A library of snippets
xxx
Now the general public may finally be getting access to devices they can use. The AI world is abuzz over agents, which augment large language models (LLMs) with the ability to carry out tasks by themselves. The past 12 months have seen huge leaps in AI multimodal LLMs’ abilities to handle video, images, and audio in addition to text, which opens up new applications for smart glasses that would not have been possible previously
From: What’s next for smart glasses | MIT Technology Review.
xxx
xxx
DeepSeek r1 is not smarter than earlier models, just trained more cheaply
It doesn’t solve hallucinations or problems with reliability.From: Five things most people don’t seem to understand about DeepSeek.
xxx
One of Apple’s excellent security features is Advanced Data Protection (ADP) for iCloud, which offers the company’s highest level of cloud data security. Apple has just announced that this is no longer available to new users in the United Kingdom.
Why does everyone else get security but we Brits don’t? Well, it appears that the British government have ordered Apple (and others) to provide a “back door” into data so that law enforcement and security services — after obtaining a warrant that is approved by a judge — to tap iPhone back-ups and other cloud data that is otherwise inaccessible, even to Apple itself. This is an extraterritorial power, meaning UK law enforcement would have been able to access the encrypted iCloud data of Apple customers anywhere in the world, including in the US. No wonder it is causing some controversy, to say the least.
The claim is that criminals are hiding illegal material by encrypting it (which is cetainly true) and that allowing a back door into that data will make us all safer. Is that certainly true?
The answer is no, and I can try to explain why by starting with cod. The fish. My American readers have probably never heard of the “Cod Wars” between Britain and Iceland. If you haven’t, I highly recommend Mark Kurlansky’s excellent 1999 book “Cod: Biography of the fish that changed the world“. Within its pages is a lovely story of the neverending struggle between security and new technology that provides a useful backdrop to current events: in particular, the Chinese hacking of the American telecommunications infrastructure.
To begin at the beginning. The Anglo-Danish Convention of 1901 gave the British permission to fish up to three miles from the coast of Iceland, a state of affairs that the volcanic colony was most unhappy about. By the late 1920s, the Icelandic Coast Guard had started to arrest British (and German) trawlers found within what it saw as its territorial waters. However, the British trawlers got smart and got harder to catch because from 1928, they were equipped with radio and started passing messages between themselves using secret codes to alert each other when Coast Guard vessels were in and out of harbour.
In an early example of governments attempting to legislate new communications technology, the plucky Icelanders made it illegal send coded wireless messages. This had no impact whatsoever, of course: British seafood pirates simply devised new code systems for the trawlers to use. Think about it: how on Earth would an Icelandic wireless operator know whether “Tottenham Hotspur are the pride of North London” was a coded message or gibberish?
The moral of the story is that is, as they used to say over at the EFF, when cryptography is outlawed, only outlaws use cryptography. The Icelandic ships couldn’t use coded wireless transmissions, but the bad guys (in this instance, us) ignored the law and were able to operate successfully beyond it. What defeated us in the long run was intelligence and economics (the plucky Icelanders developed net cutters, so they could follow the trawlers and send their very expensive fishing nets to the bottom of the Atlantic), not the ban on coded wireless transmissions.
Making our messages open to access by the government, however well-meaning the protagonists, makes our messages open to terrorists as well. This is not hypothetical concern. In a briefing with reporters about the breach of US phone companies by the Chinese state-sponsored espionage hackers known as “Salt Typhoon” , officials were explicit that Americans should use encryption. Jeff Greene, CISA’s executive assistant director for cybersecurity, was explicit about this. He said that “Encryption is your friend, whether it’s on text messaging or if you have the capacity to use encrypted voice communication”.
(The agencies did not name any specific encryption apps, but both Signal and WhatsApp, for instance, end-to-end encrypt calls and texts.)
The data breach exposed calls and texts (including, apparently, from within last year’s presidential campaigns). So how did these hackers get hold of this vast collection of internet traffic from internet service providers that count businesses large and small, and millions of Americans in what one senator called “the worst telecom hack in our nation’s history”? Well, according to the Wall Street Journal, the hackers gained access to “network infrastructure used to cooperate with lawful U.S. requests for communications data”.
