Martin Grossner

Martin Grossner

Using the IoT to target DNS

The original designers of DNS built the system to be simple, scalable, and resilient. Security, however, wasn’t top of mind in the Internet’s early days before the Web, when the network was largely an academic and military tool.

At its most basic, DNS resolves domain names into the underlying IP addresses that identify the network locations of servers and other devices on the Internet. Without it, people cannot find the web sites they’re looking for. “Nearly all clients rely on DNS to reach their intended services, making DNS the most critical—and public—of all services,” explains David Holmes, Senior Technical Marketing Manager, F5 Networks FFIV +0.59%, in a recent white paper.

DNS’s importance to the proper functioning of the Internet makes it an obvious target. “This single point of total failure…makes DNS a very tempting target for attackers,” Holmes continues.

The reason the Dyn DDoS attack got so much attention, however, wasn’t because its DNS failed, but rather because the attackers used toys, webcams, and other household items on the IoT to mount the attack. “In a relatively short time we’ve taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters,” quipped Jeff Jarmoc, Lead Product Security Engineer at Salesforce.com CRM -2.45%.

The IoT may be appallingly insecure, but make no mistake: it’s because DNS is so vulnerable to such attacks that the Internet as a whole is at risk.

Furthermore, efforts to shore up DNS are ongoing, but fall well short of solving the problem. One such effort: DNSSEC. “The Domain Name System Security Extensions (DNSSEC) technology aims to address these issues,” says Holmes, “but its added overhead and complexity are proving to be an additional burden on organizations that are already racing to address problems introduced by rapid growth and DDoS defense.”

Compromising DNS to Build Botnets

Hackers used a complex, distributed network of compromised IoT devices known as the Mirai botnet to mount the Dyn DNS attack. There’s far more to the relationship between botnets and DNS, however, than a mechanism for mounting DDoS attacks.

In fact, hackers use weaknesses in DNS itself to build botnets in the first place.

The key to building a botnet is first, to install malware on unsuspecting users’ devices, and second, to hide the behavior of that malware. And the best way to hide such behavior is by compromising DNS.

In normal usage, the DNS infrastructure refreshes its knowledge of domain names and IP addresses every couple of hours or so – but this ‘time to live’ (TTL) is configurable. To hide the IP addresses of compromised devices on a botnet, hackers simply set their TTLs to a much shorter time frame, thus rotating the assignment of IP addresses too quickly for cybersecurity gear to keep up.

This quick-switch technique is known as ‘fast flux.’ “Fast flux is a technique that uses compromised computers to provide scalability, geographic diversity, anonymity and redundancy to organized cybercrime operators,” explains Wayne Crowder, Director of Threat Intelligence at RiskAnalytics, in a recent report.

Furthermore, most sophisticated botnets take fast flux one step further. “Parts of the botnet use frequently changing DNS NS records [which point to other DNS servers] as well as DNS A records [which associate domain names with IP addresses],” Crowder continues. “This is generally regarded as ‘double flux’ activity — another layer in hiding the network.”

When the records on a DNS server expire, it’s supposed to refresh them from another DNS server up the chain, known as an authoritative server. Today’s botnets have compromised this process as well. “Authoritative DNS is hosted on the fast flux infrastructure itself,” Crowder adds. “This makes it difficult to take specific name servers offline to cripple the botnet.”

The Political Battle over DNS and the Internet

Follow the chain for any authoritative DNS up to the top, and you’ll end up at one of the 13 root DNS servers. In charge of these servers is the Internet Assigned Numbers Authority, or IANA.

IANA’s history is the stuff of Internet folklore, as for many years, IANA was one individual: Jon Postel, one of the early researchers on ARPANET, the US Department of Defense’s precursor to the Internet.

Postel died in 1998, and the U.S. Commerce Department’s National Telecommunications and Information Administration (NTIA) took over responsibility for IANA. In 2014, NTIA announced its intention to transition IANA to the control of the Internet Corporation for Assigned Names and Numbers (ICANN), a non-governmental non-profit with membership from around the globe.

The transition of IANA to ICANN was completed in October 2016, marking the first time in the history of the Internet that DNS wasn’t ultimately under the control of the United States Government.

Support for this move came from a broad range of business interests, from Amazon.com AMZN -2.73% and Google GOOGL -2.39% to conservative-leaning entities like the U.S. Chamber of Commerce and the Republican Editorial Board.

Republican support for the move, however, wasn’t universal. Senator Ted Cruz, for one, argued against this transfer. “Cruz’s stated objection? Handing the keys to the kingdom to ICANN might well allow other governments to begin to meddle with the Internet,” according to The Republican Editorials. “Specifically, undue and unwelcome influence from China is feared.”

