Judicial panel orders consolidation of 61 iPhone throttling lawsuits, case to be heard in California court

How Complete Beginners are using an ‘Untapped’ Google Network to create Passive Income ON DEMAND

Article Image

The Judicial Panel on Multidistrict Litigation on Wednesday ordered the consolidation of 42 lawsuits that take issue with Apple’s decision to throttle the CPUs of iPhones with degraded batteries, a tactic the company claims extends the operational lifespan of its products.
AppleInsider – Frontpage News

Cash For Apps: Make money with android app

10 steps to IoT GDPR compliance | Expert panel

How Complete Beginners are using an ‘Untapped’ Google Network to create Passive Income ON DEMAND

GDPR poses complex challenges to IoT programmes and networks. Kate O’Flaherty presents Internet of Business’ 10-point plan to protect your organisation – and, most importantly, your customers.

Companies could face fines of up to four percent of turnover for data breaches once the EU’s General Data Protection Regulation (GDPR) comes into force on 25 May 2018 – which the UK has also cast into law. In an age of information, and after the fallout from the Facebook/Cambridge Analytica ‘breach’ and other scandals, regulators are taking data protection very seriously.

GDPR compliance is particularly challenging when it comes to the Internet of Things (IoT), because it can be difficult to gain the consent needed to process personal data within IoT networks. In addition, GDPR advocates ‘privacy by design’, something that IoT devices aren’t known for, despite the recent moves by industry and governments to change this.

But compliance is by no means impossible. In fact, IoT organisations that go the extra mile in protecting data will benefit from increased customer trust, which can be a business differentiator.

So, what are the 10 things that organisations must consider for their IoT programmes ahead of the compliance deadline?

1. Be aware of the data you collect and process

Experts advise IoT-using organisations to assess whether the information they collect is personal data. But be advised: if you don’t collect personal information, that doesn’t mean you’re exempt from the regulations.

As Adrian Davis, EMEA director of cybersecurity advocacy at security training specialist (ISC)2 points out: “Just because you collect sensor data from IoT devices, don’t think that you are exempt from GDPR. Know where your data is, how it is protected, and what to do if there’s a problem.”

As part of this, some companies will need to reconsider how they’re storing data, says Alastair Johnson, founder and CEO of secure payment vendor, Nuggets. He thinks features such as client-side encryption and blockchain technology could be useful to protect businesses.

“In the event of a data breach, this type of tech stack mitigates any risk that a company may face under GDPR: There simply isn’t any user data stored in a business’ database for a malicious party to steal.”

• Internet of Business advises organisations to read up on the pros and cons of blockchain-based systems, which may not be appropriate for many applications.

Read more: IoT 101: How blockchain transforms manufacturing, supply chains
Read more: Fintech firm launches blockchain platform for legal contracts

2. Understand consent

Under GDPR, consent has to be given when personal data is processed. However, Helen Goldthorpe, associate at law firm Shulmans LLP, points out that there are several aspects of processing data, of which consent “is just one”. Others include requirements of contract, and legitimate interest – for example, if the data is being used for employee safety purposes.

3. Know that consent and GDPR apply to the whole supply chain

Many IoT firms don’t realise that customers can withdraw consent and have the ‘right to be forgotten’ (to have all data about them permanently erased), says Guy Bunker, SVP products at security company Clearswift. And when consent is withdrawn, your suppliers must also remove this information.

“The IoT community needs to think beyond getting consent. They need to consider what they will go through if consent is removed and customers ask for the right to be forgotten. In some cases, you will need to do a reasonable amount of work.”

4. Record everything you do to meet the requirements of GDPR

The regulations require companies to record all of their data processing. The payoff, says (ISC)2’s Davis, is: “If you have a problem and are investigated, you can show you did all this stuff and it still went wrong.”

Indeed, as Jon Collins, an analyst at technology research group Gigaom, explains, GDPR isn’t designed to catch companies out. Rather, its intention is to prevent the abuse of data. He says:

Understand what you do, say what you are doing about it, and do what you say. That’s a really good, simple check. If you are the kind of organisation that’s genuinely looking to do the right thing, the regulation isn’t there to catch you out.”

5. Be aware of the need for privacy by design, and default

Privacy by design is one of the stipulations of GDPR. Within the IoT, this applies to devices and software, in addition to backend systems.

Steve Giguere, security strategist at Synopsys Software Integrity Group, explains: “GDPR compliance can’t be achieved by securing IoT devices alone, since they are usually part of a much larger ecosystem.

“Governance and policies for security and privacy must be established and applied to the IoT devices that collect personal information, as well as to the networks and backend systems that transmit and process data.”

