Featured Article – Password Security and The Road Ahead

The fact that websites continue to be hacked and passwords are frequently stolen (and that a computer recently set a record by guessing 100 billion passwords per second) calls in to question how passwords can still be used safely and what lies ahead for them. This article looks at password security now and the progress being made towards a ‘passwordless’ future.

Basic Challenges

Human limitations and the challenges of modern life mean that we can only successfully remember shorter, more uniform, or more memorable strings of characters, and consequently these often end up being partly words, names, dates, or a combination. Also, many people stick to the same password that is then shared between many sites and platforms. Add to this Moore’s law (the idea that computer-processing power available at a certain price doubles roughly every two years) and the fact that cybercriminals are becoming more sophisticated in their methods and can buy cyber-attack tools and lists relatively cheaply on the Dark Web, and the risks of weak passwords become clear. All these factors mean that:

Passwords will need to be changed regularly and made more secure as widely available computer power grows, and the speed at which even well-encrypted passwords can be cracked and brute-forcing tools can find passwords increases.

Using the same password for multiple accounts and platforms is a high-risk strategy because if one of those accounts is compromised, cyber-criminals can steal and sell the login details on and/or use ‘credential stuffing’ tools to try stolen passwords on multiple websites.

Having longer, randomly generated passwords with many different characters in them are likely to be more secure than personally chosen ones that are simply easy to remember.

100 Billion Passwords Per Second Guessed By A Computer

In February 2019, a hashcat Tweet appeared to announce that the NTLM cracking speed record had been broken as a single computer was able to generate every conceivable password at a rate of 100,000,000,000 guesses per second (100GH/s).  Bear in mind that was over a year and a half ago! Add to this the fact that cloud-based technology can enable an eight-character password to be guessed in only 12 minutes (costing only $25 to do so) and it is clear what a threat technology poses to passwords as a means of security.

Buy Computer Aided Brute Force Attack Tools

It is not surprising, therefore, that password brute-forcing tools are now widely available online, and although they are used by penetration testers, they can also be purchased and used by hackers (black hats). For example, these off-the-shelf tools include Cain and Abel, Hashcat, John the Ripper, and Ophcrack.

Too Easy

In many cases, users may still be making it too easy for attackers to guess passwords or to crack them very quickly with the aid of existing password dictionaries and credential stuffing.  For example, back in February 2019, a study by the UK’s National Cyber Security Centre (NCSC) into breached passwords revealed that 123456 featured 23 million times, making it the most widely used password on breached accounts.  The study also showed that the second-most popular string was 123456789 and that the words “qwerty” and “password”, and the string 1111111 all featured in the top five most popular breached passwords.  Christian names and the names of favourite football teams were found to be widely used as passwords.

Default Passwords

Default passwords being left and not changed to something less easily attainable or easy to crack can also make it easy for hackers. This is a particular problem with IoT devices where users are often unaware of the problem.

In California, however, a tech law was recently passed that not only bans easy to crack and popular default passwords e.g. ‘admin’, ‘123456’ in all new consumer electronics from this year but also requires each device to come with a pre-programmed password that is unique to that device.  The new law also mandates any new device to contain a security feature that asks the user to generate a new means of authentication before access is granted to the device for the first time.

Even Big Companies

Perhaps surprisingly, big companies also appear to rely all too often upon weak passwords. For example, last October, Swiss Web security company, ImmuniWeb, reported that there were over 21 million (21,040,296) stolen user credentials belonging to Fortune 500 companies available on the Dark Web and that more than 16 million (16,055,871) of then had been compromised during the previous 12 months.  The vast majority (95 per cent) of these contained unencrypted, or already brute-forced and cracked plaintext passwords.

Collection #1

In January 2019, the sharing of a massive leak of a staggering 87GB of 772.9 million emails, 21.2 million passwords and 1.1 billion email address and password combinations onto hacking forums brought the weaknesses of password authentication into much sharper focus.  Known as Collection #1, the data was made up of many different data breaches from thousands of different sources and it has been calculated that all the stolen data could be put into 1,160,253,228 unique combinations, thereby making it useful to cyber attackers trying to crack login details using credential stuffing attacks.

