Connect with us

Technology

Gadgets have stopped working together, and it’s becoming an issue | Smartphones

Voice Of EU

Published

on

In 2001, if you listened to digital music, you did it with a large folder of MP3 files. How you acquired them is probably best left between you and a priest, but you may have ripped them from a CD, downloaded them from a file sharing service, or bought them from one of a few nascent download sites.

Whichever option you picked, you’d play them on your computer with a program built for the task. And if you were lucky enough to have an early standalone MP3 player, it was probably made by another company again.

Whether or not MP3s interested you, you probably bought your music on CD, and had a couple of players in the house – maybe a portable one and a hi-fi. Your headphones, of course, connected to whatever you were using, be that a simple Discman or a fancy Nomad Jukebox, with a normal 3.5mm plug.

Today, for millions of people around the world, all those companies have been replaced by one: Apple. You listen to Apple Music on your Apple iPhone through your Apple AirPods. Sure, competitors exist, but with each passing year they struggle to offer a service on parity. Want to use headphones made by a different company? You need to buy a dongle to plug them in if they’re wired, and you won’t have access to the fancy new “spatial audio” streams Apple now offers if they’re Bluetooth. Want to switch to Spotify? You can, but make sure you never accidentally hit “play” when nothing’s on, or Apple Music will start right back up.

Nostalgia is an ill-fitting emotion for the technology sector, where exponential growth rules. The phone in your pocket – possibly even the watch on your wrist – is substantially more powerful than the desktop computer you may have stashed those music files on, and is connected via a cellular connection a hundred times faster than the 56K modem you used to download your MP3s to an internet unimaginably larger and more useful.

But alongside those wild improvements have come other changes with a more mixed outcome. A concentration of power at the top of the industry; a focus on building easy-to-use gadgets over powerful general-purpose devices; and a shift from programs and files to websites and APIs: all have left us in this slightly run-down sci-fi future. Simply put, nothing works with anything else any more, and it’s starting to become a problem.

Interoperability is the technical term for what we’ve lost as tech has matured. Software can be interoperable, either through common, open file formats, or through different programs speaking directly to one another, and so too can hardware: open standards are what allow you to use any headphones with any music player, for instance, or buy a TV without worrying if it will work with your streaming set-up.

Home recorded cassette tapes stacked up in front of a 1990s style cassette, radio and and CD player.
Pre-digital interoperability between brands and formats wasn’t an issue. Photograph: Simon Turner/Alamy Stock Photo

It was a hard-fought victory. Think, for instance, of the hassle of receiving a text document a few years back. Not only would you be lucky to be able to open it using a different program from the one that made it – you would frequently need to have exactly the same version of the program, or face issues.

Some of those difficulties were deliberate. Microsoft’s .doc file format, for instance, was used by MS Word for decades, with key details kept hidden behind a restrictive licence. The company very deliberately didn’t want competitors to be able to make software that could read and make Word files without paying it for the trouble. Microsoft’s market dominance meant that it could hamper competing software with the opposite approach: refusing to support their file formats on its own platforms, effectively limiting the ability to collaborate.

Even with the best will in the world, though, it’s a hard goal to achieve. A notorious instalment of the XKCD webcomic details one pitfall: “Situation: there are 14 competing standards,” says the caption to two people discussing how they need to come up with a better way to make all these things work together. The punchline is that “Soon: there are 15 competing standards.”

But by the dawn of the mobile era, there had been progress. The success of standards such as MP3 for music, JPEG for pictures and MPEG for movies had led to a blossoming of consumer tech that could display and play media, while the internet had helped push compatibility to the front of users’ minds: when your pool of collaborators is larger than the people you can walk a floppy disk over to, it’s more important than ever that your software work with everyone, to the point that even Microsoft switched Word over to an open standard.

And then the industry changed.


When the iPhone came out, it was a very different device from what it became. With no App Store, and a model that required a computer to sync to on a regular basis, it was firmly an accessory to the machines where the real business happened. But even as the App Store arrived and the mobile economy flourished, one limitation stuck around: the phones eschewed the old files-and-folders-based model entirely, in favour of each app having access to its own data and nothing else. It would prove consequential.