In other words, the government made them put in a back door and the hackers walked through it. When the secret key code or backdoor code or whatever is eventally leaked to the bad guys, the good guys are left defencesless.
This is not only about Apple and it is not only about the UK. Sweden, for example, has recently joined the list of governments considering passing legislation to make it mandatory for the likes of Signal, WhatsApp, and iMessage to create an encryption backdoor into their software. The President of Signal, Meredith Whittaker, has repeatedly said that they will withdraw their service from countries rather than comply with such demands. WhatsApp said the same thing about its operations in India: it would be forced to leave the country if the government mandates the breaking of end-to-end encryption.
We all want to be protected from terrorists, money launderers, child pornographers, corrupt politicians and other criminals. While it sounds reasonable to give the government access to data in order to track down such people, the unfortunate truth is that forcing back doors into system does more harm than good. On this, I have to say I agree with Silkie Carlo and her team at Big Brother Watch in the UK: “No matter how this is framed, there is simply no such thing as a ‘back door’ that can be limited only to criminals or that can be kept safe from hackers or foreign adversaries. Once encryption is broken for anyone, it’s broken for everyone”. The bad guys will simply use other techniques to encrypt their communications while the communications of normal people will end up in the hands of the bad guys.
Barclays, the fifth biggest bank in Europe with some 20 million customers in the UK had their system go down for a couple of days last week, resulting in predictable chaos as salaries did not reach employees accounts, supermarket transactions were declined and cash machines were out of action. Even after the bank reported that the “technical issue” impacting transactions had been resolved, it said that it would still take some time to update balances.
As one of their customers who had s
(I should explain that because of the way that the British tax system works, the 31st January — when Barclays systems went down — is the dealine for paying tax bills due from the previous financial year. Many people end up leaving it to last moment to pay their tax bill and so of course were unable to do so, which means that they will be subject to penalties. Fortunately, I have traditionally used the holiday season to indulge in the trafitional festive pastime of completing my tax assessment and paying the bill!)
As the (brilliant) British economist John Kay wrote a few years ago, “Many aspects of the modern financial system are designed to give an impression of overwhelming urgency… But very little that happens in the finance sector has genuine need for this constant appearance of excitement and activity. Only its most boring part – the payments system – is an essential utility on whose continuous functioning the modern economy depends”. Well, indeed. If the stock market is down for a couple of days, there is still milk on the shelves at the local stores. But when payments go down, there is no way of getting that milk into my house.
The obvious and most cost-effective way to increse the resilience of the payment system, which is critical national infrastructure, is to build digital infrastructure alongside the existing infrasturcture. In other words, the financial sector should provide society with two sets of payments rails that do not overlap in order to get the flexibility and resilience vital to the economy. There will be transactions that run over the banking network rails and there will transactions that run over the alternative (ie, internet) rails. Banks (and customers) will use both of them and in general it is not clear to me that consumers (or businesses) will know or care which they are using.
In the retail use case, you walk about of of the store, a request-to-pay pops up on your phone, you OK it and go about your day. Whether the value is transferred via a banking network push (instant payments), a banking network pull (cards) or internet push (stablecoins or other digital assets from your digital wallet) is of no interest to you, it is something that the banks and the merchants will negotiate and agree between themselves. This way, the regulators can insist that if the bank network goes down, or a bank system fails and cannot access that network, then the bank has to provide credit within certain limits to allow customers to obtain digital assets. The pricing of this credit risk will factor into the cost of a more resilient payment system and then the bank can make a rational decision about whether to spend money on making their systems more reliable or on accepting the risks when their systems are down.
Similarly, in the business use case, a financial controller will authorise the payment of an invoice and their bank will either send the value through the instant payment network
Barclays, the fifth biggest bank in Europe with some 20 million customers in the UK had their system go down for a couple of days last week, resulting in predictable chaos as salaries did not reach employees accounts, supermarket transactions were declined and cash machines were out of action. Even after the bank reported that the “technical issue” impacting transactions had been resolved, it said that it would still take some time to update balances.
