached, with data centre GleSys, which will see it adding “borrowed” heat to 1,000 flats.

There is a trend for technology companies, under pressure to make their data centres greener, to relocate to colder countries.

In 2013, Facebook opened a data centre in the remote northern Swedish town of Lulea.

But not everyone is convinced this was really that green.

“You can’t put your data centre in the woods, because people do not need electricity in the woods,” said Fortum’s head of open district heating, Erik Rylander.

“That Facebook data centre could have heated 90,000 homes if it had been located in another area.”

Now, Stockholm is actively campaigning to persuade technology businesses to relocate their data centres to the capital.

The city also has the world’s largest open-fibre network, which provides cheap city-wide fast broadband to most residents, who pay about 20 to 25 euros per month for a 1GB service.

Now, that network is also helping support sensors around the city, seen by many as the best way of measuring what is going on in the urban environment.

This will begin on a small scale in a neglected area of the city, which will be transformed by 2025 into a trendy revitalised zone, with homes, shops and restaurants.

The area will boast smart bus-stops offering information, wi-fi access and sensors that measure traffic flow and air quality.

It would, said Mika Hakosalo the site manager for Stockholm’s environment administration, help the city understand how its citizens moved around.

Image copyright

Image caption

Stockholm is creating eco-districts, made up of retro-fitted and new buildings

“Our target in GrowSmarter is to reduce the transport emissions by 60%, so we will use the data to understand underlying factors affecting the transport emissions in a given area to be able to find and test solutions to reduce them.”

The city is creating several eco-districts made up of new-builds as well as retro-fitted older buildings.

All are being made as environmentally friendly and heat-efficient as possible – with the use of innovative insulation schemes and solar-panels on roofs.

Mr Landahl said it was important citizens were at the centre of any changes.

“We have to improve the quality of life, we can’t just work with technology for technology’s sake,” he said.

“We are building energy-efficient buildings, but we need to make people who live there energy-efficient too,”

Changing user behaviour is starting in small steps.

On one newly built privately owned estate, residents are provided with tablets that show their real-time energy usage in an attempt to make them better understand how they use and waste gas, water and electricity.

As well as seeing their light, heat and water consumption in real-time, residents can also track their usage over a period of time, see the best times to run appliances and compare their usage with that of their neighbours.

Meanwhile, on a public housing estate – built in the 1960s and in desperate need of renovation – residents will get not only more energy-efficient homes but also a new smart rubbish collection system.

Image copyright

Image caption

Envac already has its underground system in Stockholm, but currently users have to sort rubbish by type

Each household will have different coloured bags to collect different types of rubbish.

All bags will be thrown into communal chutes on the estate, from where it will enter an underground vacuum system that will take the rubbish to an optical sorting centre.

Sensors in the chutes will identify different coloured bags, and it will be possible, if residents agree to it, to measure exactly what people are throwing away, with awards for those who are greenest.

Director of marketing at Envac Jonas Tornblom talked about the wider benefits to the city of having an underground bin system.

“It reduces the movement of waste lorries in residential areas and city centres, resulting in fewer accidents and less noise and pollution,” he said.

“It also makes for better working conditions for waste collection workers, saves space for developers and means less littering.”

Image copyright

Image caption

Stockholm encourages greener modes of transport

Stockholm cannot become greener without help from eco-businesses, such as car-sharing schemes, but, here, the journey has not always been smooth.

In November, car-sharing service Car2Go announced it was withdrawing its services from the city.

A notice on its website said: “Despite our efforts and the loyal business partners, we did not reach the necessary number of members or car usage.”

So perhaps there is still a long road to persuading citizens an eco-city is something that makes sense for them as well as for those who run it.

Article source: http://www.bbc.co.uk/news/technology-38404884

Wikileaks: CIA has tools to snoop via TVs

CIA logoImage copyright
Getty Images

Image caption

The CIA has not said if the claims are true

Wikileaks has published details of what it says are wide-ranging hacking tools used by the CIA.

The alleged cyber-weapons are said to include malware that targets Windows, Android, iOS, OSX and Linux computers as well as internet routers.

Some of the software is reported to have been developed in-house, but the UK’s MI5 agency is said to have helped build a spyware attack for Samsung TVs.

A spokesman for the CIA would not confirm the details.

“We do not comment on the authenticity or content of purported intelligence documents,” he said.

Image copyright

Image caption

Whisteblower Edward Snowden has tweeted that the leak appears to be authentic

A spokesman for the UK Home Office was unable to comment.