In the PC files-and-folders era, interoperability was, ultimately, down to users. Software may or may not be compatible, but the decision to try to make a file in one program and open it in another was entirely up to you. You could use two programs made by developers that had never even heard of each other and, so long as they worked with the same open file format, there was interoperability. That’s not true any more.

Even as updates to mobile phone operating systems have allowed apps more freedom to send data back and forth, the same freedom hasn’t been restored to the user. And when two apps are negotiating whether or not to work together, it’s more than just a simple question of technology.

“There’s a ton of issues here,” says Ari Lightman, professor of digital media and marketing at Carnegie Mellon University’s Heinz College in Pittsburgh, Pennsylvania, “but I think one of the major ones is economics. As data becomes more of an asset, it becomes difficult to exchange that data across multiple different parties in an ecosystem, because they’re monetising that asset. And there’s also a lot of stipulations associated with what happens should there be a violation.”

Apple iPod advertisements in San Francisco, 2005.
Apple iPod advertisements in San Francisco, 2005. Photograph: Justin Sullivan/Getty Images

For many companies, the obvious way around this is to give up on those tricky negotiations altogether – or to hand them off to a larger, more powerful third party. “One of the things that we’re seeing more of, because there’s a consumer push towards this, is using things like Google and Facebook as data sinks,” Lightman says. “Consumers are pushed to say, ‘Well, I want to use this other app,’ a dating app or a productivity app, ‘but I don’t want to fill in all this information, I just want a connection between the two, and I want to shove all the information that I have in Google into this app.’”

Sharing everything you have via Facebook or Google is interoperability of a sort. It’s certainly convenient to be able to log in to Tinder without typing a password, and to automatically populate your dating profile with pictures lifted straight from Instagram. But it’s necessarily limited, both to the services offered by these big companies, and by the fact that they’re not going to help competitors. Notoriously, for instance, Facebook blocked Twitter-owned short video app Vine from this sort of interoperability because, according to an FTC complaint, it wanted to kneecap its rival’s chances of succeeding in the field.

There are exceptions. Perhaps the most famous service bucking the trend has the unwieldy name “IFTTT”, short for “If this then that”. The site’s goal is to be a sort of plumbing for the internet, letting users link together disparate services in all the ways they are normally barred from doing. You can use it, for instance, to send a tweet every time you like a YouTube video, to play the radio when you turn on the (smart) lights in the morning, or just to wire up a big button that orders pizza from Domino’s when you slam it.

But even IFTTT has simply smoothed over the difficulties with making things work together, rather than solving them completely. In fact, its very presence has hindered further openness, some users say: Amazon’s smart home devices, for instance, bar users from building automation using other tools, even if they’re more powerful. For a company of Amazon’s size, simplicity isn’t just a selling point to users: it’s also appealing for Amazon itself. Better to funnel people down one supported service than have to train staff on how to deal with myriad potential problems.

For some, there’s only one outcome that will properly fix things: regulation. Damien Geradin is outside counsel for the Coalition for App Fairness, an industry group that represents companies including Spotify, Tile and Tinder, and has been leading the charge to make interoperability a legal requirement.

“When it comes to Apple, they really like this vertically integrated business model,” Geradin says. “I don’t think that we can say that interoperability has been lost, because it’s never been there. It’s been like that from day one. They like to do everything in house, and they don’t like to make things compatible.

“Now, I think that nobody would challenge that when Apple was a very small company. But now it has become this giant. And it has become a bottleneck in the sense that if you want your app to be distributed on the on iOS devices, you have to go to the App Store. You cannot live without Apple if you’re an app developer. You can’t say ‘screw Apple’, but we want to be able to interoperate, we want to be freer.”

Apple CEO Tim Cook
Apple CEO Tim Cook leaves court earlier this month after testifying in a federal court case brought by Epic Games, maker of the game Fortnite, which claims that Apple has transformed its App Store into an illegal monopoly. Photograph: Noah Berger/AP

Geradin’s group is spearheading a complaint with the European Commission demanding that Apple restore some of that freedom. It’s just one of many such pushes across the world: in America, Epic Games is in the midst of a bruising legal showdown with Apple over much the same issues, while Amazon, Facebook and Google have been dragged into identical battles over their control of their own platforms.