The data in Collection #1 has, however, also been incorporated into the ‘Have I Been Pwned’ service where it is possible to check whether anyone’s login details have been stolen (see: https://haveibeenpwned.com/).

Making A Strong Password

Mathematically, predictability and the size of the ‘password space’ (the “space” of possibilities) figure indicates how good (strong) a password may be. The size of the ‘space’ number is a product of the possibilities.  For example, since a one-character password only contains one lowercase letter, there are only 26 possible passwords – from a to z.  Choosing a six lower case letter password means 26 possible choices for the first letter, 26 possible choices for the second and so on (308,915,776 possibilities). 

If, however, the size of the password is increased to 12 characters and includes lower and upper case and other symbols e.g. %, @, !, this increases the possible number of choices for each letter of the password to 72 and, therefore increases the possibility ‘space’ number to 19,408,409,961,765,342,806,016.  In short, the ‘space’ is 62 trillion times the size of the first space and should take a computer running through all the possibilities 62 trillion times longer to guess the password. This is why many websites and platforms now prompt, encourage and suggest passwords that are longer and contain a mix of characters.

Password Managers

Managing multiple passwords in a way that is secure, effective, and does not have to rely on memory is difficult, particularly for businesses where there are multiple sites to manage. One easy-to-use tool that can help is a password manager.  Typically, these are installed as browser plug-ins that are used to handle password capture and replay, and when logging into a secure site, they offer to save login credentials. On returning to that site, they can automatically fill in those credentials. Password managers can also generate new passwords when needed and automatically paste them into the right places, as well as being able to sync passwords across all devices. Examples of popular password managers include Dashline, LastPass, Sticky Password, and Password Boss, and those which are password vaults in other programs and CRMs include Zoho Vault and Keeper Password Manager & Digital Vault.

Chrome’s latest browser also has an improved password manager, which can help to stop people from using weak passwords.  The Chrome 69 password manager suggests passwords incorporating at least one lowercase character, one uppercase character and at least one number, and where websites require symbols in passwords it can add these. Users can also manually edit the Chrome-generated password, and when Google is generating the password, every time users click away from its suggestion, a new one is created. Chrome 69 can store the password on a laptop or phone so that users do not have to write it down or try and remember it (if they are using the same device).

Looking Ahead – Biometrics

Two-factor verification, as well as long passwords incorporating different character and case options, are what many people rely upon at the moment, but a passwordless future and biometrics are likely to offer greater security going forward. 

For example, in May last year, Microsoft’s Corporate Vice President and Chief Information Officer Bret Arsenault signalled the corporation’s move away from passwords on their own as a means of authentication towards (biometrics) and a “passwordless future”.  Recognising the weaknesses of passwords and being one of the most-attacked companies in the world means that at least 90% of Microsoft’s 135,000 workforce now log into the company’s corporate network without passwords using biometric technology such as facial recognition and fingerprint scanning via apps such as ‘Windows Hello’ and the ‘Authenticator’ app.

Also, in August last year, Google announced that users could verify their identity by using their fingerprint or screen lock instead of a password when visiting certain Google services e.g. Pixel devices and all Android 7+ devices.  This was because of Google’s collaboration with many other organisations in the FIDO Alliance and the W3C that led to the development of the FIDO2 standards, W3C WebAuthn and FIDO CTAP that allows fingerprint verification.

Unlike the native fingerprint APIs on Android, FIDO2 biometric capabilities are available on the Web which means that the same credentials be used by both native apps and web services. The result is that users only need to register their fingerprint with a service once and the fingerprint will then work for both the native application and the web service. Also, the FIDO2 design is extra-secure because it means that a user’s fingerprint is never sent to Google’s servers but is securely stored on the user’s device.  Only a cryptographic proof that a user’s finger was scanned is actually sent to Google’s servers.

Also, this month, NatWest announced that, in partnership with Visa, it had added an invisible layer of behavioural biometrics as part of an authentication process that enables compliance with the EU’s new Strong Customer Authentication (SCA) regulation.  In short, since biometrics can be accepted as one of the methods of authentication to comply with the new rules (alongside a password/PIN), NatWest (and Visa) have been working on how they can make things like keystroke dynamics, voice ID, mouse usage characteristics, signature analysis work as an extra means of identification and authentication.

