Mercury's inner core is solid and about the same size as Earth's, NASA MESSENGER prove data reveals

By Dev Kundaliya | News | 18 April 2019
Artist's illustration of Mercury's solid inner core. Image: Antonio Genova

Researchers used earlier observations from NASA's MESSENGER mission to probe Mercury's inner core

Mercury's inner core is solid and about the same size as Earth's inner core, a new study using observations from NASA's MESSENGER mission has indicated.

Mercury is the smallest planet in our solar system and the closest to the Sun. It is rocky with a solid surface that is filled with craters. Mercury takes 59 Earth days to complete one rotation on its axis and 88 Earth days to complete one revolution around the Sun.

Some earlier studies have indicated that Mercury may have a solid inner core, but there was not much data to confirm that belief.

In the current study, a team of scientists led by Antonio Genova of Sapienza University of Rome, used earlier data from NASA's MESSENGER mission to investigate the interior of Mercury and to arrive at some conclusive results about the inner core of the planet. Specifically, the team used MESSENGER observations to probe Mercury's spin and gravity.

The results obtained indicate that, for the best match of the data, Mercury must have a large, solid inner core

MESSENGER (MErcury Surface, Space ENvironment, Geochemistry and Ranging) was a robotic spacecraft, which was launched in August 2004 with an aim to study the chemical composition, magnetic field and geology of Mercury.

After completing a journey of about seven years, the spacecraft entered orbit around Mercury in March 2011. It remained in orbit for the next four years before finally crashing onto the planet's surface in 2015.

Genova's team used radio data from MESSENGER to verify Mercury's gravitational anomalies and its orientation.

This data was fed into a computer programme that enabled the research team to adjust parameters in order to match the data with the spinning rate of the planet and acceleration of MESSENGER around the Mercury.

The results obtained indicate that, for the best match of the data, Mercury must have a large, solid inner core.

The results also indicated that Mercury's solid inner core is about half the size of its entire core

The programme estimated that Mercury's solid, iron core must be about 2,000 kilometres wide (about the same size as Earth's solid core which is about 2400 kilometres wide).

The results also indicated that Mercury's solid inner core is about half the size of its entire core.

"We had to pull together information from many fields: geodesy, geochemistry, orbital mechanics and gravity to find out what Mercury's internal structure must be," said Erwan Mazarico, co-author of the new study.

Scientists hope that these new findings will help them better understand how rocky planets change over time in the solar system.

The findings of the study are published in AGU's journal Geophysical Research Letters.

The IT Leaders' Summit is back - coming to London on 23 April.

This year, it will focus on 'Driving the Digital Roadmap for the Enterprise'. Speakers include Shivvy Jervis, The Trainline's Mark Holt, NatWest's Tom Castle McCann's Matt Groshong and a special keynote from a high-profile tech leader and visionary. For more details - and to reserve your place - check out the dedicated website. Places are FREE to qualifying CIOs, IT leaders and senior IT pros, but are going fast!

State-sponsored hackers in DNS hijacking campaign targeting government networks - Cisco Talos

By Dev Kundaliya | News | 18 April 2019
State-sponsored espionage campaign has compromised the websites of more than 40 organisations over the past two years. Image via Pixabay

Espionage campaign has compromised the websites of more than 40 organisations over the past two years

Researchers at Cisco's Talos security group have released a report detailing what it claims is a state-sponsored espionage campaign that has compromised the websites of more than 40 organisations over the past two years by hijacking DNS servers.

The primary targets of these espionage operations, called Sea Turtle by the researchers, include intelligence agencies, telecoms operators and internet giants, primarily based in the Middle East and North Africa.

"The on-going operation likely began as early as January 2017 and has continued through the first quarter of 2019," the researchers stated in a post.

"Our investigation revealed that at least 40 different organisations across 13 different countries were compromised during this campaign. We assess with high confidence that this activity is being carried out by an advanced, state-sponsored actor that seeks to obtain persistent access to sensitive networks and systems."

According to Talos, attackers are carrying out attacks by taking advantage of some weaknesses in the old domain name system (DNS) protocols. They also use a variety of other techniques, such as fake security certificates, to avoid detection.

