To keep up with the firehose of news and press releases, we’ve decided to deliver some extra news to you on the side. Some of it is an extension of our own reporting that didn’t make its way into a story, while others might be content we’ve bookmarked for later reading and thought of sharing with you. We’re doing a similar thing at Channel Daily News – check it out here. Today’s inaugural briefing is delivered by ITWC editorial director Alex Coop.
What you need to know, right now
====
Canada’s Finance Minister Bill Morneau says the federal government’s deficit is expected to hit $343 billion this year. The deficit is significant and can largely attributed to the relief programs that have pushed federal spending to a level not seen since the Second World War. Source: CBC News
====
Microsoft Teams just came out with some updates:
- Together Mode – A new video calling concept in Microsoft Teams that uses AI to remove the borders around our separate video feeds and makes everyone on the call feel like they are in the same room.
- Dynamic Stage – Provides more flexibility to change your view in Teams meetings. For example, you can minimize the presentation you’re screensharing so you can see more of the reactions of your audience.
- Expressive Emojis – Emojis – ‘nuff said.
- Reflect – A new feature in Teams that allows a manager to check in on the well-being of their team with anonymous or public check-in questions.
- Cortana – The voice assistant is coming to the platform.
- Video Filters – New video filters touch up your appearance and make turning on the camera more comfortable.
- Click here for a video showing off the updates in action.
===
Slack is acquiring software as a service company Rimeto, it announced Wednesday. Terms of the deal were not disclosed. Source: CNBC.com
A one-on-one with security researcher Talal Haj Bakry
The main course for this morning’s briefing
It was barely the turn of a new decade when security researchers Talal Bakry and Tommy Mysk voluntarily told Apple that most users were oblivious to the fact that content stored in the clipboard on iOS was accessible to a number of apps most people wouldn’t expect. For example, why is Fruit Ninja snooping around back there?
A malicious app that monitors the clipboard can store any content it finds there. It’s also safe to assume most people aren’t aware of what’s floating around on their clipboard. Most of the time they contain contacts, photos, phone numbers, emails, URLs, PDFs of official documents, audio files, word documents, spreadsheets, passwords.
“Most people don’t know that their photos contain location information,” Bakry tells me shortly after new iOS 14 features were announced recently. One of its new tricks is notifying users whenever an app accesses the device’s copied text. “And if you happen to have a photo that you’ve taken with an iPhone and it’s copied to the clipboard, these apps can silently read it, and also read the GPS location tag that’s attached to it.”
When Apple found out about the vulnerability and read the detailed report, they acted swiftly, confirmed the vulnerability, and patched it. I’m kidding, Apple circled back with the researchers a month later and basically said everything is fine. That’s when Bakry and Mysk took matters into their own hands and published their findings and highlighted at least 50 apps that were actively snooping clipboard data.
Bakry says many developers had no idea the snooping was taking place. “It turns out there was an older version of the Google advertising SDK that was reading the clipboard for some debugging reasons. It was looking for a particular token. This was the case for several apps where developers had no idea that their app was doing this.”
“We did reach out to Apple again after iOS 14 was announced and asked them if this was a response to our work,” Bakry says, referring to how users running iOS 14 are now notified whenever an app accesses the device’s copied text. “They said yes, and that they will acknowledge us in the security release once iOS 14 becomes public. So that is rewarding.”
In case you missed it
The recent news that we maybe didn’t get to yet, or it’s the news we’ve reported on and feel is worth resurfacing. Sometimes we’ll also feature awesome stories from other publications.
EY Canada’s recent survey says that the disconnect between cybersecurity and business teams is more prominent in Canada compared to global peers. The 2020 EY Global Information Security Survey finds that 34 per cent of Canadian organizations have yet to fully articulate their cybersecurity risk, compared to 16 per cent of global peers. Other takeaways from the survey include:
- Only 10 per cent say there’s a high level of consultation between the cybersecurity team and lines of business
- Over a third (34 per cent) of Canadian organizations cannot articulate their cyber risks – compared to only 16 per cent of global peers
- Close to half (43 per cent) of Canadian boards are unable to quantify cybersecurity in financial terms
===
A research group in Montreal has outlined some ways that companies can navigate the inherent bias in AI models. The beefy 128-page report from the nonprofit group Montreal AI Ethics Institute highlights how biases can enter at any stage of the ML development pipeline and solutions need to address them at different stages to get the desired results. Additionally, the teams working on these solutions need to come from a diversity of backgrounds including UX design, ML, public policy, social sciences and more.