Wikileaks said that its source had shared the details with it to prompt a debate into whether the CIA’s hacking capabilities had exceeded its mandated powers.

Embarrassment factor – Analysis by BBC’s security correspondent Gordon Corera

These latest leaks – which appear to give details of highly sensitive technical methods – will be a huge problem for the CIA.

There is the embarrassment factor – that an agency whose job is to steal other people’s secrets has not been able to keep their own.

Then there will be the fear of a loss of intelligence coverage against their targets who may change their behaviour because they now know what the spies can do.

And then there will be the questions over whether the CIA’s technical capabilities were too expansive and too secret.

Because many of the initial documents point to capabilities targeting consumer devices, the hardest questions may revolve around what is known as the “equities” problem.

This is when you find a vulnerability in a piece of technology how do you balance the benefit to the public of telling the manufacturer so they can close it and improve everyone’s security with the benefit to the spy agency of leaving it in place so they can exploit it to collect intelligence.

The NSA has already faced questions about whether it has this balance right when many of its secrets were revealed by Edward Snowden, and now it may be the CIA’s turn.

Read more from Gordon

Hacked TVs

The effort to compromise Samsung’s F8000 range of smart TVs was codenamed Weeping Angel, according to documents dated June 2014.

They describe the creation of a “fake-off” mode, designed to fool users into believing that their screens had been switched off.

Instead, the documents indicate, infected sets were made to covertly record audio, which would later be transferred over the internet to CIA computer servers once the TVs were fully switched back on, allowing their wi-fi links to re-establish.

Under a “future work” section, it is suggested that video snapshots might also be taken and the wi-fi limitation be overcome.

Image copyright

Image caption

The CIA is alleged to have found a way to listen to conversations that took place close to Samsung TVs

Samsung has not commented on the allegations.

Apple attacks

Wikileaks also claims that as of last year, the CIA has built up an arsenal of 24 Android “zero days” – the term given to previously unknown security flaws in code.

Some of these are said to have been discovered by the CIA, but others were allegedly obtained from the UK’s GCHQ agency as well as the NSA and unnamed third-parties.

Devices made by Samsung, HTC and Sony, among others, were said to have been compromised as a result, allowing the CIA to read messages on Whatsapp, Signal, Telegram and Weibo among other chat services.

Media captionFormer CIA boss: latest leak on Wikileaks has ‘made my country less safe’

It is also claimed that a specialised CIA unit was set up to target iPhones and iPads, allowing the agency to see a target’s location, activate their device’s camera and microphone, and read text communications.

The unit is also reported to have made use of further iOS “zero days” obtained from GCHQ, the NSA and FBI.

“It is longstanding policy that we do not comment on intelligence matters,” GCHQ told the BBC.

“Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate.”

Other claims say the CIA:

  • was trying to find ways to infect vehicles’ computer control systems. Wikileaks claims these might have been used for undetectable assassinations
  • had found ways to infect “air-gapped” computers – machines that are not linked up to the internet or other insecure networks. Methods are said to have included hiding data in images or hidden parts of computer storage
  • had developed attacks against popular anti-virus products
  • had built up a library of hacking techniques “stolen” from malware developed in Russia and elsewhere

Wikileaks describes its release as the first in a series of planned leaks about the CIA’s cyber-activities, which it refers to as Vault 7.

It added that the material had already circulated among hackers who used to work for the US government as well as contractors in an unauthorised manner.

Analysis: Mark Ward, Technology reporter

Image copyright

Image caption

Wikileaks’s founder Julian Assange said there was a cyber-weapon proliferation risk

There is a huge amount of information in the CIA data dump but a lot of it, such as its apparent success in compromising smart TVs, is not that surprising. Lone researchers have managed similar hacks, so smart government agents were always going to be able to go further.

Plus, we kind of know that a lot of the modern internet-of-things gear is broken as all kinds of holes have been found in all kinds of gadgets – including cars.

What’s more interesting is the work said to have been done on iPhone and Android handsets. That’s because Apple works hard to make sure iOS is secure and Google has made a real effort lately to secure its operating system. For a spy agency, access to those gadgets is key because they travel everywhere with a target.

What is likely to hit the CIA the hardest is losing control of all the zero day exploits and malware detailed in the papers.

It is more than likely that the agency paid millions to build up an arsenal of tools that are guaranteed to work – largely because they are based on flaws, bugs and vulnerabilities that have never been seen before. Operating systems of all stripes are really big haystacks and the information in some of the leaks looks like a good map to all the needles hiding within.

