Netflix dominates the internet, but keep an eye on gaming geeks – Sandvine

Netflix currently accounts for an incredible proportion of global internet traffic, though the gaming segment is starting to throw its weight around.

According to research unveiled by Sandvine, The Global Internet Phenomena Report, Netflix now accounts for 15% of the total downstream volume of traffic across the entire internet. This is an astronomical number when you consider the service only has 130 million subscribers, a large number but some would perhaps has thought higher, while there are roughly 1.7 billion websites on the internet. Video on the whole accounted for 58% of the traffic meandering along the digital pavements.

Netflix, and video on the whole, dominating trends is not a new idea. This is something the telcos have been preparing for, though the gaming segment has been rarely discussed. Gaming has traditionally been reserved for very niche demographics, though with more content providers targeting mobile applications, the target audience has been increasing substantially, as has the depth and scale of the games themselves.

Looking at the contributions to the bottleneck, in Europe two of the top ten owners of downstream traffic volume are relating to gaming; PlayStation and Steam (focused on PC-based gaming). PC games can be as much as 100 GB in size, owning to consumer demands to make more larger and more immersive environments, though telcos would be wary of the continuing momentum for mobile games. With data becoming cheaper for the consumer and devices becoming more powerful, content developers are being encouraged to introduce mobile games which are more on par with those on other platforms. The sheer breadth, depth and variety of these titles on the app stores is quite staggering.

This of course will stress networks, especially considering many users of these games will use them when out and about, not connected to home broadband or public wifi. Ensuring these mobile games meet the demands of the consumer will be critical, as it may well soon become another stick to hit connectivity providers with.

Another interesting statistic to emerge from the data is the level of encryption. Sandvine estimates 50% of internet traffic is now encrypted, though this might be a conservative guess. The estimate only accounts for sources which are encrypted consistently, the number might well be higher, and it is certainly increasing. For consumers, this is a promising trend set against a backdrop of data privacy scandals and breaches, though it is an added complication for the telcos.

Encryption of course protects the consumer from wandering eyes with nefarious intentions, but it also prevents the telcos from keeping an eye on what is going on. Without visibility into what type of traffic is traversing the algorithmic piste, the telcos cannot tailor the delivery and enhance the experience for the consumer. The blame of poor experience might be thrown towards the telcos, but with encryption trends heading northwards, they are relatively helpless.

Limies, Yanks, Kiwis, Ozzies and Mounties have another crack at killing encryption

In a carefully worded statement, the governments of the US, UK, Canada, Australia and New Zealand have reiterated their desire to crack encryption and snoop on citizens.

The cryptic message to the technology industry seems to be a relatively familiar one; our spies can’t crack your encryption software, so we are going to legally force you to grant us access. What you can expect to see over the next couple of months are various statements in the press, PR campaigns and op-ed pieces building a picture as to why the technology giants are undermining the judiciary system of democratic nations, and how they are toying with the safety of your life, your partners and of your children. It’s a tactic we’ve seen before, and we suspect it is on the horizon once again.

This appears to be the important aspect of the statement:

“Privacy laws must prevent arbitrary or unlawful interference, but privacy is not absolute.  It is an established principle that appropriate government authorities should be able to seek access to otherwise private information when a court or independent authority has authorized such access based on established legal standards.  The same principles have long permitted government authorities to search homes, vehicles, and personal effects with valid legal authority.

“The increasing gap between the ability of law enforcement to lawfully access data and their ability to acquire and use the content of that data is a pressing international concern that requires urgent, sustained attention and informed discussion on the complexity of the issues and interests at stake. Otherwise, court decisions about legitimate access to data are increasingly rendered meaningless, threatening to undermine the systems of justice established in our democratic nations.”

In short, governments want to force technology companies to open up their security features because they are not able to crack though themselves. The encryption software is not only good enough to protect users from the nefarious characters on the dark web, but it is resilient enough to keep the spooks at bay as well.

Of course there are scenarios when privacy and freedom of expression should be sacrificed, in an instance of war or genuine threat to national security. And there are cases where homes or offices could be searched in years gone because of a warrant signed by a judge. These warrants were critical in the pursuit of and prosecution of criminals. The digital world does make it difficult to make these pursuits a reality, but that does not warrant the introduction of backdoors in the software.