The attackers first compromise a selected target through spearphishing to get a toehold on the network. Then, they target routers and servers using known exploits to exfiltrate network-specific passwords.

The stolen credentials are then used to modify the victim organisation's DNS records and to redirect visitors to a malicious server controlled by the attackers.

They imitate the login pages of their targets to steal credentials of many more employees and get deeper access into the network.

In the process, they can also obtain SSL certificates of target organisations, which can then be used across the corporate network.

According to Talos, the attackers used the technique to target Swedish DNS provider Netnod, and were able to compromise 13 root servers in the global DNS infrastructure. The successful attack on Netnod enabled attackers to steal the passwords of admins who manage Saudi Arabia's top-level domain (.sa).

According to Talos, it found several victims in Turkey, Egypt, Sweden, the United Arab Emirates and Jordan, among other countries, although security researchers refrained from providing names of the victim organisations.

ICANN, the non-profit organisation that has the responsibility to maintain the domain name system, has urged DNS server operators to take all necessary steps to secure their systems in view of the "on-going and significant" attack on DNS.

The US Department of Homeland Security also issued an alert in January, warning that attackers could re-route users to obtain certificates for the domain names of an organisation.

Delta is a new market intelligence service from Computing to help CIOs and other IT decision makers make smarter purchasing decisions - decisions informed by the knowledge and experience of other CIOs and IT decision makers. 

Delta is free from vendor sponsorship or influence of any kind, and is guided by a steering committee of well-known CIOs, such as Charles Ewen, Christina Scott, Steve Capper and Laura Meyer. 

Ten crucial technology areas are already covered at launch, with more data appearing and more areas being covered every week. Sign-up here for your free trial of the Computing Delta website.

Legal opinion: Why Bounty was smacked with a £400,000 fine

By James Castro-Edwards, Wedlake Bell LLP | Opinion | 18 April 2019
Users of Bounty's services were not given informed consent, the ICO ruled

Wedlake Bell's James Castro-Edwards explains why Bounty received such a big fine under the old Data Protection Act - which would almost certainly have been much larger under GDPR

When the Information Commissioner fined pregnancy club Bounty (UK) Limited £400,000 for breaches of the Data Protection Act 1998 (DPA), the size of the fine raised a few eyebrows. 

Bounty's non-compliance resulted in more than 14 million club members' personal data being shared with third parties for direct marketing purposes unfairly, the Information Commissioner's Office (ICO) ruled, and in a way that was likely to cause members damage or distress.

While describing itself as a pregnancy and parenting support club, Bounty was in practice acting as a data broker

Members' personal data was shared repeatedly, in some cases up to 17 times in a 12-month period. Club members were not aware that their personal data was being processed, in what the Information Commissioner described as "invisible processing", and for which Bounty had not established a valid lawful basis.

While describing itself as a pregnancy and parenting support club, Bounty was in practice acting as a data broker.

Bounty was fined under the DPA since the breaches took place prior to the General Data Protection Regulation (GDPR) taking effect.

The company's directors should consider themselves fortunate: the maximum fine permissible under the DPA is £500,000, which is significantly lower than the potential maximum under the GDPR. This carries fines of up to four per cent of annual turnover, or £17 million. Had the transgressions taken place when the GDPR was in force, the fine could have been much higher.

Background

Bounty is a pregnancy club which provides information and markets offers and services to parents. It provides 'Bounty Packs' of product samples for different stages of pregnancy and parenthood.

Bounty collected personal data for membership registration through its website, mobile app, paper cards and from new mothers at hospital bedsides. As a result, Bounty held the personal data of more than 17 million individuals on its database. 

Individuals that used the paper 'offline' claim form had no choice but to consent to their personal data being used for marketing purposes

The ICO investigation revealed that from 1st June 2017 to 30th April 2018, Bounty shared more than 35 million records with marketing and profiling agency Axciom, credit reference agency Equifax, marketing agency Indicia and telecoms operator Sky, for the purposes of direct electronic marketing. 

Bounty's website privacy notice stated that it collected personal data for the purposes of 'marketing' and 'tailoring the service', and that it may share personal data with 'selected third parties'. Some third parties were named, though Axciom, Equifax, Indicia and Sky were not identified until the privacy notice was later updated. 