It is clear, therefore, that although password authentication/verification systems can provide just about enough security, for now, biometrics appears to the way forward and the way to stay ahead of cybercriminals using ever-more sophisticated ways to crack or steal passwords.

Sanctions Hurt Huawei

Huawei Technologies Co Ltd.’s 9.9 per cent revenue increase in its figures for the first three quarters of 2020 shows a significant slowing in growth compared to the 24.4 per cent increase for the corresponding period of 2019.

Impact

Financial and tech commentators are pointing to US-led sanctions against the Chinese telecoms equipment and smartphone company as being the reason why its revenues at the end of September were £77 billion and a profit margin of 8 per cent, considerably down on the previous year.  While Huawei appeared to put this down to COVID-19’s negative effects on its global supply chain, production and operations, it is more likely that sanctions from the US and its allies are starting to have a real impact.

Sanctions

Sanctions and action against Huawei leading up to and perhaps contributing to the recent big fall in revenue growth include:

– In summer 2018, the ‘Five-Eyes’ espionage chiefs from Australia, Canada, New Zealand, the U.K., and the U.S. agreed at a meeting to contain the global growth of Chinese telecoms company Huawei.

– Bans on Huawei as a supplier for fifth-generation networks equipment in the US, Australia, New Zealand, and other countries.

– In December 2018, Meng Wanzhou, the chief financial officer of Huawei, was detained in Vancouver at the request of U.S. authorities, for allegedly violating US sanctions on Iran. In 2019, the US Department of Justice (DOJ) charged Huawei with bank fraud and stealing trade secrets. 

– In May 2019, US President Donald Trump’s administration banned Huawei from doing business with any organisation that operates in the United States. This ban has recently been extended until May 2021.

– Also in May 19, 2019, Google announced that it would cut-off Huawei from its suite of digital products, meaning that Gmail, YouTube, Google Drive, and the Google Play Store would not be available for Huawei to use on new products e.g. its Android phones.

– In May 2020, the US decided that foreign manufacturers using U.S. chipmaking equipment would need to get a license before selling semiconductors to Huawei, thereby hitting Huawei’s main chip supplier, Taiwan’s TSMC.

– In July 2020, the UK government banned carriers from using Huawei’s equipment on the 5G network, banned UK mobile providers from buying new Huawei 5G equipment after 31 December this year, and decided that all Huawei 5G must be removed from the UK’s mobile networks by 2027.

– In September 2020, Huawei scaled back its UK Enterprise Division.

Not All Bad

It hasn’t been all bad news for Huawei as the company overtook Samsung to become the leader in global smartphone shipments in the second quarter of 2020 due to strong sales in Huawei’s home Chinese market, and Asia and Africa have continued to produce orders for its products.

What Does This Mean For Your Business?

Even though Huawei has been hit with some serious sanctions and growth has clearly been affected, £77 billion in revenue (at the end of September) and an 8 per cent are not to be sniffed at.  Huawei has shown itself as perhaps being much stronger than expected in developing its own store of apps to replace Google and in overcoming its chip sourcing challenge with a new supplier (SMIC) although it remains to be seen how good the new chips are.

The ban on Huawei equipment in 5G networks, including the UK’s, may well cause problems for telecoms companies in the form of increased costs as they are forced to find other suppliers for parts and replacements.

The result of the forthcoming U.S. election will also, no doubt, be awaited with interest by Huawei and the telecoms and mobile industries around the world as a change in the administration may possibly have some impact on the prevailing feelings towards Huawei.

In the meantime, other smartphone and telecoms equipment companies have been competing to step into the space left by Huawei and benefiting from the change in the market e.g. Ericsson, Nokia, Apple and more.

Despite a still relatively positive set of financial results this time, the sanctions against Huawei are clearly having an impact, affecting its ability to compete, and look set to disrupt the company’s plans for some time to come.

