Connect with us

Technology

Telecom data storage locations will soon be public in Japan • The Register

Voice Of EU

Published

on

Social media and search engine operators in Japan will be required to specify the countries in which users’ data is physically stored, under a planned tweak to local laws.

The Ministry of Internal Affairs and Communications this week announced it plans to submit the revision to the Telecommunications Business Law early next year.

The amendment, if passed, requires search engines, social media operators and mobile phone companies with over 10 million Japanese users to disclose where in the world they store data, and identify any foreign subcontractors that can access the data.

The proposed law applies to overseas companies that operate in Japan – meaning the likes of Twitter and Facebook will need to disclose their storage choices publicly. Oddly, search engines that just cover travel and food get a pass and don’t have to comply.

Concerns from opponents of the law expressed on Tuesday include how far the measures will extend, and that they may be overly broad and ambiguous. Business operators mused whether they would face difficult to predict management costs and technical limitations of information management.

“There is a risk that costs will be passed on to users in the form of lower service levels and price increases, causing social inefficiencies,” said one response from the Ministry’s telecommunication carrier hearing.

The move is in part a reaction to Japan’s hugely popular homegrown freeware instant communication app, LINE, which had several recent snafus related to data storage and protection.

In March of last year, it was revealed that some of LINE’s data had made its way to China – prompting Japanese government officials to stop using the app. Previously, LINE was used for many regional governments’ communications. As one Reg reader pointed out, the ban did not last long and the use of LINE has been reinstated by some regional government services.

A few months later, 100 local political figures and had their LINE communications extracted when a cyberattack managed to turn off encryption functions.

And only a few weeks ago, it was announced that 133,000 LINEpay users’ data was uploaded to the unlikely location of GitHub when a research group employee allegedly made a random oopsie.

With those incidents in mind, the government’s legislative move seems less like a knee-jerk reaction and more like warranted preemptive action against future data snafus – particularly as different countries employ varying storage standards and laws.

A company in violation of Japan’s proposed amendment could face business improvement orders and more. In addition to the amendment to the Telecommunications Business Law, businesses will have to comply with Japan’s Personal Information Protection Law from April 2022. ®

Source link

Technology

Facebook given EU go-ahead to pursue controversial Kustomer acquisition

Voice Of EU

Published

on

The EU’s antitrust chief Margrethe Vestager said she was satisfied for the company now known as Meta to pursue its Kustomer acquisition after it struck a deal for rivals.

Meta, the company formerly known as Facebook, has secured antitrust approval from the EU to pursue its acquisition of US customer services software start-up Kustomer.

The social media giant’s decision to acquire the start-up attracted EU scrutiny last April, months before its rebrand. Then known as Facebook, the company planned to integrate Kustomer’s products, including a chatbot, into its service.

Now, Meta has assured the European Commission that it will provide rivals free access to its messaging channels for 10 years.

The EU was satisfied that this addressed competition concerns which previously arose from the company’s decision to acquire Kustomer.

“Our decision today will ensure that innovative rivals and new entrants in the customer relationship management software market can effectively compete,” EU antitrust chief Margrethe Vestager said in a statement.

Last December, Vestager’s Digital Markets Act was passed by EU lawmakers as part of the body’s plans to tighten the monopoly large multinationals hold in Europe’s digital space.

Facebook had initially announced its acquisition plan in November 2020. In February 2021, the Irish Council for Civil Liberties wrote to the European Commission outlining its concerns over data that Kustomer had gathered and what might happen to that data under Facebook’s watch. The Commission also received a referral request from Austria flagging concerns over the Kustomer deal.

Other Meta acquisitions have also attracted the scrutiny of competition regulators. Last November, the UK ordered Meta to sell Giphy after its acquisition of the GIF making company was found to have breached competition rules. In the US, it is facing an antitrust suit that could force the company to sell WhatsApp and Instagram.

The EU’s decision to allow Meta to pursue the acquisition of Kustomer comes following a recent vote in the European Parliament in favour of the Digital Services Act, a companion of the Digital Markets Act. The act represents the EU’s attempt to shift the balance of power away from Big Tech in favour of ordinary people.

The long-debated act was hailed by Facebook whistleblower Frances Haugen as a “gold standard”.

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Continue Reading

Technology

Now that I’ve finally played The Last of Us, who wants to talk about that ending? | Games

Voice Of EU

Published

on

‘OK, Dad, this is an incredible essay on the effects of grief and grey morality in a postapocalyptic society,” says the eldest child, AKA the millennial. “It’s got proper female characters, progressive takes on sexuality and tonnes of rain.”