Bounty relied on an 'opt-in' option from website visitors and app users from which it purported to infer consent, that linked to the website privacy notice.

Individuals that used the paper 'offline' claim form had no choice but to consent to their personal data being used for marketing purposes if they wanted to join the club. They did not have access to the website privacy notice, so they were not informed how their personal data would be shared when they provided their information. 

Data protection breaches

The ICO found that Bounty failed to comply with its transparency obligations since it had not informed members that it would share their personal data with the four organisations identified above. Members would not have expected their details to be shared in this way, which was unfair and likely to result in damage or distress. 

Valid consent must be informed, which was not the case in this instance, since Bounty had not been transparent about its data sharing arrangements

Bounty claimed that it relied on consent as a lawful basis for processing. However, valid consent must be informed, which was not the case in this instance, since Bounty had not been transparent about its data sharing arrangements.

Further, members who had completed the paper 'offline' forms had no choice but to consent to their details being used for direct marketing purposes, which is at odds with the requirement that consent must be freely-given.

ICO approach to enforcement

The ICO enforcement action against Bounty follows a trend towards higher fines. Bounty was fined far less than the potential maximum under the GDPR; however, recent ICO activity still relates to breaches of the DPA, which is likely to continue for some time yet.

To date, ICO enforcement action has generally focussed on two particular areas of non-compliance; security and direct marketing. The action taken against Bounty demonstrates that the Information Commissioner can and will use her enforcement powers against non-compliant marketers.

The ICO enforcement action against Bounty follows a trend towards higher fines

The principle of fairness, lawfulness and transparency is fundamental to data protection law, and businesses that send marketing materials that are neither fair nor transparent face a real risk of increasingly sizeable penalties.

James Castro-Edwards is a partner at Wedlake Bell LLP and leads the firm's outsourced data protection officer service, ProDPO

The IT Leaders' Summit is back - coming to London on 23 April.

This year, it will focus on 'Driving the Digital Roadmap for the Enterprise'. Speakers include Shivvy Jervis, The Trainline's Mark Holt, NatWest's Tom Castle McCann's Matt Groshong and a special keynote from a high-profile tech leader and visionary. For more details - and to reserve your place - check out the dedicated website. Places are FREE to qualifying CIOs, IT leaders and senior IT pros, but are going fast!

Why SAP seems to be sidelining HANA

By John Leonard | Analysis | 18 April 2019
SAP - HANA is being shuffled out of the limelight

Big changes are under way at SAP, and HANA's weaknesses may be the root cause

SAP plans to triple its cloud business by 2023, according to CEO Bill McDermott.

In the same interview, McDermott told CNBC that SAP's aim is to more than double its market value from €120 billion to €250-€300 billion, with revenues growing to more than €35 billion in total at the same time. The German software giant is due to publish its first quarter financial results next week, which may provide an inkling of the baseline for these ambitions.

In March, the leaders of the original HANA team were made redundant, along with a number of their development team members

SAP has gone through an eventful few weeks, culminating in the departure of executive board member and president of SAP's cloud business, Robert Enslin. Chief technology officer Bjoern Goerke, head of global services Bernd Leukert and head of product marketing Ken Tsai are other high-profile SAP staff who have left the company recently.

Meanwhile, in March, the leaders of the original HANA team - Thomas Jung and Rich Heilman - were made redundant, along with a number of their development team members (although Reuters has since reported that Jung and Heilman are now staying at the company, albeit in new roles). In total, some 4,400 employees can expect to receive their marching orders, if they haven't already.

So, a major restructuring is under way at Europe's largest technology company.

For SAP to achieve its ambitious goals it will need to do far more than its current strategy of cajoling often reluctant customers into the cloud or onto services based on its HANA database platform. Instead, its goal appears to be transforming itself into a digital platform company - C/4HANA the customer experience oriented CRM suite could be a move in that direction.

"SAP has realised that it needs to shift its strategy and their priorities," analyst Josh Greenbaum of Enterprise Applications Consulting told CMSWire, adding that HANA is no longer a differentiator in the enterprise marketplace.