There’s a real chance that we come out of this decade with some of tech’s largest players legally required to begin the painful process of opening up their platforms to the competition – and so, slowly, restoring some of that dream.

In fact, some of the change is coming already. In April, Facebook, seemingly to pre-empt regulatory enforcement, announced an expansion to its “data portability tool”, a feature of the site that lets users send their data from Facebook to other sites and services.

“The ecosystem we are building to support data portability will not come to fruition without regulation that clarifies which data should be made portable and who is responsible for protecting data once it has been transferred,” wrote Facebook’s Steve Satterfield, director of privacy and public policy, in a post announcing the company’s latest feat of interoperability: the ability to directly transfer text posts on Facebook into Google Docs.

Nobody said change was easy, but it’s a start.

Source link

Technology

Goodbye silicone? A new era of breast reconstruction is on the horizon | Breast cancer

Voice Of EU

Published

on

Having an ice pack strapped to your chest – that’s how some describe the experience of taking a walk in cold weather when you have breast implants. Silicone only slowly reaches body temperature once out of the cold, so that icy feeling can persist for hours. As well as being uncomfortable, for breast cancer survivors it can be an unwelcome reminder of a disease they would rather put behind them.

Every year, 2 million people worldwide are diagnosed with breast cancer and the treatment often involves removing at least one breast. But most choose not to have their breasts reconstructed; in the UK, it is only about 30%. Now a handful of startups want to change that, armed with 3D-printed implants that grow new breast tissue before breaking down without a trace. “The whole implant is fully degradable,” says Julien Payen, CEO of the startup Lattice Medical, “so after 18 months you don’t have any product in your body.”

It could spell the end not only of cold breasts, but the high complication rates and long surgeries associated with conventional breast reconstruction. The first human trial of such an implant, Lattice Medical’s Mattisse implant, is scheduled to begin on 11 July in Georgia. Others will soon follow. “We expect to start clinical trials in two years’ time,” says Sophie Brac de la Perrière, CEO of another startup, Healshape.

“It’s exciting,” says Stephanie Willerth, professor of biomedical engineering at the University of Victoria, Canada, who is not involved with the companies. “As engineers, we’ve been playing with 3D printing for half a decade”, but having a clinical use that doctors recognise as useful for patients is key to getting the technology out there, she says.

But in a field fraught with difficult medical compromises, unequal access issues and expectations about what women want, the question is how big an impact the new technology will actually have.


Today, there are two main types of breast reconstruction: silicone implants and flap surgery. While implants are easy to install, flap surgery is a highly specialised business that requires a tissue “flap” being taken from the stomach, thigh or back. Surgeons often recommend flaps because, while there’s a lot of initial surgery and a longer recovery period, it gives a good, long-lasting result.

Silicone is still the most common choice. It is easy and simple, which appeals to cancer patients who either medically can’t have or mentally can’t face having tissue removed from another part of their body. But “it’s far from perfect”, says Shelley Potter, an oncoplastic surgeon at the University of Bristol and the Bristol Breast Care Centre. “It’s quite high risk. There’s a 10% chance of losing an implant.”

Healshape’s 3D-printed hydrogel implant
Healshape’s 3D-printed hydrogel implant, designed to be colonised by the patient’s fat cells over six to nine months. The company hopes to start trials in two years’ time. Photograph: Healshape

Silicone implants also require replacement every 10 or so years and they have had their fair share of scandals: the 2010s PIP scandal, in which a major implant manufacturer was found to have made its implants of dodgy silicone, and the 2018 Allergan scandal, in which popular textured implants were linked to an increased risk of a rare lymphoma. And as an American study from last year shows, it is mainly the idea of having that foreign object stuck inside your body that puts many off reconstruction altogether.

“So what we want to do,” says Brac de la Perrière, “is to give the benefits of the different solutions without the constraints.” In other words: the single, simple surgery of an implant, but without any lingering foreign material to cause trouble.

This can be achieved in different ways. Healshape uses a hydrogel to 3D-print a soft implant that will slowly be colonised by the person’s own fat cells, the initial batch of which is injected, while the implant disappears over six to nine months. The company CollPlant is developing something similar using a special collagen bioink, extracted from tobacco leaves it has genetically engineered to produce human collagen. “I think it will change the opinion of many patients,” says CEO, Yehiel Tal.