If a police force entered your home in years gone to seize information, they would enter through your front door. This is a barrier to protect your home and personal belongings, but allowing a backdoor in security features for intelligence agencies or police forces is also a welcome mat for hackers. The man on the street cannot protect themselves from this threat, therefore these governments are compromising the safety of the vast majority to further their own ambitions.

As it stands, these governments have offered no explanations as to how intelligence agencies would be able to access the information, but securities would remain robust against nefarious individuals on the dark web.

We contacted the UK Home Office which did not respond to our questions.

The Home Office did not respond to how it could justify weakening security in the name of security, or how it would actually work. Neither how it would prevent abuses of any preferential treatment for intelligence agencies or police forces. Finally, it did not offer any explanation for the process of accountability or justification.

Whenever there is progress in the technology world, the government and its agencies are left behind. Industry is lightyears ahead of intelligence agencies and police forces, and the government is attempting to scare the population into agreeing it is necessary to weaken encryption in pursuit of national security. It is a game of PR to justify legally strong-arming the technology companies into compliance.

This statement from the government is simple; we don’t like encryption services. That much is clear. There are circumstances where the government has a right to suspend privacy, assuming there is enough justification, but we are yet to see any evidence the government can ensure the ongoing protections of users whilst also fulfilling its ambitions.

Destroying safety in the name of safety is a complete contradiction; such actions are not a service to citizens.

Tech giant reaffirm stance against government snooping

Reform Government Surveillance, a coalition of some of the world’s largest tech companies, has agreed on a sixth core principle to guide its advocacy efforts going forward.

The sixth principle reaffirms the groups position on encryption and the worrying trend of short-sighted government official’s efforts to force build-on vulnerabilities into software. This is not a new argument, though governments are still standing firm on ignorant foundations, arguing the ridiculous idea that reducing the effectiveness of security features is a good idea.

The principle is as follows:

“Strong encryption of devices and services protects the sensitive data of our users – including individuals, corporations, and governments. Strong encryption also promotes free expression and the free flow of information around the world. Requiring technology companies to engineer vulnerabilities into their products and services would undermine the security and privacy of our users, as well as the world’s information technology infrastructure. Governments should avoid any action that would require companies to create any security vulnerabilities in their products and services.”

While it is an argument which has died down in recent months, it is still bubbling away in the background as other scandals offer politicians the opportunity to get their superficial grins on the front pages. In the UK the tech giants might be glad to see the back of the forgetful former Home Secretary Amber Rudd, who has led a campaign against encryption, though her successor has not revealed his stance just yet; Sajid Javid might prove to be just as idiotic.

At Telecoms.com we appreciate there is a balance to strike between the physical protection of a nation and online security. Governments should be granted access to information when justified, however building vulnerabilities into security features is not the right answer. Should backdoors be built, it would only be a matter of time before hackers and other nefarious actors gain unrestricted access to personal information. The idea is quite frankly ridiculous.

The other principles are as follows:

  1. Limiting Governments’ Authority to Collect Users’ Information
  2. Oversight and Accountability
  3. Transparency About Government Demands
  4. Respecting the Free Flow of Information
  5. Avoiding Conflicts Among Governments

The group features some of the biggest names in the technology world, including Apple, Dropbox, Google, Facebook and Microsoft. Such resistance to ill-advised and ridiculous government ideas such as the weakening of encryption software should be encouraged. It is reassuring to see the tech companies are retaining their firm position against the foolhardy governments and intelligence agencies who have not proved they should be trusted.

WhatsApp boss exits, possibly over privacy concerns, but we’re not convinced

WhatsApp founder Jan Koum is exiting the Facebook family under the guise of privacy concerns, but he might just have gotten all of his bonus.

Using the social media platform to convey his message, Koum did not give any details, though sources close to the matter claim there was a disagreement with executives at parent-company Facebook over privacy, the use of personal information and the potential weakening of encryption software. This might be the reason, or it might just be a good way to justify exiting while maintaining an anti-capitalist image.

“I’m leaving at a time when people are using WhatsApp in more ways than I could have imagined,” said Koum. “The team is stronger than ever and it’ll continue to do amazing things. I’m taking some time off to do things I enjoy outside of technology, such as collecting rare air-cooled Porsches, working on my cars and playing ultimate frisbee. And I’ll still be cheering WhatsApp on – just from the outside. Thanks to everyone who has made this journey possible.”