With the zero days now largely burned the CIA may have to re-trench for a while but it will doubtless have other unused attack tools stored and ready to deploy.

What’s potentially more worrying is that as information about the bugs gets out then the bad guys will pile in and use them.

We saw that with the zero days released in the much smaller Hacking Team data breach, and there is much more useful data to be found in this trove.

Article source: http://www.bbc.co.uk/news/technology-39193008

Jaguar ad ‘encouraged unsafe driving’ rules watchdog

Jaguar XEImage copyright
Jaguar Landrover

Image caption

The Jaguar XE’s infotainment system can show data from a Bluetooth-connected phone

An advertorial article published in the Guardian about a new Jaguar car has been rebuked by the UK’s Advertising Standards Authority (ASA).

The regulator said the story was “irresponsible” because it was likely to encourage unsafe driving practices.

The text had described drivers using in-built smart technology to check their calendars and use other apps while on the road.

A spokesman for Jaguar Land Rover said it was “disappointed”.

“For all of the connected car technologies we offer our customers, we will always offer what is safe to do whilst driving,” he added.

“The hands-free technology in the Jaguar XE has been developed and tested to allow users to put their phone safely and legally away, and give priority to focus on the driving experience.”

Image copyright
Jaguar Land Rover

Image caption

The advertorial article was published on 24 September 2016

The ASA acknowledged that using a hands-free mobile phone was not illegal and that the article had stated that the technologies in question could be used “without compromising safety”.

But it noted that the UK’s Highway Code states that the use of hands-free kit can be a distraction, and that motorists should stop to make or take calls.

“The advertorial featured the headline claim that ‘drive time is no longer downtime’,” it said in its judgement.

“We considered readers would interpret this to mean that drivers could now perform various other tasks while driving.”

The ASA also called attention to an “early adopter” of the car interviewed in the piece.

Image copyright
Jaguar Land Rover

Image caption

Jaguar Land Rover said it was disappointed the ASA did not think its safety message was prominent enough

Prof David Bailey was quoted as saying he could use apps through the car’s infotainment system.

“If I need to do an interview while I am going somewhere I can do it on the move and don’t have to stop,” he added.

The Aston Business School lecturer was surprised when the BBC told him of the ruling.

“I was not told that I was being interviewed for an advertorial, and the comments were part of a much longer interview about driverless cars and the future,” he said.

“They were certainly not intended to encourage any behaviour that might compromise safety”.

A spokeswoman for the Guardian did not respond to questions about the use of Prof Bailey’s comments, but issued a brief statement.

“We received a complaint about the advertorial in question and consequently withdrew the ad and have not republished it,” the statement said.

“We accept the ASA’s ruling.”

The authority has also told Jaguar Land Rover that its future advertising must not encourage drivers to perform tasks that might distract their attention from the road.

Article source: http://www.bbc.co.uk/news/technology-39198898

Child porn case dropped to prevent FBI disclosure

People use Tor to browse the internet and communicate in privateImage copyright

Image caption

People use Tor to browse the internet and communicate in private

US prosecutors have dropped a case against a man accused of using a child porn site because the government refused to divulge how it revealed his identity.

The Playpen site was located on the Tor network which is used to anonymise web-browsing activity.

The FBI found a way around this to reveal the users’ real IP addresses and led to 200 prosecutions.

But it refused to reveal to the court how it managed the feat.

The site was located on the Tor network which many people use to browse the web anonymously. It conceals their location and identity by routing their connections through a chain of different computers and encrypting data in the process.

To get round this the FBI used what it called “network investigative techniques” and revealed people’s identities.

But it refused a request for information on its technological investigation techniques.

Federal prosecutor Annette Hayes wrote in a court filing on Friday that “because the government remains unwilling to disclose certain discovery related to the FBI’s deployment of a ‘network investigative technique’” it was “deprived of the evidence needed to establish defendant Jay Michaud’s guilt beyond reasonable doubt”.

The government’s Motion to Dismiss order is pending before the court and the judge is expected to sign a dismissal order “within the next day or two”, the assistant public defender Colin Fieman told the BBC.

Mr Michaud’s case is one of many emerging from the investigation into Playpen users.

In December, the Assistant Attorney General Leslie Caldwell said the investigation of Playpen led to more than 200 active prosecutions and the identification or rescue of at least 49 American children who were subject to sexual abuse.

In January, Michael Fluckiger was sentenced to 20 years in jail for running the Playpen site.

Once the site’s administrators had been arrested, the FBI kept the site going for 13 days to gather information about members.

Article source: http://www.bbc.co.uk/news/technology-39180204