Lattice Medical has a different approach. Its implant is a 3D-printed cage made of a degradable biopolymer, in which they encase a small flap from underneath the breast area. This flap then grows to fill the cage with fat tissue, while the cage itself is absorbed by the body, ultimately leaving a regrown breast in its place.

Lattice Medical’s Mattisse implant
Lattice Medical’s Mattisse implant. Vascular adipose tissue is inserted into a bio-resorbable ‘tissue engineering chamber’, which degrades over 18 months. Trials are imminent. Photograph: Lattice Medical

Regrowing breasts using a cage has been shown to work in humans before, in a 2016 trial. However, it only worked in one of five women and the cages were not degradable. Andrea O’Connor from the University of Melbourne, Australia, who led the trial’s engineering team, hopes the new trial will address the problems raised in the first – for example, that patient responses can vary greatly. But if successful, it “would have the potential to help many women to achieve a superior reconstruction”, she says. Lattice Medical says its cage is an improvement because a flat base and larger pores help the tissue grow.

One big unknown is how much feeling the regrown breasts will have. A mastectomy usually means losing some sensation and, according to plastic surgeon Stefania Tuinder from the Maastricht University Medical Centre+ in the Netherlands, reconstruction affects it too. “From our data, it seems that implants have a negative effect on sensation, so the feeling in the skin is less than when you have only a mastectomy,” she says. In comparison, reconstruction from a flap with connected nerves can bring back some feeling within a few years.

Tuinder suspects the implant numbness is both because of nerve damage when the implants are inserted, and because the nerves can’t grow back once they are blocked by a lump of silicone. Whether that will also apply to the new implants remains to be seen, but since eventually there will be nothing to block the nerves, hopes are that sensation will be better.


Tissue engineered implants, however, are not the only recent innovations in the field. Many groups are working on perfecting a reconstruction technique using injections of the person’s own fat, boosted with extra stem cells to help the tissue survive. Medical professionals are still debating the safety and how the breasts hold up long term. In contrast to the new implants, the procedure might have to be done several times.

While any of these new techniques could result in something better than what’s currently on offer, Potter warns that we have a tendency to jump at new and shiny tech – an optimism bias. “We always think it’s going to be brilliant,” she says, but “we don’t want a situation like with vaginal mesh, where in 10 years’ time … we find out we have done something that isn’t helpful.”

Other solutions to the problems of reconstruction do exist. One is living without breasts, known as “going flat”. Contrary to the companies that think they can turn the reconstruction statistics around, people within the flat movement argue that if people were better informed, even more would opt out. “I reckon if [going flat] was given as an equal option,” says Gilly Cant, founder of the charity Flat Friends, “at least another 30-50% of women wouldn’t have [reconstruction].”

A Healshape scientist using software to determine the shape of an implant prior to 3D printing. The implants can be custom-made to suit the patient.
A Healshape scientist using software to determine the shape of an implant prior to 3D printing. The implants can be custom-made to suit the patient. Photograph: Healshape

At the moment, the guidance from the National Institute for Health and Care Excellence (Nice) says that doctors should be aware that some might not want reconstruction. But Cant says it is often presented to people as part of the treatment process. “It’s like, ‘OK, we need to do a mastectomy. Then you have chemo. Then you’ll have your radiotherapy and then we’ll do reconstruction.’ So women live for that reconstruction at the end,” she says. It comes to signal the finish line.

It is particularly contentious when only one breast is removed, because some might want the other taken off to feel and look symmetrical, rather than have a new one made. But according to Cant, many doctors don’t want to remove a healthy breast. Part of the doctors’ concern is that women will regret their decision, says Potter, but “women know what they want to do with their own bodies. We should help and support them to do what they want to do.”

Potter herself would like to see more of the ultimate alternative: not having a mastectomy in the first place. “There’s no evidence that mastectomy gives you better cancer outcomes than a breast-conserving operation,” she says. In this case, the tumour is removed but the breast is kept. For example, one of her patients had a breast reduction that removed her cancer while giving her breasts a lift. “She calls them her silver lining breasts.”


So even without tissue-engineered implants, there are enough options to make the choice a hard one. To help people choose, some charities pair up people considering a specific procedure with someone who has already been through it. At the charity Keeping Abreast, show and tell sessions give people the chance to ask the questions they might be uncomfortable asking their doctor and see the results for themselves.