===
The latest Simplii Summer Survey suggests Canadians are relying on technology more than ever before. In recent months Canadians have started using technology for:
- Seeing friends/family (47 per cent)
- Shopping (33 per cent)
- Groceries/cooking/meal prep (27 per cent)
Other takeaways include
- 68 per cent of Canadians have relied more on digital technology than before.
- 57 per cent have relied on digital banking more over the last few months.
- 76 per cent believe that technology helps with simplifying life.
- 76 per cent also believe simplifying their life is more important than ever.
===
SecTor 2020 is going virtual. The popular Canadian cybersecurity conference has announced that registration for this year’s virtual conference is open.
===
From IT World Canada – Intel details Thunderbolt 4, devices coming later this year
Intel this week announced its new Thunderbolt 4 specification for improved peripheral connectivity. Details of the announcement include:
- Video support has been expanded to drive two 4K displays or one 8K display.
- Thunderbolt 4 certified cables now guarantee performance up to 2m long.
- Both Thunderbolt 4 PCs and peripherals are expected to arrive later this year.
===
From IT Business Canada – Global spending on cloud-based web conferences set to hit $4.1 billion in 2020
It’s no surprise to see this trend taking place. The global spending on cloud-based web conferencing continues to expand and is expected to hit the $4.1 billion mark in 2020, according to data gathered by LearnBonds. Our own Pragya Sehgal reports on some of the latest data.
===
From Channel Daily News – OVHcloud’s hosted private cloud offerings make a bit of noise in latest Forrester Wave report
I caught up with OVHcloud’s CEO Michel Paulin recently and spoke to one of the cloud provider’s customers from Halifax.
===
ITWC’s Digital Transformation Awards are next week – and we’re going virtual! Don’t forget to register. More details here.
Bookmarks of the week
A few bookmarked Tweets that we think are worth sharing with you
Cloud economist Corey Quinn walks us through a surprise Amazon Web Services bill of $2,700 belonging to Red Hat’s Chris Short. It’s a good thread that highlights the inheritance weaknesses with the AWS platform when it comes to moving your data around.
That’s right–it’s threading time!@chrisshort‘s surprise @awscloud bill of $2700 looks S3 driven… https://t.co/VnXufn24iA pic.twitter.com/tKLWv5rHtW
— HydroxyCoreyQuinn (@QuinnyPig) July 6, 2020
Microsoft says Project Freta was incubated at Microsoft Research. It’s a roadmap toward trusted sensing for the cloud that can allow enterprises to engage in regular, complete discovery sweeps for undetected malware. It sounds a little complicated, but cloud-based VM forensics at a massive scale does sound like a good idea. Microsoft says if commercial cloud could guarantee the capture of malware, no matter how expensive or exotic, in volatile memory, producers of stealthy malware would then be “locked into an expensive cycle of complete re-invention, rendering such a cloud an unsuitable place for cyberattacks.”
As we are now more dependent on remote operations, traditional responses to cyberattacks, like failing offline, aren’t always possible. Learn how Microsoft researchers are releasing Project Freta, a prototype to remotely image malware in virtual hosts: https://t.co/vxjgtFX2KX
— Microsoft Research (@MSFTResearch) July 6, 2020
Some examples of devices helping businesses reintegrate themselves into the office environment.
Many employees who have been working from home for the past few months are starting to return to the office, and some are finding buildings equipped with new technology to try to help keep employees safer during the pandemic. pic.twitter.com/54eQYNuSWA
— CBS Newspath (@cbsnewspath) July 6, 2020
We’d love to hear from you, so please leave a comment if you like what you saw above (or didn’t like, we love feedback). And if you have any news tips or pitches, send them to acoop@itwc.ca