Shulmans LLP’s Goldthorpe adds that products “need to be developed from the ground up”. For example, she says: “You should have the ability to delete data to comply with subject access rights.

“Also, understand at an early stage how devices collect data, so you can explain if asked. With older devices, decide whether they need to collect that data at all.”

6. Basic security hygiene will help you comply

Basic security hygiene, such as making sure all systems are patched, is essential, says Clearswift’s Bunker. “As the IoT world is vulnerable, keeping those systems up to date is important, but the basics are often overlooked. Even if you have the best system in the world, if someone can still make a mistake on the inside, that’s a compliance breach.”

This applies to manufacturing systems too, says Gigaom’s Collins. “If you aren’t thinking about securing these now, you’d better start really quickly.

“Many IoT companies are only looking at very low-level data security, such as encryption. They aren’t thinking about more complex attacks, such as denial of service (DoS) and data being manipulated, and about the processes around this.”

7. See GDPR as a business differentiator

As we have seen with the Cambridge Analytica and Facebook scandal, trust is integral to the future of data protection. According to Bunker: “GDPR is not about fines, it’s about increasing trust within organisations. It’s one of those things where if you do it right, you increase trust and therefore have a competitive advantage.”

8. Remember that GDPR compliance is ongoing

Even if you think your organisation is ready for the regulation, it’s important to remember that GDPR compliance is not an endpoint; it’s ongoing. “In some ways this is more valuable,” says Bunker.

It’s not just a tick in the box, it’s about being better forever.”

9. Consider employing a data protection officer

A data protection officer (DPO) will be a mandatory requirement for public authorities, and for any organisation whose core activities include the regular and systematic monitoring of data subjects on a wide scale.

This means that any large-scale IoT-using organisation may need to employ a DPO as part of GDPR compliance – certainly it will need a senior responsible owner.

When making the appointment, Goldthorpe advises that organisations should take steps to avoid any conflicts of interest: “Ideally, if you are a big organisation, it makes sense to place a DPO within the compliance function.”

10. Prepare your response

It also wise to ensure that tested, rehearsed, and updated management plans are in place to respond to any breach, says Davis. “GDPR tells you to report within 72 hours – you should be doing this anyway.”

Preparing your response also applies to other aspects of GDPR, such as subject access requests. As part of this, Bunker asks: “If someone makes a subject access request, how quickly can you, as an organisation, get that data and respond?”

Internet of Business says

A good question to ask. And as Kate O’Flaherty and our expert panel say, remember: GDPR isn’t an endpoint, it’s an ongoing process.

We would add one further essential point to consider: Remember that many consumers may see GDPR as an opportunity to assert themselves – especially since revelations about Facebook’s logging of call data, alongside the Cambridge Analytica scandal.

In light of news stories like these, it seems inevitable that some customers may demand to see proof that data is being collected in their own interests (a further stipulation of GDPR) and for a useful purpose. Others may insist that their data is permanently removed from systems. From 25 May, you will have no choice but to comply.

After all, GDPR has been introduced to protect consumers’ and citizens’ interests, to reset the balance within the information economy – which regulators believe has tipped to far towards organisations’ commercial interests – and to prevent the wholesale grabbing of private data.

Internet of Business is committed to providing solutions to data privacy and security problems, as well as reporting the latest news. Here are just some of our recent reports on these and related areas:

Read more: IIoT security: How to secure the ‘Internet of Threats’, by IBM

Read more: IoT Security: How to fight attacks on health, energy, and transport

Read more: Gartner: IoT security spend hitting $ 1.5 billion – but strategy poor

Read more: Cambridge Analytica vs Facebook: Why AI laws are inadequate

Read more: Prevent malicious use of AI, say Oxford, Cambridge, Yale

Read more: How to secure 5G to prevent IoT disasters: expert panel

Read more: GDPR: Consumers demand more data privacy from the IoT

Read more: Vendors, users ignoring IoT security in rush to market – report

Read more: UK government proposes IoT security and device labelling scheme

Read more: Blockchain: Lose the block and chain to be useful, Capacilon MD | Q&A
Read more: Bitcoin blockchain contains porn, say researchers. Not news, say coders

The post 10 steps to IoT GDPR compliance | Expert panel appeared first on Internet of Business.