But according to a 2018 report by the all-party parliamentary group on breast cancer, knowing what you want is not the same as having access to it. “There’s a massive postcode lottery,” says Potter. It stems from flap surgery being so involved that it often requires specialist plastic surgeons who can do minute surgery under a microscope. Many clinics don’t have such experts in-house and while the Nice guidance says people should still have the option, in practice it limits access.

The companies say this won’t be a problem with the new implants, because they are specifically designed to be easy to put in. Flap surgery can take from three to 12 hours depending on the flap, but insertion of Lattice Medical’s implant, for example, takes only one hour and 15 minutes. “It’s really accessible to all plastic surgeons,” says Payen.

This accessibility will no doubt be crucial in taking the new implants from a cool technology to something with real impact. But from Potter’s perspective, it’s just one potential piece in a big puzzle, not a techno-fix. The implants “would be an option for a lot of women”, she says. “But I think the main advance is all around access, proper information, giving women choice and hopefully reducing the number of mastectomies that we need.”

Source link

Continue Reading

Technology

What to do about inherent security flaws in ICS? • The Register

Voice Of EU

Published

on

The latest threat security research into operational technology (OT) and industrial systems identified a bunch of issues — 56 to be exact — that criminals could use to launch cyberattacks against critical infrastructure. 

But many of them are unfixable, due to insecure protocols and architectural designs. And this highlights a larger security problem with devices that control electric grids and keep clean water flowing through faucets, according to some industrial cybersecurity experts.

“Industrial control systems have these inherent vulnerabilities,” Ron Fabela, CTO of OT cybersecurity firm SynSaber told The Register. “That’s just the way they were designed. They don’t have patches in the traditional sense like, oh, Windows has a vulnerability, apply this KB.”

In research published last week, Forescout’s Vedere Labs detailed 56 bugs in devices built by ten vendors and collectively named the security flaws OT:ICEFALL. 

As the report authors acknowledged, many of these holes are a result of OT products’ being built with no basic security controls. Indeed, Forescout’s analysis comes ten years after Digital Bond’s Project Basecamp that also looked at OT devices and protocols and deemed them “insecure by design.”

A few hours after Forescout published its research, CISA issued its own security warnings related to the OT:ICEFALL vulnerabilities.

CVEs: The problem? Or the fix?

“Up until this point, CVEs haven’t been generated for these insecure-by-design-things, and there’s a reason for that,” Fabela said. “It’s bad for the industry.”

Once a CVE is generated, it sets into motion a series of actions by industrial systems’ operators, especially in heavily regulated industries like electric utilities and oil and gas pipelines. 

First, they have to determine if the environment contains any affected products. But unlike enterprise IT, which usually has centralized visibility and control over IT assets, in OT environments, “everything is distributed,” Fabela noted.

If industrial and manufacturing environments do have any products impacted by the vulnerability, that triggers an internal review and regulatory process that involves responding to CISA and developing a plan to improve security.

One SynSaber customer sarcastically described OT:ICEFALL as “the gift that keeps on giving,” Fabela said. “He said, ‘Now I have this on top of all my other like, the real vulnerabilities’,” which present a slew of other problems when it comes to patching — such as having to wait until a planned maintenance outage that may be months out — if the manufacturer has a patch at all.

OT protocols don’t use authentication

For example: The current Modbus protocol, which is very commonly used in industrial environments, does not have authentication. 

Forescout’s analysis details nine vulnerabilities related to unauthenticated protocols and disputes the argument that against assigning a CVE ID to a product with an insecurity OT protocol.

“On the contrary, we believe a CVE is a community recognized marker that aids in vulnerability visibility and actionability by helping push vendors to fix issues and asset owners to assess risks and apply patches,” the authors wrote.

While this makes sense from an IT security perspective, Fabela said it’s unrealistic from an OT perspective, and ultimately doesn’t make critical infrastructure any more secure.

Modbus, as a protocol that does not use authentication, could generate “thousands” of CVEs that “affect every product line in the world,” he Fabela. “You’re tying up the product security teams with the OEMs and you’re tying up the customers, the asset owners with CVE that they can’t do anything about.” 