The Facebook post followed a report in The Washington Post detailing the clash between executives and misaligned values between the two parties. The protection of the users personal information is a core value at WhatsApp, and part of the reason so many have flocked to the service. Back in 2014 when Facebook bought the service, WhatsApp posted a blog promising nothing would change following the acquisition, though the WhatsApp values have certainly been eroded over the years.

Initially it was promised security would be maintained, personal information would not be used and advertising would not appear on the platform. In attempting to change terms and conditions in 2016, and introducing new opportunities for business to connect with customers in January, two of these promises have been compromised. Should the rumours about efforts to weaken encryption be true, all three values have been walked out the door.

As you can imagine, under-fire Facebook CEO Mark Zuckerberg has done his best to calm the waters in replying to the post:

Zuckerberg post

In complementing the WhatsApp encryption advances, Zuckerberg is seemingly attempting to play-down any concerns the protections might be diluted. Zuckerberg has not denied Facebook is weakening the encryption software, but simply calming any potential euphoria. Right now is not a good time for news to leak to the press about weakening privacy protections at Facebook considering the scrutiny the platform is facing in light of the Cambridge Analytica scandal.

While it is very chivalrous for Koum to stand-down over compromises and erosion of WhatsApp principles and core beliefs, we can’t believe he is that naïve. Facebook is an information business and will constantly searching for new ways to improve the advertising platform. When the social media platform bought WhatsApp for a monstrous $19 billion, did Koum honestly believe it was as a philanthropic exercise? Of course Facebook wanted to access the user data.

We are not 100% convinced by these reports. Generally when a company is acquired, especially on this scale, the former management team are incentivised to stay to manage the transition and integration. These incentives are usually spread over a couple of years. Considering it has been 3.5 years since the acquisition was completed, we wonder whether Koum has realised all of his transition bonuses and now just wants out. Jumping on the ‘Facebook is a privacy monster’ train might just be a way to save face. He’s doing it for moral reasons, not because he’s got as much money as possible out of the situation.

In martyring himself, Koum has likely removed one of the final hurdles the Facebook advertising machine had in harvesting the personal information vaults of WhatsApp. Some might argue Facebook has destroyed the principles of the brand, but Koum and co-founder Brian Acton told us how much their values are worth; $19 billion. Considering the reasons for creating WhatsApp in the first place, privacy and a disdain for ads, Koum and Acton effectively did a deal with the devil.

Reports might claim he is making a moral stance against the company, but the high-horse is simply trotting Koum away from any responsibility while dragging the loot over the principles of WhatsApp which now lay tattered and tarnished in the dirt.

French messaging efforts show how selfish governments actually are

France is reportedly considering building its own encrypted messaging platform to protect itself from espionage, completing the full U-turn from last year’s efforts to limit the encryption powers of messaging services.

According to Reuters, a spokesperson from the Digital Ministry confirmed 20 civil servants are testing a new, encrypted messaging app which has been designed by a state-owned developer. The aim will be for every government employee to use the platform by the summer.

This is certainly a change in opinion compared to last year. During August, French Interior Minister Bernard Cazeneuve and German Federal Minister of the Interior Thomas de Maizière met to discuss how data protection laws could be altered to allow intelligence agencies greater insight into the lives of citizens. The idea would have been to build a back-door in the encryption software, which would allow spooks access and permanently weaken the security feature of the platforms.

It would appear that spying on its own citizens is perfectly acceptable, but the threat of President Emmanuel Macron’s lunch order leaking to the Daily Mail is one step too far. We understand and accept certain aspects of government need to be kept under the strictest of confidence, but privacy is a right to European citizens, even from elected officials.

The ‘do what I say, not what I do’ attitude of governments around the world is starting to taste very bitter.

The French government version of an encrypted platform is based on opensource code found on the web, and could eventually be available for French citizens to use as well. What has not been confirmed is whether the encryption software has had a backdoor built into it, an objective for governments all around the work to improve snooping capabilities. If this was the case, it would surprise very few people, however it would also make the offering fundamentally flawed from the outset. A backdoor is a weakness in the security perimeter, which will eventually be found by hackers; nothing is 100% secure.

To date, French government employees have reportedly been using instant messaging applications from defence group and IT supplier Thales. Citadel instant messaging smartphone app is one offering listed on the website, though President Macron is supposedly a fan of the currently under-fire Telegram platform, which is facing a ban in Russia for refusing to hand over encryption keys to security services.