Internet of Business

Cash For Apps: Make money with android app

Sharp seeking iPad business, reportedly prioritizing OLED & IGZO panel production line change

How Complete Beginners are using an ‘Untapped’ Google Network to create Passive Income ON DEMAND

Article Image

Sharp will be making changes to its display panel production lines, according to a report, moving to increase the manufacture of IGZO and OLED-based panels, possibly in an attempt to acquire more display orders from Apple for the iPad and other connected devices.
AppleInsider – Frontpage News

Cash For Apps: Make money with android app

Sharp Expanding IGZO Panel Production to Win iPad Display Orders from Apple

How Complete Beginners are using an ‘Untapped’ Google Network to create Passive Income ON DEMAND

Sharp is looking to expand its IGZO and OLED panel production capacity in a bid to win display panel orders from Apple. The company is working on reducing its production of LTPS and SI display panels to free up resources for IGZO and OLED display panels. Continue reading
iPhone Hacks | #1 iPhone, iPad, iOS Blog
Cash For Apps: Make money with android app

How to secure 5G to prevent IoT disasters: expert panel

How Complete Beginners are using an ‘Untapped’ Google Network to create Passive Income ON DEMAND

Kate O’Flaherty speaks to a panel of experts who warn that we are in the uncharted territory of network slicing and mass service takedowns. 5G’s low latency and high bandwidth enable multiple IoT use cases, but a new approach is needed to secure it, she warns.

5G will enable IoT applications such as autonomous vehicles, healthcare solutions, and robotics. But the technology also poses a much larger security risk than the 2G, 3G, and 4G networks that came before it. Why is this?

Significantly, 5G represents an overhaul in the way that networks are run and managed. In contrast to the hardware-based networks of the past, the technology takes advantage of virtualisation and cloud systems, leaving it more vulnerable to breaches if not properly secured.

In addition, 5G’s low latency and high bandwidth capabilities could be used to increase the potential scale of a distributed denial of service (DDoS) attack, where IoT devices are targeted by hackers and used to form a botnet.

With more and more hackers accessing network resources to mine cryptocurrency, for example, it stands to reason that this will be just one form of attack.

According to Michael O’Malley, vice president of carrier strategy at Radware, 5G-connected devices that become infected would have the ability to perform much bigger and more complex attacks than we have witnessed before.

He cites the example of the 2016 Dyn IoT botnet cyber-attack, which “took down the East Coast of the US”, by preventing users from accessing websites. “Now take that threat and add a 5G network, which is faster and with lower latency: you could take down more than just the East Coast,” he says.

A significant change

Adrian Scrase, ETSI

Taking these risks into account, 5G will demand a significant change in the way security is managed, says Adrian Scrase, CTO at standards organisation ETSI. “It’s a move towards a service-based architecture. In other words: opening up the network through application programming interfaces (APIs) and allowing people to provide services,” he explains.

Adding to this, it is a complex challenge to secure 5G IoT high-data-rate devices with larger battery and computational resources – such as machines in factories –  while ensuring that their functionality is unchanged. This is in direct contrast to many other IoT 5G use cases, which require a long battery life of up to 10 years, and are expected to work at very low data rates.

At the same time, says Scrase, 5G is no longer a ‘singular network’: it will include new elements such as network slicing, which will see mobile operators offering different levels of performance and varying contractual agreements.

This gives the operator the ability to “pretty much copy and paste a network instance”, explains Paul Bradley, Gemalto’s 5G strategy and partnerships director.

“There will be different configurations of the network: one might be concentrated on high speeds and low latency for autonomous driving; and another might have a normal level of security for a sensor network. Those slices will be configured by use case and isolated from each other.”

Adding to the complexity, network slicing is “completely new” to 5G and standards are not yet formalised, says Patrick Donegan, founder and principal analyst at HardenStance.

He describes the risk: “You need an individual instance of software in 5G: it can only go onto the slice –  and not other slices. If my instances of virtualised software can appear on your slice, then someone can put malware onto your slice and corrupt it.”

Finding the solution

There’s no doubt that securing 5G is complex, but standards bodies are already examining these issues. Scrase points out that the 3rd Generation Partnership project’s (3GPP’s) TS33.501 specification around 5G security is due for approval in the coming weeks.

Read more: Nokia, Qualcomm and Ericsson complete work on new 5G NR standard

Technology itself can also help. In order to mitigate 5G-based IoT attacks, 451 analyst Ian Hughes says that artificial intelligence (AI) and machine learning will be useful when applied to anomaly detection at a fast rate across a complex environment.

Gerald Reddig, head of security at Nokia, says automation is integral, citing the vendor’s adaptive architecture that automates security.

“Our customer base is protecting its own customers’ networks and needs to adapt its security architecture for threats, including DDoS attacks and ransomware,” he says. “The value is in automaton in an orchestrated way to relieve the pressure on existing security teams.”