Basecamp researcher weighs in

Reid Wightman is a senior vulnerability researcher with OT security shop Dragos’ threat intel team. He’s also one of the original Project Basecamp researchers, and, more recently has done work on the ProConOs and MultiProg software vulnerabilities.

Forescout cited some of his research, and dedicated a section of the ICEFALL analysis to security flaws with the ProConOS runtime in PLCs.

In an email to The Register, Wightman noted that a lot of industrial controllers have the same set of problems that isn’t going away: “they allow unauthenticated code to run on the PLC.” 

“This means that one malicious logic transfer to the PLC may permanently compromise the PLC,” he added, noting that, because the control logic is causing the change, it can happen outside of a normal firmware update. “It’s kind of a thing I’ve harped on since the Basecamp days, but may be worth repeating. Over and over again. Until the sun burns out, probably.”

Lately, one of Wightman’s “big, personal concerns” is that some vendors say they can use TLS and client certificates to secure controllers, presumably to avoid. In reality, this would just make the traffic more difficult to inspect, Wightman said.

“If an attacker gets onto the engineering system, they may load a malicious payload using CVE-2022-31800/CVE-2022-31801 (or any of the similar problems that exist in almost every logic runtime) into the controller,” he added. “Only, now we have no way of telling whether they did it because the traffic is encrypted.”

So how do we fix the problem? 

“I guess my answer would be: if your engineering system is compromised, throw away all of the controllers that it was allowed to talk to,” Wightman said. “And I doubt most end users would go to that level of paranoia.”

Which, again, points to the insecure-by-design nature of how these systems are engineered.

“Thankfully, we see no signs of any widespread abuse of these protocols or ‘features’ in spite of some of the bugs being well-known for years,” Wightman added. “I really do hope it stays that way.” ®

Source link

Continue Reading

Technology

Amazon to let Prime users unsubscribe in two clicks to comply with EU rules

Voice Of EU

Published

on

There were complaints of ‘a large number of hurdles’ to unsubscribe from Amazon Prime such as complicated menus, skewed wording, confusing choices and warnings.

Amazon has committed to making it easier for users to cancel their Prime subscription to comply with EU rules.

The tech giant will now let consumers in the EU and EEA unsubscribe from Amazon Prime with just two clicks, using a prominent cancel button.

This came following a dialogue with the European Commission and national consumer protection authorities. Complaints had been issued to the Commission by the European Consumer Organisation, the Norwegian Consumer Council and the Transatlantic Consumer Dialogue.

These consumer authorities noted “a large number of hurdles” to unsubscribe from Amazon’s service, such as complicated navigation menus, skewed wording, confusing choices and repeated nudging.

Amazon made initial changes last year, labelling the cancel button more clearly and shortening the explanatory text. This text will now been reduced further so consumers don’t get distracted by warnings and deterred from cancelling.

“Consumers must be able to exercise their rights without any pressure from platforms,” said EU commissioner for justice Didier Reynders.

“Opting for an online subscription can be very handy for consumers as it is often a very straightforward process, but the reverse action of unsubscribing should be just as easy. One thing is clear: manipulative design or ‘dark patterns’ must be banned.”

Amazon has committed to implementing the new changes on all its EU websites and for all devices. The tech giant will be monitored by the European Commission and national authorities to ensure it complies with EU consumer law.

“Customer transparency and trust are top priorities for us,” an Amazon spokesperson said.

“By design we make it clear and simple for customers to both sign up for or cancel their Prime membership. We continually listen to feedback and look for ways to improve the customer experience, as we are doing here following constructive dialogue with the European Commission.”

Amazon has had a number of dealing with the European Commission over the years regarding its business practices. The tech giant was hit with a Statement of Objections in 2020 based on its use of marketplace seller data.

In 2017, an EU case led by competition commissioner Margrethe Vestager also accused Amazon of cutting an illegal deal with the Grand Duchy of Luxembourg to drastically lower its tax bill.

The country was ordered to recoup €250m in back taxes. However, Amazon won its appeal against this ruling last year, as the EU’s general court said the European Commission didn’t provide the “requisite legal standard” to prove Amazon received favour from tax authorities.

10 things you need to know direct to your inbox every weekday. Sign up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!