One part of the problem is the architecture of HANA itself, according to Mathias Golombek, CTO of database firm Exasol. An amalgam of three separate acquisitions (TREX, MaxDB and P*TIME), HANA was hurried out amid great marketing fanfare as a general-purpose database to displace Oracle, he said. However, while it is appropriate for many use cases it fails to scale to big-data type scenarios and its mixed heritage makes it difficult to maintain and optimise.

"It was an awesome story they told the market, but they didn't deliver on 50 per cent of the story. For SAP BW it works pretty well, as the analytical part of the stack, but as a standalone database using it with Tableau or Microstrategy or other BI tools then it doesn't really deliver.

"The primary goal was to [compete with] Oracle underneath SAP BW, but what they did wrong was telling people they are now going into data warehousing and standalone database market, because that's something totally different."

Despite the quality of its development team, SAP has been unable to refactor HANA to suit these use cases, Golombek said, because thousands of customers were already reliant on it and it would be very hard to make the changes backward-compatible.

HANA combines OLTP and OLAP capabilities, with row store and columnar store in the same box, but at the time it was released the market was already starting to move away from the idea of an all-purpose database, towards combining multiple databases each optimised for a particular purpose.

Angela Eager, research director enterprise software and application services at analyst firm TechMarketView, agreed that SAP's former strategy has come to the end of the road.

"With so many multi-modal databases in the market it is hard for a supplier to stand out and SAP's strengths have been applications and business processes," she said.

"HANA is the database behind applications such as S/4HANA and C/4HANA and that's unlikely to change. However, the restructuring around HANA and ABAP [SAP's programming language], coupled with work around SAP Cloud Platform and Cloud Foundry technologies for example, could suggest SAP is opening up to alternate databases and open source platforms as part of its wider cloud strategy."

Golombek also believes SAP will start reducing the emphasis on HANA "hiding it underneath their BW and European solutions and focusing more on the business side."

Edit: 19th April.

Responding to this story a SAP spokesperson said the restructuring "is designed to invest more of our resources in areas where SAP customers tell us they expect us to invest. New SAP HANA innovation is one of those key priority areas."

SAP also sent the following comment from CTO Juergen Mueller:

"The reality is that HANA has been wildly successful for SAP and for our customers with more than 28,000 customers on the SAP HANA platform. Almost all of our SAP applications, including SuccessFactors, make use of HANA now. This turns it into one of the largest-scale, if not THE largest-scale, enterprise application database. Just with SuccessFactors, more than 125 million cloud users are getting the benefit of SAP HANA.

"SAP continues to innovate on SAP HANA, in fact the latest version of SAP HANA (SPS04) was released this month (April 2019) and includes many innovations across the board to deliver even more intelligence, agility and efficiency."

 

Delta is a new market intelligence service from Computing to help CIOs and other IT decision makers make smarter purchasing decisions - decisions informed by the knowledge and experience of other CIOs and IT decision makers. 

Delta is free from vendor sponsorship or influence of any kind, and is guided by a steering committee of well-known CIOs, such as Charles Ewen, Christina Scott, Steve Capper and Laura Meyer. 

Ten crucial technology areas are already covered at launch, with more data appearing and more areas being covered every week. Sign-up here for your free trial of the Computing Delta website.

Drupal releases urgent security patches for several 'moderately critical' flaws

By Nicholas Fearn | News | 18 April 2019
Drupal in action!

The vulnerabilities affect the third-party libraries in Drupal 8.6, Drupal 8.5 and Drupal 7

Open-source content management system Drupal has released a series of software updates to fix several "moderately critical" vulnerabilities.

The issues, which affect the Drupal Core service, could enable cybercriminals to launch attacks on hundreds of thousands of websites remotely.

In a string of security advisories, the firm confirmed that the vulnerabilities affect the third-party libraries in Drupal 8.6, Drupal 8.5 and Drupal 7.

Among vulnerabilities is a cross-site scripting flaw in JQuery, a third-party plugin used by millions of website across the world.

Drupal said: "jQuery 3.4.0 includes a fix for some unintended behavior when using jQuery.extend(true, {}, ...).

"If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. This fix is included in jQuery 3.4.0, but patch diffs exist to patch previous jQuery versions."

