web analytics

Ransomeware screenA ransomware gang attacked Travelex the foreign exchange company on New Year’s Eve.

Ransomware is a kind of online attack where criminals take control of data, usually company data, and demand payment to return it.

There are two main types of ransomware: crypto and locker.
The first encrypts data and files so that users can no longer read anything.

In theory you will get a key to unencrypt the files after you pay a ransom to the crooks. Locker ransomware is similar, but it typical locks down the computer so it can’t be used until the ransom is paid.

Travelex lock-down

After the Travelex attack, the company closed down the websites it operates in 30 countries. It said the move was designed to “contain the virus and protect data”.

That doesn’t quite sound right. After all, it emerged the criminals had been inside the company’s systems for the past six months. By the time of the attack there would little left to contain or protect.

The criminals say they have downloaded many gigabytes of sensitive customer data. This includes dates of birth, credit card information and (British) national insurance numbers.

News reports say the criminal gang asked Travelex to pay US$6 million at first, with the demand ratcheting up over time if it wasn’t paid quickly. It’s not clear if the company paid up.

New Zealand link

There is a New Zealand link. After the attack the company’s branches, which include airport currency exchanges, were still providing services but were using manual processes.

Travelex is also the issuer of Air New Zealand’s OneSmart card. The card makes it easier to deal with money when overseas. It can be loaded with money in as many as eight different foreign currencies before a trip. Users can lock-in exchange rates to avoid fluctuations while they are overseas.

Air New Zealand says the card is not affected by the attack.
The company told the NZ Herald: “OneSmart does not use the Travelex foreign exchange services affected by the attack so Onesmart cardholders are not impacted”.

Ransomware going out of fashion

The Travelex attack happened at a time when ransomware incidents are falling fast. Last year the number of attacks dropped 20 percent as online criminals turned to more lucrative alternatives.

In part the fall in ransomware attacks is because companies are doing a better job at protecting themselves.

The best approach to protection is to have data back-ups so everything ransomed can be recovered quickly. While this sounds simple, it’s something many companies struggle with and criminals know that. Among other matters companies tend to make back-ups without checking the data is recoverable.

Another problem is that a sophisticated ransomware attack can also take control of the back-ups rendering them as unusable as the main data store.

A ransomware attack amounts to a much bigger problem for the victim than the ransom demand. In many countries companies can face fines for not properly and promptly reporting an attack to the authorities.

At the same time, allowing data to be ransomed is often actionable under data protection legislation. At the least a company would need to prove it had taken due care with customer data, that’s hard to do after a ransom attack.

There’s another unpleasant twist to a ransomware attack. While the criminals often release keys after the ransom is paid, that doesn’t always happen. And in at least one reported case, the data was ransomed again by the same gang at a later date. Allowing that to happen is an open and shut case of negligence.

Responding to ransomware

If you are attacked by a ransomware gang, you may need professional help to recover data. Before you get to that stage you need to consider how to respond.

The NZ Police recommend you don’t pay the ransom. That’s understandable and makes sense if there’s a good chance of recovering the data.

Some security experts say that paying the ransom is the smartest course of action. It is often cheaper and, if you don’t have back-ups, quicker than other ways of recovering the data.

I spoke about this story with Lynn Freeman on RNZ Nine-to-Noon.

IDC thinks the PC market ended 2019 on an ‘impressive’ note. Gartner’s press release talks of the “First sign of growth for worldwide PC shipments after seven consecutive years of decline“.

The numbers don’t lie. Both research companies noted a small uptick in PC sales. Yet it isn’t time to break out the champagne.

First, the uptick isn’t that great. IDC clocks fourth quarter growth at 4.8 percent year-on-year. Gartner puts the number at 2.3 percent.

These are by no means strong numbers. Gartner’s growth figure for the calendar year is only 0.6 percent. They are best thought of as ‘less awful’.

We have, after all, seen seven straight years of falling PC sales. In 2011 Gartner recorded total sales of 352 million units. The number for 2019 was 262 million. That’s a 25 percent drop in eight year. Last year’s growth is small in comparison.

IDC’s numbers of the same period fell from 371 to 266 million. That’s a fall of 28 percent.

 

There’s another reason the reported increase in sales is less reason to celebrate.

Many of the extra sales in late 2019 come because Microsoft’s support for Windows 7 is about to end. Many users need to upgrade their hardware to move to Windows 10. Sure, it isn’t always essential, but upgrading to new hardware simplifies the change.

There was also a shortage of Intel processor chips late last year. Deliveries have only recently recovered.

In other words, special factors account for all the increase in PC sales. And let’s face it, low single digit growth is unimpressive at the best of times.

Almost all the increase in sales is for business models. Interest in consumer PCs continues to decline.