“They’ve made a video game of The Handmaid’s Tale?”

“No, Dad. It’s The Last of Us. Don’t worry. It’s still a zombie shooter. And both games have the best ending ever.”

Now she has my interest. Video game endings fascinate me, because my generation started out with arcade games that didn’t have them. Pac-Man kept eating dots and chasing ghosts and the Space Invaders kept coming, wave after incessant wave. The first arcade game that had an actual ending was Dragon’s Lair and nobody actually saw that because it was so hard to complete.

I have a tough start with The Last of Us because I hate games where you search for stuff in every room of a house. I spend my normal life doing that with car keys and headphones. I want games where you walk into a room and all the objects get sucked into a magic pocket. But that isn’t realistic, I hear you cry. Well, neither is only being able to carry three shivs in a world where, despite the zombie apocalypse, cargo pants clearly still exist.

The Last of Us.
Jaw-dropping … The Last of Us. Photograph: Sony

I also hate any form of crafting, because that was what my generation had to do for “fun” as kids before we had video games. Whether it’s smoke bombs from sugar and explosives or a set of Action Man drawers from matchboxes, it’s all boring to me.

“Keep going,” I tell myself. “The millennial says it’s got the best ending ever.”

Throughout the first chapter of Joel and Ellie’s jaunt across a post-infected US I keep trying to guess what this great ending will be. Maybe Ellie isn’t immune to infection after all? Maybe Joel is her real father? Maybe they’re both unwitting participants in some reality TV show, I’m Infected Get Me Out of Here?

As you will all know by now – and if you’ve yet to play The Last of Us then please stop reading – the ending has Joel murder a perfectly innocent and well-intentioned doctor who wants to cut Ellie open to find a cure that will save humanity. But Joel has no truck with utilitarian philosophy, because Ellie has now become a replacement for the daughter he lost. So, he disregards mankind’s future and, by stopping the operation, effectively murders the entire human race (alongside a whole hospital’s worth of doctors).

“Why does he do that?” I asked the millennial, in one of many fantastic discussions we had about the game.

“Because he’s a white male,” came the answer, because it’s 2022 and she’s in her 20s. And maybe she’s right. Either way it is a jaw-dropping, supremely brave ending and the terrific Left Behind side-story also brought the feels.

The Last of Us Part 2
Grey morality … Ellie in The Last of Us Part 2. Photograph: Naughty Dog

So, when it came to The Last of Us Part 2, I was beyond excited. Fifty million hours later I was beyond disappointed.

Don’t get me wrong, the millennial nailed it when she said it was a great exploration of the effects of grief and grey morality. But after spending the whole game switching between two strong female characters (literally, have you seen Abby’s arms?) and contrasting factional creeds, you have the final confrontation. They fight. And … they both live. And go their separate ways. The only real damage is Ellie losing a couple of fingers, and the game portrays the worst consequence of this as not being able to play guitar any more. Seriously? That’s the biggest drawback to being fingerless in a zombie apocalypse? The first game ended with Joel murdering an entire civilisation, the second ends with Ellie murdering one song on a guitar. It’s a scene you might have found in The Secret of Monkey Island. It’s hilarious.

The Last of Us Part 2 leaves us with exactly the same non-ending as those original arcade games. Ellie and Abby will go on killing to keep their respective postapocalyptic factions going, both driven by the grief of murdered loved ones. They are both trapped, endlessly chasing ghosts. Sounds familiar…

The millennial says this shows there are no winners when it comes to revenge. I say they want both protagonists alive for The Last of Us 3. It’s a cynical cop out. But then, The Last of Us Part 2 is a game that features the most cynical scene ever, where apropos of nothing, after genuinely bravura portrayals of women, transgender and gay characters, alpha female Abby suddenly gets rogered from behind by some guy. It happens out of nowhere. The game spends umpteen hours portraying progressive sexuality, and then it’s like some marketing man decided they needed to toss the incels a piece of red meat to stop them hate-bombing all over 4chan (which didn’t work). It is easily the most gratuitous bit of nudity I have ever seen in games, and I have played The Witcher 3. The rogerer in question even has a girlfriend. Who is pregnant. Way to shit on a sister, Abby.

“It’s basically Pac-Man with gratuitous boobs,” I say to my eldest, who sighs and pours herself a large cup of coffee. This will be another long discussion.

Source link

Continue Reading

Technology

Texts from HMRC could show taxpayers’ location • The Register

Voice Of EU

Published

on

Exclusive Britain’s tax collection agency asked a contractor to use the SS7 mobile phone signalling protocol that would make available location data of alleged tax defaulters, a High Court lawsuit has revealed.