This is one example of a government which doesn’t like an idea until it benefits the bureaucratic machine. A government owned application will be designed with its own parameters and objectives in mind; this might be another way for intelligence agencies to poke their noses into places they are not wanted.

These agencies and governments have already proved incapable of cracking the encryption software of the likes of WhatsApp and Telegram, therefore a work-around would be required. Considering the scandal Facebook, owner of WhatsApp, is facing, this might prove to be a very good time to pry loyal users onto a platform with zero commercial interests and the promise of never being on your own.

Government gets another weapon in the battle against privacy

Government intelligence agencies and police forces have been briefed on a new tool known as ‘GreyKey’ which promises to unlock iPhones running iOS 10 and 11.

The tool is brought to you by a low-key start-up called Grayshift, about which little is known, but Forbes believes the group is run by ex-US intelligence agency contractors and an ex-Apple security engineer. It’s only in the last couple of weeks Grayshift has been touting its services, and even gaining access to the website is strictly controlled (as you can see here), however Forbes has a friendly which granted it access. And it is as interesting as it is worrying.

How the tool actually works is unknown for the moment, though the vulnerability is likely to stay hidden. Considering the ease at which governments around the world seem to sweep aside data privacy rights of citizens, Grayshift could have quite a captive market. Governments have shown they are incapable of cracking encryption techniques or bending the will of the technology giants, so companies like Grayshift will certainly be of interest.

The tool itself, GreyKey, is available for $15,000 which permits 300 unlocks for the purchaser, but for $30,000 those nosey spooks can use the offline product. The more expensive version comes with unlimited use which will sound like a bargain for Prime Minister Theresa May and Home Secretary Amber Rudd, both of whom have tried their darndest impression of Big Brother (Rudd attacks data encryption and May’s Snoopers Charter). The ads claim to be able to unlock the latest version of the iPhone software, iOS 10 and 11, though an update has been promised to tackle iOS 9 before too long. A demo has also claimed to have cracked the iPhone X.

While details of how the tool works remain unknown, it is assumed ‘brute forcing’ is the favoured technique here. Cracking the encryption software doesn’t seem to be a viable option here (which is one of the few positive notes of this story) as the tool appears to make repeated guesses at passcodes.

The appearance of companies like Grayshift, similar to Cellebrite who offer similar services from Israel, is a thorn in the side of the industry which needs to ensure data privacy is top of the agenda. For the digital economy to flourish, there needs to be trust in it. Unfortunately, with companies exploiting vulnerabilities and refusing to report them, or governments trying to force others to programme backdoors into encryption techniques, the trust will be undermined. There will always be a worry about insecurities in the matrix, and therefore always a hindrance for complete acceptance and adoption of the connected world.

While there are circumstances where privacy will have to be sacrificed for the greater good of society, these instances should be considered incredibly rare. This does not seem to be the approach of governments around the world, who seem quite whimsical with the approach to personal rights. What baffles us is the way in which hacking is becoming legal. Instead of condemning and tackling the problem of vulnerabilities in our lives, governments seem to be encouraging them.

The last 18 months has seen governments act immaturely. The readiness to undermine the digital economy seems far to accessible.

Security is NOT a priority – especially in Japan

PR gimmicks and posturing are irritatingly common in the telco and tech space, most notably when it comes to security. But new research from Gemalto indicates many of the promises are empty.

With data protection and privacy proving to be a bit of a hot topic for consumers nowadays, especially with almost weekly reports of calamitous breaches, security is a good plug for CEOs and CTOs to earn some brand credibility. Should Gemalto’s research prove to be accurate, these statements are nothing more than empty promises from shallow executives who fail to back-up ambitions with any fundamental changes or investment.

While we have taken a relatively negative view here, it should be worth noting security is becoming a bit more of a concern. According to the data, cost and deployment time of new services are the two main drivers for cloud adoption, but security is at least part of the conversation. 26% of the respondents to the survey highlight security credentials are part of the selection process, up from 12% in 2015, but this is still an incredibly small number.

That said, such a dismissive view on security could be dependent on where in the world you are, as you can see from the map below, with Germany hitting the top of the list, and Japan at the bottom:

Global Data Protection

Gemalto asked the respondents whether their organization is careful about sharing sensitive and confidential information with third parties. The fact that Germany is top of the list should surprise very few. Data protection, privacy and residency regulations in the country are some of the most stringent worldwide, though it should be noted that Europe on the whole is quite stern when it comes to data.