President-Elect Trump also stated his openness to “closing parts of the Internet” in the fifth Republican debate. “I would certainly be open to closing areas [of the Internet] where we are at war with somebody,” Trump said. Practically speaking, the only way to ‘close’ parts of the Internet located well outside US borders would be via control of DNS.

Only time will tell what the Trump administration will actually do with the Internet, but regaining US governmental control of DNS would be a likely approach, especially given Trump’s predilection for nationalism over pro-business conservatism.

However, without global cooperation, such a move would have unpredictable consequences, conceivably even dividing the Internet into two separate networks: one for the US and the other for the rest of the world.

Politics, therefore, may destroy the Internet as we know it before hackers do.

Intellyx publishes the Agile Digital Transformation Roadmap poster, advises companies on their digital transformation initiatives, and helps vendors communicate their agility stories. As of the time of writing, none of the organizations mentioned in this article are Intellyx customers.

Source : forbes

Taking an iPhone on an international trip can be a harrowing experience. Every time you post a status update to Twitter or check your email, you imagine your wireless carrier charging you a fortune in international data roaming fees.

But there are ways to stay connected while you're traveling without freaking out about the cost. Taking advantage of some new features in iOS 7 and following a few savvy data-roaming strategies can ensure that at least that aspect of your trip is worry-free.

Close the data spigot

Turn off Roaming and you'll use no data at all.

The most important iPhone setting when you travel internationally is found in the Settings app, in the Cellular section: Data Roaming. Turn this switch off, and when you leave the country, your iPhone will just stop using data entirely, even when it’s on the local phone network.

But that’s a real all-or-nothing proposition. You’ll still be able to get phone calls and texts, and you'll get data whenever you're on a Wi-Fi network. But your iPhone will never transmit or receive data on the local cellular network. You’ll be free from data charges, but you’ll also be free from data.

Use the Cellular portion of the Settings app to restrict which apps can use data and to monitor their usage.

Fortunately, in iOS 7 there’s a way to control the data spigot app by app. Scroll down through the Cellular section of Settings and you’ll find the Use Cellular Data For section. From here, you can turn off Internet access to individual apps. If you’re traveling internationally and just want to, say, load Google Maps data without every other app on your phone generating hundreds of dollars worth of roaming charges, you can say so on this screen: Just turn off the switch for every single app except the one(s) you want to use.

Even better, in this same section, underneath each app, you’ll see the amount of data it uses when you’re on a cellular connection. If you want to carefully monitor your usage while you’re out of the country, scroll down to the bottom of the Cellular section and tap Reset Statistics. Now you’ll be able to see exactly how much data you’re using while you’re gone.

Talk to your carrier

Before you leave the country, talk to your wireless carrier (or visit its website) to see what international plans it offers. It may be cheapest and easiest to buy a very small amount of (expensive) international data rather than paying roaming fees, especially if you’re going to severely limit your data usage or if you’re only going to be out of the country for a few days.

If you’re an AT&T customer, you may also want to ask about unlocking your phone. If your phone is more than two years old (or if you have an older iPhone laying around), you can ask AT&T to unlock its SIM-card slot. If you do so, you can then pop out your iPhone’s identity card when traveling overseas and replace it with one from the country you’re traveling to—and save a bundle on data in the process. (More on this in a little bit.)

If you’re a Verizon or Sprint customer, you’re in luck. Your iPhone has a card slot, but in all likelihood that slot is already unlocked. (If you’re not sure, call your carrier and ask.)

Buy a prepaid SIM card

For €20, I had unlimited data for a week.

Most of us have gotten used to having freely available Internet access in our pockets all the time. It’s disconcerting when it’s not there. To keep using the Internet in the way you’re accustomed, seek out a local cellular provider once you arrive in your destination country, and buy a pre-paid SIM card. (And make sure they’ve got the right size of card for your iPhone; newer iPhones use nano-SIMs, while older models use micro-SIMs.)

When I recently went to Ireland, I visited a Three store and bought a prepaid card for €20. I was in and out of the store in five minutes, about half an hour later my iPhone was on the local 3G network, and I had unlimited 3G data for my entire stay. I was shocked at how easy the entire process was.

Offers differ from country to country, so it’s worth doing a little research before you travel. I was able to identify the right carrier, the right deal, and even the location of the store I needed to go to before I had even left the States.