Her Majesty’s Revenue and Customs had the potential to use SS7 to silently request that tax debtors’ mobile phones give up location data over the past six years, according to papers filed in an obscure court case about a contract dispute.

SMS provider MMGRP Ltd, operators of HMRC’s former 60886 text messaging service, filed a suit against the tax agency after losing the contract to send text messages on its behalf. Court documents obtained by The Register show that the secret surveillance capability was baked into otherwise mundane bulk SMS sending carried out by MMGRP Ltd.

The tax collection agency, which has the power to retrospectively change laws, had been using SMS reminder messages as an enforcement tool.

We asked HMRC for comment, posing a series of questions including how long had it used HLR look-up techniques against taxpayers; did HMRC obtain necessary warrants to carry out HLR lookups and, if so, under what legislation and from which courts; how many times it had used this technique; under what circumstances it was deployed; and is the capability present in a contract with its new supplier.

In response, the Brit tax collection agency admitted to using home location register (HLR) checks, although it maintained: “HLR checks were used solely to check if a customer’s phone number was still active before sending a SMS message.”

What the papers say

The since-settled lawsuit over an alleged breach of public procurement laws was filed by the company which operated HMRC’s former 60886 SMS sender number and brought the HMRC surveillance powers to light.

MMGRP sued the HMRC last summer alleging breach of public contract regulations after the tax authority awarded a multi-million pound deal to one of MMGRP’s rivals in March.

Particulars of claim filed in the High Court in July last year by the SMS provider said:

The document also said the agency had asked for the capability of doing more than merely verifying that tax demands sent by text had been delivered, quoting the contract between the pair as requiring, under “Existing Services”:

In its defence document filed a month later, on 19 August last year, HMRC’s legal team admitted that part of MMGRP’s case, meaning they did not contest its truth.

The Reg wonders why HMRC did not dispute this is the legal papers, and and why the capability was baked into the contract the tax collector was not going to use it.

Describing the contract outlined in the lawsuit as “slightly odd”, Professor Alan Woodward, the University of Surrey-based compsci expert, told The Register: “I can see how this might be required if HMRC must later prove that a letter was received and read in a specific jurisdiction. Someone they are taking to court might claim they never received it or that it had no effect where they were when they were served with some form of formal notice.”

He added: “As with other powers, provided there is suitable legislation, oversight and transparency then it may have a place in chasing some of the tax evaders.”

GSM security expert Tobias Engel told The Register this location-finding service looked like a natural bolt-on to the SMS systems MMGRP was providing to HMRC, characterising it as a fairly routine service feature.

“A few years back this was still very easy,” said Engel, “since getting SMS routing information (the infamous so-called ‘HLR lookup’) already revealed a coarse location of the phone, and that same routing information could then be used to query the network for a more precise location.”

How does it work?

Signalling System Number 7 (SS7) is the signalling protocol used by mobile phone networks to route Short Messaging Service (SMS) messages.

Using SS7 to detect where messages were received is relatively simple. In essence SS7 tells mobile networks where to send messages based on which mast a particular phone number was last connected to. A register of those connections is kept and can be queried.

Thus the technique is called Home Location Register (HLR) lookup. Commands exist for querying a network’s HLR for a particular Mobile Station Integrated Services Digital Network number (MSISDN, or “phone number” to you and I). If you know the location of a mast where that MSISDN was last connected, you’ve got a radius of where the phone could be located. Cross-referencing that radius with multiple masts helps triangulate a specific phone, and thus its user.

This is the data used by police forces and others to locate criminals by tracking their mobile phones.

Bitter contract dispute

MMGRP’s lawsuit came about after HMRC had repeatedly extended the contract following its original expiry date of July 2020.

HMRC leaned heavily on the SMS provider for those short-duration extensions, raising the spectre of “reputational damage to HMRC, to outer [sic] Government Departments who utilise the service and ultimately to [MMG] as a provider” if the company didn’t agree.

For its part, MMGRP admitted that director Daniel Layton, “in the heat of the moment” threatened to shut off HMRC’s SMS services altogether when the tax authority told him it was awarding the contract to another company instead of renewing at the end of its existing term in early 2021.

“Mr Layton rapidly withdrew that threat,” the company’s particulars of claim added.

Ultimately the service was awarded to rival business IMImobile after lots of short-term extensions with MMGRP.

MMRGP owns the old HMRC 60886 SMS shortcode, which is why taxpayers are no longer advised to look out for messages from that number.

The court case has since been settled. HMRC does not say on its website that it makes use of HLR technology to identify taxpayers’ locations – but does list a range of ways in which it might try to contact them. ®

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!