Another trend the sales reports have picked up is the increased dominance of the top PC brands. Lenovo, HP and Dell all added market share at the expense of other brands. Between them they account for around two-thirds of all units sold.

Meanwhile Apple’s unit sales headed in the opposite direction. After years of picking up market share at the expense of the Windows PC brands, Mac sales fell a little. Apple’s share of the total market has fallen from 7.9 percent to 7.5 percent.

Lithium-sulfur batteries store considerably more energy than their lithium-ion cousins — in theory as much as six times the energy for a given weight. What’s more, they can be made from cheap materials that are readily available around the world.

Source: Batteries made with sulfur could be cheaper, greener and hold more energy – ABC News (Australian Broadcasting Corporation)

Better batteries can’t arrive soon enough. We need them to be cheaper to make, store more energy and less of a drain on dwindling resources.

They can improve mobile device performance and usefulness. They can power electric vehicles for longer. It would be great to drive from Auckland to Wellington on a single charge without worrying.

Better batteries can improve power grids and boost home storage, making solar power more viable.

Mahdokht Shaibani and her team at Monash University may have made the breakthrough we’ve been waiting for. The story says there may be a commercial product in two to four years. It may be too soon to get excited, but it is a development worth watching.

Battery life has already improved hugely in recent years. This week Dell demonstrated an updated Latitude 9750 2-in-1 computer that uses AI-based technology to eke-out battery life.

Computer brands talk about edging close to 24-hour battery life. That may be true if you don’t push laptops to the limit. In real world condition you’re more likely to see 14 hours or so.

The new Apple iPhone 11 runs for four hours longer than the previous year’s iPhone XS. That’s a 20 percent increase year-on-year. This has a knock-on effect elsewhere in the phone business.

Worrying about finding outlets is less of an issue than it was. And yet it would be great if a phone could go the best part of a week between battery top-ups. That goes for everything else.

“Anyone saying that Android apps on ChromeOS are a good experience is delusional.”

Google PixelbookIn Chrome OS has stalled out, Dave Ruddock says Google’s Chrome OS has failed to live up to its potential. Ruddock is a Chrome user who says he does 95 percent of his work using the operating system.

When Chrome OS first appeared it looked like the future. Or at least one version of a potential future.

It’s a great idea on paper.

Take a minimal specification computer. One that costs almost nothing to make and almost everyone can afford. Give it just enough hardware to connect to the net and handle a web browser.

Cloud power

Then let efficient remote cloud systems do all the heavy lifting. After all, that’s what most people now do most of the time anyway. Few MacBooks or Surface Books are not web-connected.

ChromeOS users mainly connect to free services. That’s a problem because in the online world free can be a high price to pay.

Large companies don’t give services away out of the goodness of their hearts. They want to advertise their client’s products or manipulate you into voting a certain way. And we all know that works. It’s an aspect of surveillance capitalism.

This gets worse.

ChromeOS uses Android apps to plug functionality or entertainment gaps. The experience is bad.

Android apps can be cheap and nasty at the best of times. They collect far too much user data. Many Android apps live at the seamy end of surveillance capitalism.

Ask yourself why you need to give someone your home address to write a document or your first pet’s name1 in order to put an interesting filter on your uploaded pictures.

Dismal

If that wasn’t bad enough, the Android app on ChromeOS experience is dismal. I can’t bear to use it.

Many apps were clearly written for phones and make little or no allowance for larger screens and keyboards. They are buggy as anything and many are a security nightmare2.

There’s something else bad about Chrome. We live in a world where technology iterates towards a kind of nirvana. Each successive line of Windows or MacOS computers is a step up on what went before. Each new generation of mobile phone has a better camera, faster processor, is packed with more oomph.

This applies even when there are two-steps forward, one step back messes like the butterfly keyboards in recent Apple laptops.

As Ruddock points out, the problem with Chrome, the OS and Chromebooks, the computers do not appear to be moving in any direction.

Going nowhere

Chromebooks are not as clunky as they were, some are nice to use. But it isn’t going anywhere. The Chrome experience has barely changed over the years. There’s little prospect of it changing in the near future.

It’s stagnant.

Sure this might not matter to school students who need a fast, low-cost route to the web. It matters to almost everyone else.

Ruddock says there are aspects of Chrome life that amount to computing barbarism. He is being generous.

Sure, a MacBook or a Surface Book might cost getting on for ten times the price of a Chromebook. But the experience is on another plane. You can do so much more. It’s a struggle doing everyday work on a Chromebook, it’s a challenge being creative.


  1. Maybe not literally. But they often ask for information they have no right collecting ↩︎
  2. Although I doubt the average Chromebook users cares much for security or privacy ↩︎