Keep in mind, for this to work your iPhone needs to have an unlocked SIM slot. I used a Verizon iPhone 5 and it worked just fine, and it worked in an unlocked iPhone 5s as well. Also, once you switch SIM cards, you won’t be able to receive calls at your old phone number until you switch back: Your phone will have a new, local phone number. (Internet-based stuff like iMessage and email will all still work as normal, it’s just your phone number that will have changed.)

I only ran into one problem with this approach: I tried to log into my Facebook account, and it detected that I was logging in from an unusual location (Ireland). It wanted to do a two-factor authentication to verify who I was, by sending a text to my U.S. cellphone number. For that to work, I’d need to switch back to my old U.S. SIM card.

If your iPhone’s not unlocked

If you’re on AT&T and your phone’s not at least two years old, you can’t buy a prepaid SIM card. Do you have a cellular-enabled iPad or (even better) iPad mini? Those devices are already SIM unlocked, so they should be able to accept a local SIM card just as easily as your phone. Toting an iPad mini around foreign streets might seem a little silly, but it could be a nice workaround if there’s just no other way. You could also consider buying or renting a portable Wi-Fi router that connects to the local broadband network—stick it in your pocket and connect your U.S. devices on Wi-Fi.

If you’re planning on traveling internationally in the future, you might want to consider holding on to your old iPhone when you buy a new one, and having your carrier unlock it. If you travel a lot, consider buying an unlocked model or using Verizon or Sprint. My wife’s former boss splits the year between the U.S. and New Zealand, so she bought a Verizon iPhone 5 and uses a local New Zealand SIM card when she’s down there. It works perfectly.

Travel safe

This should all work better than it does. At least T-Mobile is making some strides in this area, offering free 2G international data to its customers. For the time being, carriers seem content to overcharge international travelers for data, so it’s up to the savvy traveler to find ways to cut costs. If you’re using your existing carrier’s roaming plan, turn off data access for all but the most vital apps and turn off data entirely when you don’t need it. If you want to roam free, buy a prepaid SIM card from a local carrier and stop stressing out.

Source : macworld

Saturday, 12 November 2016 16:28

Trump: Obamacare key provisions to remain

US President-elect Donald Trump has said he is open to leaving intact key parts of President Barack Obama's healthcare bill.

Mr Trump, who has pledged to repeal the 2010 law, said he will keep the ban on insurers denying coverage for pre-existing conditions.

He told the Wall Street Journal that he also favoured allowing young adults to be insured on their parents' policies.

"I like those very much," Mr Trump said of the two pillars of the bill.

It was his meeting with Mr Obama on Thursday that had made him reconsider his calls for an all-out replacement of the Affordable Care Act, he told the newspaper.

Asked whether he would implement a campaign promise to appoint a special prosecutor to investigate his defeated Democratic opponent Hillary Clinton over her use of a private email server while secretary of state, Mr Trump said: "It's not something I've given a lot of thought, because I want to solve healthcare, jobs, border control, tax reform."

Meanwhile, protesters angered by Mr Trump's election gathered in several US cities for a third night on Friday. Thousands took to the streets of Miami, Atlanta, Philadelphia, New York, San Francisco and Portland, Oregon, voicing anger at the president-elect's comments about immigrants, Muslims and women.

Police in Portland are investigating the shooting and wounding of a protester on a bridge where anti-Trump demonstrators were marching. Officers had earlier used stun grenades to disperse a crowd of hundreds of people in the city centre.

In a separate interview with CBS, Mr Trump said the parts of Mr Obama's healthcare bill he was "going to try to keep" were "the strongest assets".

He said that while the bill would be repealed and replaced, the changes would provide Americans with "great healthcare for much less money".

He made the statement during an interview with the 60 Minutes programme, which is due to air on Sunday.

Also on Friday Mr Trump put Vice-President-elect Mike Pence in charge of his transition team, replacing New Jersey Governor Chris Christie.

Analysis by Anthony Zurcher, BBC North America reporter

"Repeal and replace" - with emphasis on the former over the latter - has been the Republican mantra when it comes to Barack Obama's healthcare reform for the past six years. Candidate Donald Trump echoed this when he labelled the programme a "disaster" and promised something much better if he were elected president.

Just days after the US public gave Mr Trump the keys to the Oval Office, however, he said there were parts of Mr Obama's signature legislative achievement worth keeping.

The challenge for the president-elect is that the Obamacare features he praises - such as its mandate that insurers cover pre-existing medical conditions - are made possible by portions of the law he has condemned, like requiring all Americans to obtain insurance.

Keeping the law's carrots while abandoning its sticks could prove difficult.

Complicating the matter is that a "revise and reform" effort may not fly with Mr Trump's ardent supporters and the cadre of arch-conservative politicians in Congress, who want to tear up the law "root and branch".