PayPal To Support Cryptocurrencies

It has been reported that US-based payments giant PayPal is ready to allow its users to buy, sell, and hold Bitcoin BTC and other cryptocurrencies.

Millions of Merchants

The decision by PayPal will also mean that 26 million merchants who use the PayPal platform will, eventually, be able to accept cryptocurrencies as a funding source.

App

It is believed that PayPal will be adding its cryptocurrency services to its Venmo app and international markets during the first half of next year.

Leap In Value

The reports that PayPal is about to join fintech company Square and trading app Robinhood in supporting cryptocurrencies caused Bitcoin‘s price (BTC) to jump and briefly break $13,000, its highest point since July 2019.  Bitcoin’s value means that it now outperforms gold and silver as a commodity, but its current value of $12,978.30 is still much lower than its 2017 peak of nearly $20,000.

Settled In Fiat Currencies

Even though cryptocurrencies like Bitcoin, Ethereum, Bitcoin Cash, and Litecoin will be supported by PayPal, any of the cryptocurrency it processes will happen in fiat currencies i.e. normal government-issued currencies. 

Pleased

PayPal’s announcement has prompted positive reactions from known cryptocurrency advocates such as Matt Odell and billionaire investor Mike Novogratz (formerly of crypto-focused Galaxy Investment Partners).

Possible Acquisitions

There have also been reports that PayPal may be looking to buy cryptocurrency companies such as Bitcoin custodian BitGo Inc which offers digital wallets and offline vaults for storing Bitcoin and rival currencies.  BitGo is backed by many large investors including Goldman Sachs Group Inc, Digital Currency Group, and Craft Ventures.

PayPal has also reportedly said that it would partner with a competitor of Bitcoin, Paxos Trust Company.

Others Buying Bitcoin

Other signs that Bitcoin is getting a new life and that ‘the word is out’ included Square buying $50 million of Bitcoin earlier this month, saying that it could become a more ubiquitous currency soon.

Facebook

Last year there was news that Facebook was developing its own digital ‘coins’ cryptocurrency that could be sold to users of its WhatsApp messaging platform.

Also, last February, U.S. mega-bank J.P. Morgan launched its own blockchain-based digital coin, the ‘JPM Coin’, and IBM has also launched a blockchain-backed stable ‘coin’ for international money transfers.

What Does This Mean For Your Business?

The benefits and the need for digital currencies have been understood for some time but their adoption by mainstream financial players was delayed by many issues including concerns about extra regulation in the US, a lack of regulation of cryptocurrencies generally, concerns about price swings, as well concerns about investigations and hacks and not wanting to be associated with either.

Some critics of PayPal’s move have expressed surprise and wondered who this new service of PayPal’s is aimed at because Bitcoin is normally within the realm of those with knowledge of the stock market and dealing with larger sums who are used to the idea that cryptocurrencies can be volatile and can still present some risk. It may therefore be the case that, for the time being, the service may not find much of a market beyond existing cryptocurrency holders.

Also, although PayPal will be adding this cryptocurrency service, the fact that processes will happen in fiat currencies has been criticised for somewhat defeating the object.

The underlying Blockchain technology behind Bitcoin, however, has been widely adopted and used in many different industries and businesses and has proven to be a trusted technology that still has huge potential.

Which? Reveals Truth About EV Battery Life

A recent (Which?) survey of 1,016 electric vehicle (EV) owners has revealed that worries about battery degradation should not be an issue for potential EV buyers.

The Survey

The survey by consumer champion Which? was conducted from December 2019 to February 2020 and recorded the views of 47,013 people of which 1,016 were electric car owners.

Range and Charging Times
Two areas that potential EV buyers have questions about are the driving range on a single charge and charging times, i.e. how long it takes to re-charge the battery after a journey.  Which? reports that its independent lab tests have verified that even relatively affordable models can now travel more than 240 miles on a single charge.

Also, Which? reports that advances in charger and battery technology and recent developments by Tesla, Samsung and academic researchers mean that cheap batteries with ultra-low recharging times are close to being a reality for most EV’s.

Older Models Battery Decline

The Which? survey revealed that drivers of older models (2014) reported a steady decline in usable battery life, and the oldest models were reported to be capable of 92 per cent of battery range from new.