It went on to explain that the vulnerability could be exploitable with some Drupal modules, recommending: "As a precaution, this Drupal security release backports the fix to jQuery.extend(), without making any other changes to the jQuery version that is included in Drupal core (3.2.1 for Drupal 8 and 1.4.4 for Drupal 7) or running on the site via some other module such as jQuery Update."

The other flaws affect the Symfony PHP components in Drupal Core, letting hackers conduct cross-site scripting, authentication bypass attacks and remote code execution.

When it comes to mitigating these flaws, Drupal told users to install the latest version of the content management system.

Its recommendations were:

However, the firm added that "versions of Drupal 8 prior to 8.5.x are end-of-life and do not receive security coverage".

Delta is a new market intelligence service from Computing to help CIOs and other IT decision makers make smarter purchasing decisions - decisions informed by the knowledge and experience of other CIOs and IT decision makers. 

Delta is free from vendor sponsorship or influence of any kind, and is guided by a steering committee of well-known CIOs, such as Charles Ewen, Christina Scott, Steve Capper and Laura Meyer. 

Ten crucial technology areas are already covered at launch, with more data appearing and more areas being covered every week. Sign-up here for your free trial of the Computing Delta website.

Apple reportedly talking to third-party suppliers for self-driving car sensors

By Dev Kundaliya | News | 18 April 2019
Apple has never discussed its electric car project publically. Image via Pixabay

The company is looking for lidars that are smaller and cheaper than currently available units

Apple is currently in talks with at least four companies as possible suppliers of lidar sensors, intended to be used in self-driving cars, a report published in Reuters claimed.

While it is not yet clear if Apple really wants to launch its own autonomous car, the company looks interested in developing the hardware and software components for self-driving vehicles.

Three people 'familiar with the matter' told Reuters that the iPhone maker is looking for lidars that are smaller as well as cheaper than currently available units, which cost tens of thousands of dollars each.

Lidar is a sensing device that helps on-board computers to build a 3D view of the road. The company wants a "revolutionary design" from third-party suppliers and is also working on its own technology.

Apple wants to control the 'perception stack' of sensors, software and other components to drive a self-driving car

Current lidar systems cost around $100,000. Apple is already using lidar units designed by Velodyne on its fleet of autonomous test vehicles. But, a major issue with these lidars is that they are bulky and not appropriate for mass-produced consumer vehicles.

Apple's interest in lidar sensors is a clear indication of the company's renewed ambitions to enter the electric and/or autonomous vehicle market at some point in the future.

But, Reuters' sources did not reveal whether the company is planning to build its own autonomous vehicle or just wants to supply the software and hardware components of such vehicles in partnership with some other company.

What is clear, however, is that Apple wants to control the 'perception stack' of sensors, software and other components to drive a self-driving car, regardless of who makes the vehicle.

Last year, Apple brought back Doug Field to work on Project Titan. Field is an Apple veteran and Tesla's engineering chief.

Project Titan is Apple's electric car project, which has never been publically discussed by the company. Last year, the BBC reported that Apple already has 66 registered self-driving cars in the US, with 111 drivers registered to operate those vehicles.

Last month, the company hired Michael Schwekutsch, who has also worked on electric drivetrain technology at Elon Musk's Tesla electric car manufacturer.

Apple's test vehicles reportedly drove about 130,000 kilometres in California last year, compared to 1,300 kilometres in 2017.

The AI and Machine Learning Awards are coming! In July this year, Computing will be recognising the best work in AI and machine learning across the UK. Do you have research or a project that you think deserves wider recognition? Enter the awards today - entry is free. 

Samsung responds to reports of Galaxy Fold screen issues

By Nicholas Fearn | News | 18 April 2019

Samsung remains adamant that the screen issues won't affect the launch of the Galaxy Fold smartphone

Samsung is investigating reports that its upcoming foldable smartphone, the Galaxy Fold is susceptible to a number of display malfunctions.

The company has confirmed it has seen reports from a handful of technology journalists that their samples of the yet-to-be-launched Galaxy Fold have been plagued by screen issues.

A number of reviewers have reported screens cracking and flickering on the £1,799 devices

"A limited number of early Galaxy Fold samples were provided to media for review," said Samsung in a statement.