At the same time, network slices should be secured depending on the use case.

In addition, Bradley says data needs to be segregated in the device if it is being linked to multiple network slices. Meanwhile, he says: “The user needs to be authenticated to the device, and the network itself is important.

Virtualised network functions should be secured, with confidentiality and integrity protected. You need to look at where the weak links in the chain are.

Holistic approaches

It’s a complex environment, but in the end, strategy is key. As part of this, experts recommend taking a holistic approach to security, taking into account the entire ecosystem –  including device manufacturers, mobile operators, and service providers.

And, while it’s important to consider the implications now, there is time to act before 5G really starts to impact on the IoT.

Indeed, different waves of 5G are expected over time from standards body 3GPP. The first release in December 2017 was around the technology’s consumer use cases, such as high-speed access.

Paul Bradley, Gemalto

The network side – including the core network and edge computing –  is coming in the middle of this year. Meanwhile: “In 18 months, the next phase will arrive with standards around ultra reliability, low latency, and really high speed,” says Bradley. “They will start to look at IoT then.”

So, it is still some way off. But despite that, businesses should consider how they will be impacted by the technology now. Donegan advises: “You need to look at the security of the network, the content, and the device; where you put security controls depends on the use case.”

Read more: Vodafone, Ericsson and KCL claim first successful UK 5G test

For example, he points out that some sensors don’t have the power and footprint to run security software. “So, you need to secure the network locally, accepting that the device has no security. And communications need to be interfaced by a secure gateway that takes account of this.”

In addition, the 451’s Hughes says that firms should enlist the help of penetration testers to find holes in their 5G IoT deployments. “You can trust your providers, but each enterprise will have a unique security risk that no one has thought of – such as an interface between two systems – so every company needs to have these people onboard.”

And in the end, says Donegan, securing 5G-based IoT consists of adapting well-worn principles. But he warns: “It is cheaper to get security sorted right at the outset: retrofitting after the event will cost more than getting it done at the start.”

Read more: 4G & 5G will be two thirds of 2025 mobile connections

Read more: Nokia, Qualcomm and Ericsson complete work on new 5G NR standard

Internet of Business says

5G networks might seem to be a future consideration, but tests and experimental rollouts have been gathering pace in recent weeks. Given the new forms of risk, organisations should consider the security aspects now. With AI and machine learning, for example, these technologies are going to become even more intelligent as virtualised telecoms networks develop.

However, the experts’ warnings should ring some alarm bells. A number of recent reports have suggested that IoT security is already lax, with non-expert device manufacturers rushing gadgets to market with basic security flaws built in. Meanwhile, organisations are giving little strategic thought to the unique challenges of IoT security. Factor in 5G and there is every chance things could get messy.

Read more: IoT ramps up cyber security risk, says in-depth report

White-hat hackers are valuable in a changing security landscape, and firms such as Google and IBM have long known this. Google is among those offering cash ‘bug bounties’ to those who are able to find holes in their systems.

Standards and specifications will certainly help on the way to securing 5G-based IoT use cases, but in the end it will come down to strategy. Robust cybersecurity must include the network, the device, and the data, taking into account the unique issues that 5G networks bring.

• We welcome Kate O’Flaherty to our regular team of contributors.

Kate O’Flaherty is a freelance journalist with over a decade’s experience reporting on business and IT. She has held editor and news reporter positions on titles including The Inquirer, Marketing Week and Mobile Magazine, and has written articles for titles including the Guardian, the Times, the Economist, SC UK Magazine, Mobile Europe and Wired UK. She is also a contributing analyst at Current Analysis covering wholesale telecoms. 

Read more: #MWC18: Huawei unveils the world’s first 5G chip

Read more: UK government explains next steps towards 5G future

Read more: 5G connections to reach 1.4 billion by 2025, says Juniper Research


IoTBuild is coming to San Francisco, CA on March 27 & 28, 2018 – Sign up to learn all you need to know about building an IoT ecosystem.IoT Build

The post How to secure 5G to prevent IoT disasters: expert panel appeared first on Internet of Business.