Newer Models

Owners of newer EV models (up to 3 years old) reported that their batteries still have around 98 per cent of their original range available.

Average

Which?’s research showed overall that EV owners with older models can expect the maximum range of their batteries to fall to around 173 miles over six years which equates to only an 8 per cent reduction in usable range in that time.  Also, owners of newer models can expect the usable range of their batteries to reduce by only 2 per cent.

After Six Years?

For those worried about battery life after 6 years, many EV manufacturers guarantee their batteries and motors for up to eight years or 100,000 miles, whichever is first.  Also, if cars last an average of 10 years, it may be the case that another mechanical fault may be more likely to take the car off the road than a battery failure.

What Does This Mean For Your Business?

The research by Which? appears to show that buyers of new EV cars have little to worry about as regards the life, performance, duration and range of the battery, thereby putting to bed one of the main challenges that car manufacturers face in selling the electric models that they have now committed themselves to making. This fact, increasing customer awareness and knowledge in the market, and a need for countries to meet environmental targets and are likely to be major contributing factors to electric vehicle models reaching 31 per cent of the overall car fleet by 2040, accounting for 58 per cent of new passenger car sales (as forecasted by BloombergNEF).  There is no doubt that innovations in battery development are an important sales-boosting factor for car companies and recent reports show that Chinese car battery-maker Contemporary Amperex Technology has developed a battery that can power an electric vehicle for an incredible 1.2 million miles over a 16-year lifespan. Reports indicate that deals may already be in place for the Chinese battery-maker to supply Tesla, BMW, Daimler, Honda, Toyota, Volkswagen, and Volvo for the next two years.

Tech Tip – Windows Switch

If you like to save time while you are working with Windows 10, here is a tip to help you quickly and easily open up windows from your taskbar using ‘Windows Switch’:

– Hold down the Windows key + 1 and this opens the first item that’s displayed in the taskbar.

– Hold down the Windows key + 2 to open the second item, and so-on.

This is a fast way to open folders, browsers, music players etc as you work.

Image Captioning AI More Accurate Than Humans

Microsoft has announced that in tests, its new, AI-based, automatic image captioning technology is better than humans at describing photos and images.

Part of Azure AI

The new automatic image captioning model is available via Microsoft’s Azure Cognitive Services Computer Vision offering, which is part of Azure AI. Azure Cognitive Services provides developers with AI services and cognitive APIs to enable them to build intelligent apps without the need for machine-learning expertise.

Test

The test of the new automatic image captioning software, led by Lijuan Wang, a principal research manager in Microsoft’s research lab in Redmond, involved pre-training a large AI model with a rich dataset of images paired with word tags, with each tag mapped to a specific object in an image. This ‘visual vocabulary’ approach is similar to helping children to read e.g. by using a picture book associating single words with images, such as a picture of an apple with the word “apple” beneath it. Using this visual vocabulary system, the machine learning model learned how to compose a sentence and then was able to leverage this ability and fine-tune it when given more novel objects in images.

The Result

The Cornell University research paper based on this test, and published online, concluded that the model could generate fluent image captions that describe novel objects and identify the locations of the objects. The report also concluded that the machine learning model “achieved new state-of-the-art results on nocaps and surpassed the human CIDEr score.”  This means that the model achieved and beat human parity on the novel object captioning at scale (nocaps) benchmark i.e. how well the model generated captions for objects in images that were not in the dataset used to train them.

Twice As Good As Existing System

Microsoft’s Lijuan Wang has also concluded that the new AI-powered automatic image captioning system is two times better than the image captioning model that has been used in Microsoft products and services since 2015.

Five Major Human Parities

Lijuan Wang highlights how this latest AI breakthrough in automatic captioning adds to Microsoft’s existing theme of creating “human parity achievement across cognitive AI systems”.  According to her, in the last five years, Microsoft has “achieved five major human parities: in speech recognition, in machine translation, in conversational question answering, in machine reading comprehension, and in 2020, in spite of COVID-19, we got the image captioning human parity.”

What Does This Mean For Your Business?