"We have received a few reports regarding the main display on the samples provided. We will thoroughly inspect these units in person to determine the cause of the matter."

The Verge's Dieter Bohn was one of the journalists to pick up on the issues. In a blog post, he said: "You can see a small bulge right on the crease of my Galaxy Fold review unit.

"It's just enough to slightly distort the screen, and I can feel it under my finger. There's something pressing up against the screen at the hinge, right there in the crease."

Trying to understand the cause of this, he continued: "My best guess is that it's a piece of debris, something harder than lint for sure. It's possible that it's something else, though, like the hinge itself on a defective unit pressing up on the screen."

Bloomberg reporter Mark Gurman has also been experiencing problems with the screen on the Galaxy Fold. On Twitter, he wrote: "The screen on my Galaxy Fold review unit is completely broken and unusable just two days in. Hard to know if this is widespread or not.

It seems the issue is caused by removing the protective layer from the screen. Gurman added: "The phone comes with this protective layer/film. Samsung says you are not supposed to remove it.

"I removed it, not knowing you're not supposed to (consumers won't know either). It appeared removable in the left corner, so I took it off. I believe this contributed to the problem."

Samsung said a "few reviewers reported having removed the top layer of the display causing damage to the screen".

The statement continued: "The main display on the Galaxy Fold features a top protective layer, which is part of the display structure designed to protect the screen from unintended scratches.

"Removing the protective layer or adding adhesives to the main display may cause damage. We will ensure this information is clearly delivered to our customers."

While these issues have resulted in much attention for Samsung, it confirmed to Reuters that there will be no change to the handset's release schedule on April 26. 

The IT Leaders' Summit is back - coming to London on 23 April.

This year, it will focus on 'Driving the Digital Roadmap for the Enterprise'. Speakers include Shivvy Jervis, The Trainline's Mark Holt, NatWest's Tom Castle McCann's Matt Groshong and a special keynote from a high-profile tech leader and visionary. For more details - and to reserve your place - check out the dedicated website. Places are FREE to qualifying CIOs, IT leaders and senior IT pros, but are going fast!

EU votes to fine internet giants four per cent of turnover if they fail to remove extremist content

By Nicholas Fearn | News | 18 April 2019
European Parliament. Stock photo

New laws aimed squarely at Facebook, Twitter and Google

Internet platforms that don't remove extremist content in an hour of being asked by authorities face fines of four per cent of their turnover under new EU regulations voted through on Wednesday.

The European Parliament voted by 308 to 207 to implement the tough new rules in a bid to crackdown on online platforms used for "terrorist purposes". 

The laws will target technology giants such as Facebook, Google and Twitter, which have come under increasing pressure by governments around the world to help remove extremist content published via their platforms. 

They come after the terrorist attacks at two mosques in New Zealand in March, which was live streamed on Facebook by a lone gunman. Facebook claimed that it did not receive any complaints from users for around half-an-hour, and took the stream offline rapidly after it was notified. 

In a statement, the European Parliament explained that "internet companies should remove terrorist content within one hour after receiving an order from the authorities to combat radicalisation and contribute to public security".

The statement reads: "With 308 votes in favour to 204 against and 70 abstentions, Parliament backed on Wednesday a proposal to tackle the misuse of internet hosting services for terrorist purposes.

"Companies that systematically and persistently fail to abide by the law may be sanctioned with up to 4% of their global turnover."

According to EU lawmakers, the legislation will target any material (text, images, sound, recordings and videos) that  "incites or solicits the commission or contributes to the commission of terrorist offences, provides instructions for the commission of such offences or solicits the participation in activities of a terrorist group".

The rules extend to content that provides guidance on "how to make and use explosives, firearms and other weapons for terrorist purposes".

Any new legislation must be practical and proportionate if we are to safeguard free speech

The proposed laws have been criticised for their breadth and potential to provide authorities with wide-ranging powers of censorship. But MEPs added that "content disseminated for educational, journalistic or research purposes should be protected, and that "the expression of polemic or controversial views on sensitive political questions should not be considered terrorist content".