What should be concerning is the UK’s statistics; only 35% of the respondents, who are employees of UK firms, believe their organization is serious about how they share information. Only 43% believe their organization proactive in managing compliance with privacy and data protection regulations in the cloud environment, while only 50% of UK businesses have a policy that requires the use of security safeguards as a condition to using certain cloud computing applications.

The UK is not the worst country which was assessed as part of the research, but it certainly wasn’t the best. Considering it is trying to keep in the good books of the European Union with Brexit on the horizon, you would think a more stringent approach to data protection and privacy would be a good place to start. Whether these numbers are high enough to meet to firm standards of the European Union remains to be seen.

Perhaps the most worrying statistic to be drawn out of this research surrounds data encryption. 77% of the respondents believe securing sensitive and confidential information in the cloud with encryption is important today, though only 40% are currently doing it.

Of those who are using encryption tools, 43% believe the information is made unreadable before it is sent to the cloud, 28% say information at rest is made unreadable in the cloud using the vendors tools, while 27% say this information secured in the cloud with the organizations own tools. 52% believe the encryption keys are then controlled in-house, 21% believe it is done by the cloud provider, while 16% hand them over to a third-party.

There are certainly year-on-year improvements on attitudes towards security and also the implementation of new technologies, but this is sluggish progress. A lack of encryption is worrying, especially when you consider the number of breaches which are being reported. Cloud maybe normalized, and arguably more secure than on premise, but hackers are getting brighter; every precaution should be made for sensitive and confidential information.

Unfortunately, it does appear that security will continue to be a PR tool for grinning CEOs to feed to the masses for at least the near future.

UK government continues quest to ruin the reputation of encryption

Amber Rudd is a woman on a mission, and that mission is to mutilate the reputation of platforms like WhatsApp in the pursuit of the destruction of end-to-end encryption.

It isn’t new. Rudd must have been wronged by an online troll at some point and has taken it very personally. She is leading the charge to have WhatsApp and other social media platforms end dark and dirty practices of encryption, irrelevant to the consequences. And the offensive has now taken a different strategy.

“But we also know that end to end encryption services like Whatsapp, are being used by paedophiles,” said UK Home Secretary Rudd in her speech at the Conservative Party Conference (thank you Spectator for the transcript).

“I do not accept it is right that companies should allow them and other criminals to operate beyond the reach of law enforcement. There are other platforms and emerging trends that are equally worrying.”

It is a tactic which we have become used to, but Rudd is seemingly trying to use an association with the lowest form of human to destroy reputations of the messaging platforms. A couple of months ago it was terrorists and now it is paedophiles. And to be honest, it is a clever tactic. If she can get the public onside with a campaign of negative PR, the tech companies might be a bit more willing to come to the negotiating table.

If enough people believe WhatsApp is the home of paedophiles, then soon enough anyone who is seen using the platform could be considered a paedophile. It is PR at its finest. Negative association at its best. Who would use such a platform if everyone is going to think this about you?

In truth, it probably isn’t going to work. Rudd tried her best to use the fear as a motivator to get the public on her side with the idea that WhatsApp is the hiding ground of terrorists, now she is making an appeal to our ethical side and the protection of children. She is manipulating the instincts of parents for her own ambitions.

But what Rudd doesn’t seem to understand is that a removal or weakening of encryption software would make us less safe. Our personal information would be on a platter for any hacker who knows what they are doing. And any paedophile who has this skillset would be able to find out a wealth of information about your children. Fortunately, few politicians are respected enough to turn public opinion, and Rudd seems to sit firmly in this camp.

The British Intelligence services has some of the finest minds in the world, and the fact they are not able to crack the encryption algorithms is a good sign. It means our information is safe hidden behind the security features of platforms like WhatsApp. Rudd’s attacks on the platform are for short-term objectives, with no eye on the long-term consequences.

Yes, there will be paedophiles using WhatsApp for nefarious means, just as there will be terrorists. But these people will be in the minority. Should the vast majority of the population suffer because intelligence services haven’t adapted to the digital society?

Think about it this way, would you ban alcohol because there are alcohol related diseases? Would you outlaw cars because they can be used as getaway vehicles for criminals? Would you get rid of sex because it has led to divorces? We didn’t think so, because it is a backwards approach to the progression of technology.

Rudd’s narrow minded view on technology is not making her many friends and it will fail.