Microsoft sees this as a ‘breakthrough’ that is essentially an extra technology tool to be added to its Azure platform so that developers can use it to serve a broad set of customers.  As highlighted by Lijuan Wang, it also sends a message to other big tech companies that are expanding their use of AI/machine learning and features at the moment e.g. Google and Amazon, that Microsoft is also making major strides in the kinds of technologies than can have multiple business and other applications, as well as being able to make existing digital search and tools more effective. Microsoft’s own chromium-based search engine, Edge, will, no doubt, be a beneficiary of this technology. This development also shows that we are now entering a stage where AI/machine learning can create tools that are at least on a par with human ability for some tasks.

‘Hum to Search’ Songfinder

Google has introduced a new feature to its search that enables it to identify a song that a user hums or whistles.

What’s This Song?

Serving the same basic purpose a the Shazam app, for example, users can now ask the Google app, Google Search widget (by tapping the mic icon) or Google Assistant the question “Hey Google, what’s this song?” followed by 10-15 seconds of humming or whistling the melody.

The way that Google’s service adds value in relation to simply identifying a song (like Shazam) is that it only needs the input as a hum rather than actually being played the original tune.  Also, it adds value by delivering what it judges to be the strongest (percentage) song matches, and the user can then select the best match, explore more information about the song and artist, view music videos by the artist, find lyrics and or listen to the song on their favourite music app. Users are also given information about other recordings of the song. 

20 Languages on Android

Although the new feature only works in English on iOS, it is available in 20 languages on Android.  Google says that it hopes to expand this to even more languages in future.

Builds On Previous AI Research

Google says that the new feature builds on the work of their AI Research team’s music recognition technology that was launched on the Pixel 2 in 2017 that uses deep neural networks to bring low-power recognition of music to mobile devices. In 2018 this same technology was used in the Google app’s SoundSearch feature which was linked to a catalogue of millions of songs.

New

This latest version is able to identify melodies that are hummed or whistled because it uses machine learning models that have been trained to identify songs based on a variety of sources, including humans singing, whistling or humming, as well as studio recordings.  These models transform the audio into a number-based sequence representing the song’s melody.

Algorithms are used to take away any other details, such as accompanying instruments and characteristics of a voice thereby simply leaving a song’s number-based sequence – a kind of song fingerprint.  It is this sequence that the software is able to recognise when a person simply hums a tune.

What Does This Mean For Your Business?

For Google, this is another way that it is expanding its use of machine learning and AI to make features that are clever and engaging, thereby helping Google compete for how much time and attention we give its platform compared to competitors like the social media giants and in its traditional fight against the other search engines.  Google has been adding more of these engaging features in recent times, such as a new spelling algorithm for search queries,  using AI to enable in-video searches, introducing data sources to Google search as well as new ways to use its Lens and augmented reality (AR) features.  Outside of search, Google has also been competing for our attention and time by agreeing to pay publishers to create and curate news for its ‘Google News Showcase’, updating its Android OS and releasing an updated Nest Audio smart speaker.  Businesses of all kinds use google search, both to be found in and for research so the addition of many new features using new technologies will make a positive contribution to this.  The ‘humming a song’ feature is, of course, likely to benefit music artists and publishers but may also be a way for Google, in the wake of the running down of Google Play music, to further promote its YouTube service.

Featured Article – Desktop Screen Recording Software

Recording your screen can be useful for training, marketing and communications and there are many different free and paid-for services available for recording desktop activity. This article takes a brief look at several different examples.

Recording Your Screen

At a time where we all make and share videos using phones and via social media channels and apps e.g. WhatsApp and YouTube, plus where many people are now used to attending video conference meetings (e.g. Zoom, Teams, Meet), the power and value of screen sharing and recorded video instructions/meetings/training is clear.  Being able to record your screen has two main different benefits such as:

  1. The ability to save and capture any type of content e.g. apps, videos, software, online events, video calls and more.
  2. The ability to create and publish/share content.

Examples

Here is a brief look at some of the main (mostly free) screen-recording programs and platforms available at the current time. This article is not an endorsement or recommendation for any of them but merely a brief look at some of the options that could be found in any online searches.