Conservative MEP Daniel Dalton, European Parliament rapporteur for the proposal, said: "There is clearly a problem with terrorist material circulating unchecked on the internet for too long. This propaganda can be linked to actual terrorist incidents and national authorities must be able to act decisively.

"Any new legislation must be practical and proportionate if we are to safeguard free speech. Without a fair process, there is a risk that too much content would be removed, as businesses would understandably take a ‘safety first' approach to defend themselves. It also absolutely cannot lead to a general monitoring of content by the back door."

However, Pirate Party MEP Julia Reda, who has campaigned against this and the EU's recently approved Copyright Directive, was less supportive. 

She claimed that a proposal to mandate content upload filters had been rejected by MEPs, but added that the one-hour content takedown deadline was passed by just three votes. 

"Unfortunately, the unreasonable Commission proposal that illegal terrorist content must be taken down within one hour remains the default," wrote Reda in a blog post after the vote

She continued: "The only exception to this rule is for the very first time a website owner receives a removal order from an authority, in which case they get 12 hours to familiarise themselves with the procedure and applicable deadlines.

"Afterward, regardless of platform size or resources, they must react within one hour in order to avoid harsh penalties." 

The law has been put forward in the form of an EU regulation, rather than a directive. A regulation is defined as a "a binding legislative act", which means that it will need to be implemented directly as worded in EU member states' legal systems. 

A directive, in contrast, is "a legislative act that sets out a goal that all EU countries must achieve". 

The IT Leaders' Summit is back - coming to London on 23 April.

This year, it will focus on 'Driving the Digital Roadmap for the Enterprise'. Speakers include Shivvy Jervis, The Trainline's Mark Holt, NatWest's Tom Castle McCann's Matt Groshong and a special keynote from a high-profile tech leader and visionary. For more details - and to reserve your place - check out the dedicated website. Places are FREE to qualifying CIOs, IT leaders and senior IT pros, but are going fast!

The upcoming Avengers movie has crashed ticketing sites: they should have learned the teamwork lesson

By David Waugh | Opinion | 18 April 2019
David Waugh: everything's moving to real-time

A superhero won't help when there are massive surges of demand

To say the upcoming superhero film Avengers: Endgame is highly anticipated would be an understatement. The marketing campaign included pre-order ticket sales, a new trailer and a massive batch of news stories to stoke interest -and it worked, setting a new record for pre-order sales at movie ticket site Fandango, beating the previous figures set by the likes of Aquaman and Avengers: Infinity War.

However, this surge in demand over a short period of time had a major impact on movie ticketing websites. Ticket buyers going through Fandango and AMC in the US, and UK customers purchasing through Odeon, had wait times of between thirty minutes and an hour, experienced website crashes, or were booted off the service before payment was taken.

With a launch of this magnitude, it can be extremely difficult for all the companies involved to plan for capacity across the entire supply chain. But it is possible.

Rather than rely on a single superhero to make a difference, teamwork is required to ensure all the pieces are in place before the traffic surge hits. Working together the team must ensure that services can scale up, work in real-time and be continuously available. They should look to improve customer experience through better processes, newer technology and expanded skills.

Testing the limits of scalability

Public cloud services have long been positioned as an option for scaling up and down rapidly in an elastic fashion. Adding capacity based on demand should be simple. Even if a product launch exceeds your wildest dreams and threatens to break the internet, you can still capture that market, or so the theory goes.

Unfortunately, simply trusting that your public cloud service provider will keep you out of trouble is not the answer. You may find that your initial plans for scaling up don't meet current budget or operations constraints, or worse, there are hidden hurdles that you hadn't planned for.

For example, your data architecture may meet day-to-day service levels without any problems, but a burst of activity or peak traffic may result in significant overheads. When you have a single node in charge of receiving all traffic requests and sending them out for processing, you have created a bottleneck that affects the ability to scale. Even with a limitless cloud service, that restriction could effectively halt future growth. Your ability to scale and meet spikes in demand is only as good as the slowest, most limited part of the architecture.

A masterless data architecture—where any node can take care of any transaction—is the solution. Further, a masterless data architecture can run in multiple places, all at the same time. Rather than being limited to a single data centre or cloud service, a masterless architecture can function across different cloud providers, thereby removing potential infrastructure scalability issues.