As one of their customers who had s
(I should explain that because of the way that the British tax system works, the 31st January — when Barclays systems went down — is the dealine for paying tax bills due from the previous financial year. Many people end up leaving it to last moment to pay their tax bill and so of course were unable to do so, which means that they will be subject to penalties. Fortunately, I have traditionally used the holiday season to indulge in the trafitional festive pastime of completing my tax assessment and paying the bill!)
As the (brilliant) British economist John Kay wrote a few years ago, “Many aspects of the modern financial system are designed to give an impression of overwhelming urgency… But very little that happens in the finance sector has genuine need for this constant appearance of excitement and activity. Only its most boring part – the payments system – is an essential utility on whose continuous functioning the modern economy depends”. Well, indeed. If the stock market is down for a couple of days, there is still milk on the shelves at the local stores. But when payments go down, there is no way of getting that milk into my house.
The obvious and most cost-effective way to increse the resilience of the payment system, which is critical national infrastructure, is to build digital infrastructure alongside the existing infrasturcture. In other words, the financial sector should provide society with two sets of payments rails that do not overlap in order to get the flexibility and resilience vital to the economy. There will be transactions that run over the banking network rails and there will transactions that run over the alternative (ie, internet) rails. Banks (and customers) will use both of them and in general it is not clear to me that consumers (or businesses) will know or care which they are using. You walk about of of the store, a request-to-pay pops up on your phone, you OK it and go about your day. Whether the value is transferred via a banking network push (instant payments), a banking network pull (cards) or internet push (stablecoins or other digital assets from your digital wallet) is of no interest to you, it is something that the banks and the merchants will negotiate and agree between themselves. This way, the regulators can insist that if the bank network goes down, or a bank system fails and cannot access that network, then the bank has to provide credit within certain limits to allow customers to obtain digital assets. The pricing of this credit risk will factor into the cost of a more resilient payment system and then the bank can make a rational decision about whether to spend money on making their systems more reliable or on accepting the risks when their systems are down.
xxx
Blair says the public mood has changed since he tried to introduce physical ID cards in 2006 — a plan that was later shelved by the coalition government following a backlash from civil liberties campaigners.
From: Tony Blair: Bring in digital IDs to get tough on populism.
xxx
xxx
An expert has been accused of signing off fire safety certificates for flats in high-rise blocks using the credentials and signature of another engineer without permission, the BBC has been told.
Adam Kiziak has been under investigation for potential malpractice by the Institution of Fire Engineers (IFE) – which suspended him in August 2024.
However, Mr Kiziak’s company is understood to have continued to sign off safety certificates since then.
Lenders, including NatWest and Nationwide, are now withdrawing mortgage offers to people hoping to buy flats with fire safety certificates issued by Mr Kiziak’s company, Tri Fire.From: Suspended engineer accused of forging fire safety certificates for high-rise flats – BBC News.
xxx
xxx
The coalition is now pushing the Trump administration to develop a digital identity strategy that involves the government playing a “more direct role in addressing deficiencies in digital identity infrastructure that are leading to massive fraud and cybercrime in both the public and private sectors,” according to the letter.
From: Industry coalition presses DOGE to act on digital identity.
xxx
xxx
In a post last week on social media site LinkedIn, David Birch, a fintech commentator and Virgin Money customer, shared a picture of his online conversation with the bank in which he asked: “I have two ISAs with Virgin Money, how do I merge them?”
The bank’s customer service tool responded: “Please don’t use words like that. I won’t be able to continue our chat if you use this language,” suggesting that it deemed the word “virgin” inappropriate.
From: Virgin Money chatbot scolds customer who typed ‘virgin’.
xxx
xxx
This is different from publicly traded securities, so it’s the obvious risk that anyone now could just buy Trump’s or Melania’s meme coin as a way to indirectly fund the administration or Trump himself or whoever’s behind these coins in a very opaque way,” Carter said.
From: Trump’s meme coins spark debate over crypto and ethics.
xxx
Snippings