Windows 10

It should not be forgotten that Windows 10 has its own built-in screen recorder in the Game bar.  Technically, it is not standalone, and it is not free (because Windows 10 is a paid-for SaaS) and to find it, type “Game bar” into search menu or hit the Windows key + G.  From there you can press the record button or hold down Windows key + Alt + R.

Skype

One of the more familiar free ways of recording screen activity is using the Skype video call platform. Skype calls can be recorded directly in the app and Skype screen sharing and call recording are completely cloud-based, thereby not affecting the user’s device’s performance or storage space.  Skype call recording is, however, only available for Skype to Skype calls but is an effective way of getting a reasonable quality recording of a training session or meeting. 

ShareX

This free, open source screenshot and screencast app for file sharing and productivity. This app offers a wide variety of capture methods, including screen recording. ShareX lets users capture or record any area of their screen and share it with a single press of a key.  In addition to screen recording / capture, it also enables the uploading of images, text, or other types of files to over 80 supported destinations. Details can be found here: https://getsharex.com/

Screencastify

This free file extension for the Chrome browser can capture a single tab, a whole screen, or webcam only and allows users to embed their webcam anywhere in a recording, narrate with a microphone and to record offline. Once a recording has been made it is autosaved to Google Drive, and can be uploaded directly to YouTube or exported as an MP4, animated GIF, or MP3. For more information see https://www.screencastify.com/

Loom

Loom describes itself as “video messaging for work” because it enables short videos to be made and shared very quickly e.g. to use instead of an email. This is a free app which claims to have the best screen recorder for Chrome, Mac, iOS, and Windows.  Loom also claims to have more than 7 million users across 90,000 companies.  For more information see https://www.loom.com/

Kap

Kap is a free, open source screen recorder, built using web technology. Kap, which began as “a tiny side project” and is just on its first stable release, enables screen recordings to be exported as GIF, MP4, WebM, or APNG with optional audio, highlight clicks and trimming. This app currently only supports  macOS 10.12 or later, and its collaborative, open-source creation may be one of the reasons why Kap claims that the program is loved by the community and is used by designers, developers and project managers.  For more information see https://getkap.co/

Movavi

Movavi, which also has movie and video programs (converter, suit and editor) offers a free and paid-for version of a screen recorder for PC and Mac where users can choose the capture area of the screen, edit it afterwards, and use a SuperSpeed tool to convert the video to popular formats. The program also works offline i.e. users do not need an internet connection to record their screen and save the video. The limitations of the free version are that there is no system sound recording, no screenshot editing, the output video has a watermark, and a description or tags can’t be added to a video before sharing it on YouTube. For more information see https://www.movavi.com/

Screenpresso

Screenpresso is a video and screen capture program that is available in a free version and in paid-for Pro and Enterprise versions.  The free version offers image capture, HD video capture with branding and a limited image editor.  The Pro version, for example, offers many other features including Android capture, Text capture from images (OCR), a full featured image editor, sharing features, and priority support (for 1 year).  For more information see https://www.screenpresso.com/

Camtasia

Camtasia, by TechSmith, is a paid-for software suite that offers an all-in-one screen recorder and video editor for businesses, educators, and entrepreneurs to create video tutorials and other instructional videos.  Camtasia claims to have over 14 million users.  As well as enabling video and audio recordings from the desktop, the suite also offers pre-built and custom video templates to simplify video creation, effects, music and audio, titles, annotations and callouts, as well as the ability to add quizzes and interactivity.  For more information see https://www.techsmith.com/video-editor.html

Screen Capture Videos Popular With Businesses

With ever-more efficient, fast and easy screen recording and sharing apps being made available, businesses now have another way in which to save time and increase engagement in communication as well as being able to enhance training and to quickly produce training materials and quickly make quality, shareable video content.

Tech Increasing Domestic Abuse

With domestic abuse on the rise, particularly since the pandemic lockdowns, we look at some of the chilling ways that smart devices and other technology are being used as a tool by abusers.