If you rely on a single cloud provider to handle surges in demand, then you also have to rely on their availability to scale when needed. Using a multi-cloud or hybrid cloud approach can help you keep some leverage in the conversation with your cloud service providers.

How real is real-time?

Another challenge for the backend infrastructure in response to a movie launch this size is how to respond to events and changes in real-time. First, defining what you mean by ‘real-time'—and what your suppliers mean by real-time—can help everyone understand what is required of your architecture, and determine how quickly you can respond.

For some technology providers, real-time can mean responding in milliseconds as transactions take place. For others, real-time can mean minutes between a set of transactions taking place and data being generated for analysis or alerts. The time involved depends on multiple variables—how quickly transactions can be analysed; whether analysis takes place in batches or per transaction; and how often alerts or reports are sent to people within IT or the business.

The most important criterion is how much time customers expect to wait during a transaction

And while the cost of running internal and cloud infrastructure can also be a factor, the most important criterion is how much time customers expect to wait during a transaction.

For major launches like the Avengers movie, today's data architectures need to accommodate millions of transactions in very short periods. More importantly, these architectures need to meet the needs of every customer, no matter where the customer may be.

Preparing for a major product launch involves a lot of teamwork and a modern data architecture. Estimating demand is a critical task that IT, business, and marketing teams must work on together. And, having a route to deal with your wildest levels of success is just as important. Cloud, hybrid IT and real-time application data architectures all have a part to play.

David Waugh is senior vice president of market development at DataStax

The AI and Machine Learning Awards are coming! In July this year, Computing will be recognising the best work in AI and machine learning across the UK. Do you have research or a project that you think deserves wider recognition? Enter the awards today - entry is free. 

Researchers claim breakthrough in secure quantum communications

By Dev Kundaliya | News | 18 April 2019
In quantum key distribution protocol, quantum properties are used to exchange the encryption key between two parties. Image via Pixabay

The researchers were able to coordinate the path of a pair of photons - one photon for each party - through different fibre network paths

Researchers in Singapore claim to have made a breakthrough in secure quantum communications. 

The joint team, from the National University of Singapore (NUS) and Singapore's national telecoms company Singtel, claim to have devised a novel technique to establish secure communications between two parties by coordinating the paths of photons across a fibre network.

The technique has potential to drive advancement in quantum key distribution (QKD), according to the researchers.

QKD is a protocol, used to establish a secure communication channel during the transmission of light particles over a network. With QKD, it becomes possible for two communicating parties to agree on an encryption key.

In QKD, quantum properties are used to exchange the encryption key between two parties. The encryption key is then used to encrypt the messages being transmitted over an insecure channel.

The QKD protocol can provide security against even the most arbitrarily powerful eavesdroppers. It is based on the fact that any attempt by an attacker to measure a quantum system will eventually disturb the entire system.

In other words, an eavesdropper trying to intercept a quantum exchange will leave traces that can be easily detected by the legitimate communicating parties. As the two parties are alerted about the intrusion, they can abort the session and start a fresh one to exchange information.

In the current study, the research team demonstrated their ability to coordinate the path of a pair of photons (one photon for each party) through different fibre networks paths.

They used Singtel's fibre network for experiments and were able to precisely control the arrival time of two photons. Without this technique, a possibility remains of photons getting out of sequence, thus making it difficult for two parties to settle on an encryption key.

The team said they are now working on actual use cases, such as applications in banking and military areas, where secure communication is essential for long-term security of the system.

"This technology opens up many exciting possibilities for users that require strong and long-term security for their communication," said Bill Chang, CEO of Singtel's group enterprise business.

"It also positions Singapore as a hub for global QKD research," he added.

The IT Leaders' Summit is back - coming to London on 23 April.

This year, it will focus on 'Driving the Digital Roadmap for the Enterprise'. Speakers include Shivvy Jervis, The Trainline's Mark Holt, NatWest's Tom Castle McCann's Matt Groshong and a special keynote from a high-profile tech leader and visionary. For more details - and to reserve your place - check out the dedicated website. Places are FREE to qualifying CIOs, IT leaders and senior IT pros, but are going fast!