Internet of Business

Cash For Apps: Make money with android app

Alleged iPhone X Plus Display Panel and Digitiser Leaks

Alleged photos of the 6.5-inch iPhone X Plus front glass and digitizer have been posted online. The source of the leaked images claims the parts were manufactured at an LG facility in Vietnam as a part of trial production equipment run. Continue reading
iPhone Hacks | #1 iPhone, iPad, iOS Blog

With Apple Reducing iPhone X Production, Samsung Forced to Look for OLED Panel Buyers

A reduction in iPhone X orders from Apple has left Samsung scrambling to find new OLED buyers as the Korean company is now potentially looking at an excess stock of the panels. Samsung had to ramp up its OLED display panel production before the launch of the iPhone X to meet its high demand. The company was the sole supplier of OLED panels to Apple for the iPhone X last year. Continue reading
iPhone Hacks | #1 iPhone, iPad, iOS Blog

vivo X30 display panel leaks with a tiny notch on top

Apple introduced the iPhone X with a notch and despite the controversial reception that got, some smartphone makers seemingly plan on following suit. After the Cupertino flagship, the Essential PH-1 and the Sharp Aquos S2, vivo is also planning to introduce the new front panel design with the upcoming X30, as shown by a leaked image. The photos suggest that the new phone will have a tiny notch on top, thin bezel on the bottom and practically non-existent ones on the left and right sides. vivo X30 alleged display There is no information about an upcoming launch or eventual…

GSMArena.com – Latest articles

NASA Safety Panel Raises Concerns Over SpaceX and Boeing Spacecraft

 Safety Concerns

The goal of NASA’s commercial crew transportation program is to allow astronauts to be routinely transported into orbit by private spacecraft; slated to be developed and operated by Boeing and SpaceX.  Initially, these missions were to begin last year, but the program’s trips to the ISS have now been pushed to between 2019 and 2024. The shift in timeline comes in light of recent concerns expressed by NASA’s outside safety panel regarding the spacecraft. Depending on the outcome of the panel’s investigation, the new date to be set for the missions could extend even later than 2024.

The safety panel raised questions on Thursday about the dangers of the program as it stands now. The group’s annual report made mention of several major issues, including those with unconventional rocket fuel systems as well as micrometeoroids and orbital debris (MMOD) that have the potential to bombard and harm the capsules.

There are mandates that inspections must be conducted in-orbit, which allows the team to watch for and mitigate collision damage and reduce the associated risks. However,  the safety panel agreed that at this point in time, “the likelihood remains that the providers will not meet all” of their requirements.

NASA managers will not only have to take these issues into account, but the uncertainty around additional issues as well. From there, they’ll have to determine if the statistical risk is low enough to allow the project to move ahead. As the panel wrote in their report, we are “at a critical juncture in human spaceflight development,” and it is essential that NASA “maintain a sense of urgency while not giving in to schedule pressure.”

Delayed Launch

While Boeing has not yet commented on the report, a spokesperson from SpaceX told the Wall Street Journal that the company is “revising a fuel-system component and methodically demonstrating the safety of its overall fueling process.” In reference to the revised timeline, the company stated that together, the Falcon 9 rockets and Dragon capsules are “one of the safest and most advanced human spaceflight systems ever built–and we are set to meet the additional milestones needed to launch our demonstration missions this year.”

But could the goal of creating increased, cost-effective transport to low-Earth orbit be too ambitious? While there was an overall positive tone to the safety panel’s review, they urged NASA to reconsider the original launch date with these safety concerns in mind. Though the agency had hoped for the earlier launch date, if the risk is deemed to be high, the safety of the crew would necessitate continued efforts to update and revise the spacecraft’s designs and plans for the missions.

NASA’s current statistical probability regarding fatal accidents is one per every 270 flights. While everyone at the agency works tirelessly to avoid any fatalities that could occur accidentally, even minor risks associated with spaceflight have the potential to be deadly. Luckily, the safety panel outlined specific guidelines that detailed where the companies could focus their energy to most improve.

For example, according to their report, SpaceX still needs to address potential hazards posed by the helium tanks used to maintain the pressure of supercooled liquid oxygen in the Falcon 9. This is especially critical, as issues with such containers caused dangerous explosions in two of their rockets within a two-year period.

Both companies appear to be dedicated to remedying the underlying issues that the safety panel brought up, but it remains to be seen whether or not the apparent need for additional testing and modification will push the launch of the program even further. Whether or not there is a delay, it was made clear by the safety panel that the issues will need to be addressed as soon as possible to ensure crew safety. It might seem like step back, but rectifying these issues now and taking steps to improve safety could lay the groundwork for a future with safe, frequent, and accessible space travel.

The post NASA Safety Panel Raises Concerns Over SpaceX and Boeing Spacecraft appeared first on Futurism.

Futurism

Samsung faces increased competition from LG Display, Sharp for future iPhone OLED panel orders

Article Image

Samsung may soon face increased competition from its display production rivals, with a report claiming LG Display and other manufacturers are stepping up their OLED panel efforts to try and secure future orders from Apple to supply screen components for future iPhones.
AppleInsider – Frontpage News