Rise In Reports

A BBC Panorama and Women’s Aid joint investigation obtained UK police figures showing that there was one domestic abuse call every 30 seconds in the first seven weeks of the UK’s lockdown. Also, the UK ‘Dead Women’ project, that records the killing of women by men, revealed that there had been at least 16 killings between 23 March and 12 April 2020 (including children). In June, domestic violence helpline calls reported a massive 80 per cent increase.  Although domestic abuse can also affect men, the vast majority of victims are women and it estimated that one in four women will experience some form of abuse at some point in their lives.

Power and Control

According to the National Domestic Violence Hotline, domestic abuse and violence is a learned behaviour e.g. from growing up or from friends, is used to gain and maintain power and control and is used by those who believe they have the authority to control and restrict an intimate partner/ex-partner’s life, thereby dismantling any equality in a relationship. It should be remembered that as well as the emotional and mental trauma suffered by victims, abuse can often involve physical injuries and death.

Technology in Abuse

Perhaps surprisingly to many people, the charity Refuge (which has a tech abuse service) has reported that 70 per cent of its service users have received tech-related abuse within their relationship.

What Is Tech-Related Abuse?

Tech-related abuse can include partners and ex-partners constantly calling texting and messaging or sending “friend requests” to family and friends, using social media and email to harass a partner/ex-partner or to harass their partner’s employer and clients, and sharing or threatening to share a person’s information/photos/intimate images online.  It can also even include partners/ex-partners hacking children’s iPads, Xboxes and PlayStations, stalking and harassing via fake social media profiles, installing apps such as ‘find my iPhone’ onto a device, using a Ring doorbell to track movements, using key-logging software, and even using a virtual assistant e.g. Amazon Echo to effectively bug a house by exploiting a feature that lets users remotely connect to enabled smart speakers.

Resources Relating To Tech Abuse

Refuge provides a number of pdf guides on its website (and via links to US partner NNEDV Safety Net’s website) to help survivors of abuse to understand how to use different devices, apps, websites and networks safely. For example, these include ‘iPhone privacy and security’, ‘Technology safety and quick tips’, ‘Staying safe on Facebook ‘and even ‘Internet of Things (IoT) Home Automation: Survivor Privacy Risks & Strategies’.

Reporting Abuse

Domestic abuse is a crime and should be reported to the police. There are also many other organisations that can offer help and advice.  For example, many of these are listed on a UK government web page here: https://www.gov.uk/report-domestic-abuse

What Does This Mean For Your Business?

Technology can be used for bad as well as good and perpetrators of domestic abuse now have many technology routes to stalk, isolate and control women (and men).  There is an argument, therefore that technology product makers have a responsibility think through the consequences of their creations and accept some of the burden of safety, rather than leaving it to end-users to try and educate themselves for protection.  For example, IBM has developed a set of design principles to guide device and software-makers so that there is not an assumption that every user would like their data/information shared with all family members (which could allow monitoring of their whereabouts).  Also, device and software makers could consider adding safeguards such as alerts when a person’s device is being remotely monitored (with a manual override) and even, perhaps intelligent monitoring of free text fields that some abusers are known to use to send abusive messages e.g. online bank transfers or gift notes added to internet shopping purchases. Just as social media companies have found themselves to be in the news and under pressure over the spread of hate speech and online bullying via their platforms, so more attention should be given to how the makers of devices and software could be doing more to protect all users and prevent their products from being easily used by abusers.

Tech Tip – Using New Privacy Controls on Amazon Echo

If you have an Amazon Echo smart speaker at home or in the office (which could be both if you are working at home) here’s how to protect your privacy using the newly introduced privacy controls.

Amazon’s smart speakers take voice recordings and until recently users could choose to delete them after 2 or 18 months.  Here’s how to set the latest privacy controls so that recordings are not taken at all.

– Open the Alex app on your phone.

– Tap on ‘More’ (bottom right).

– Tap on ‘Settings’ > ‘Alexa Privacy’.

– Tap on ‘Manage Your Alexa Data’.

– Toggle ‘Automatically delete recordings’ to ‘On’.

– Click on ‘Don’t save recordings’.

You will notice that you are still given the options to save recordings (for 3 or 18 months), and the default option of ‘save recordings until I delete them’.