Mr Trump often broke with Republican orthodoxy while campaigning and didn't pay a political price. He may learn that as president he won't get far without his party establishment's help.

During the election campaign, Mr Trump said the government-run health insurance marketplace was "a total disaster" and "a catastrophe".

"Obamacare is just blowing up," he said only last month, while promising his own plan would deliver "great healthcare at a fraction of the cost".

While running for president, Mr Trump did not offer much detail on what he envisaged would be Obamacare's replacement.

The Republican's plan included tax-deductible health savings accounts and allowing insurers to sell coverage across state lines.

His apparent change of heart on Friday comes amid a surge in applications to join the plan from Americans possibly fearful it is about to be overturned.

More than 100,000 applicants snapped up Obamacare health insurance on the day after Tuesday's election, this year's biggest sign-up, the Obama administration announced.

About 22 million Americans would be without insurance if the law was repealed.

Congressional Republicans have voted more than 50 times to undo the law.

Though the Republicans have maintained control of the Senate, they cannot repeal the Affordable Care Act in its entirety because under Senate rules, the Democratic minority remain in a position to block the move.

The Republicans could, however, starve parts of the bill of funding through a budgetary process called reconciliation.

Obamacare survived a US Supreme Court challenge in June 2015
Image captionObamacare survived a US Supreme Court challenge in June 2015

The law has not been without its difficulties.

Last month, the Obama administration said the average cost of medical coverage under the bill was expected to rise by 25% next year for those Americans who do not qualify for subsidies.

And about one in five consumers would only be able to pick plans from a single insurer, it added.

Former President Bill Clinton last month called the unsubsidised portion of the law "the craziest thing in the world".

In the US - unlike in many other Western countries - private companies, rather than the government, provide health insurance for most citizens.

Source : bbc

Paying the security tax. Answering to Dr. No. Submitting to the control centre. If you’ve ever been responsible for running IT security at a business, these will all sound familiar – too familiar.

But there’s another way to look at security, says Earl Perkins, a research vice-president in the Internet of Things group at Gartner. Presenting at the research firm`s  symposium in October, he spoke of cybersecurity trends to look out for in the year ahead. He also had some helpful advice on how to frame cybersecurity as a benefit to your organization, rather than be viewed as a hindrance.

“We’ve been playing a poker game for decades,” Perkins says. “We’ve been betting just enough chips on security and now we’re hoping the hand we hold will be enough to win.”

Rather than hope the next card off the top turns a weak hand into a flush, security chiefs should take heed of these seven trends and plan accordingly:

1. Seeking the balance of risk and resilience

As organizations have a growing need to move quickly and adopt new technology, security has to stop managing risk and start building resilience, Perkins says. It’s not about abandoning risk management, but balancing it with the needs the business has to create value.“Security doesn’t have to be a Dr. No kind of thing,” Perkins says.Rethinking security’s approach in this way will require defining a new mission. You’ll also have to develop a new risk formula capable of handling new variables and factors. Then communicate this new approach and mission to employees.Soon enough, soon you’ll be seen in a different light.

2. Security disciplines converge while skills expand


The definition of cybersecurity is expanding and chief security officers may find their job requirements are creeping up as a result. In addition to the legacy IT systems to protect, more operational technology (OT) is seeing IT systems embedded with the Internet of Things trend. Similarly, physical security systems such as video surveillance are connected and rely on IT systems.And Perkins has bad news for CSOs: “If it fails, it’s already your fault.”You’ll have to assess what new skill sets are needed on your security team to meet all these new demands. They’ll likely include roles responsible for identity management, embedded security, and cyber-physical security automation.Don’t hesitate to invest in training for your current team, or even build up security skills development within your company’s lines of business. Know where the gaps are and how you plan to fill them – eventually.

3. Secure digital supply chain needs grow

Just because software as a service is now off-loading some application delivery on the IT department’s behalf, that doesn’t mean the job of the chief security officer is also done. Rather, a confusing mish-mash of considerations must be made about how to handle a user and the device before and after accessing these new cloud services. Once cloud apps start integrating with internal systems,




it really gets interesting.The response to this problem so far has been developing management consoles that are multi-cloud and multifunction, Perkins says. As those consoles evolve, they will also help manage security based on a user’s need and priority standing.“I want you to implement and enforce different types of policies based on use,” Perkins says. CSOs should also have an enterprise-wide public cloud strategy, implement solutions that solve cloud complexity, and have a governance approach that matches cloud life cycle.

4. Adaptive security architecture embraced

“Our hope is you’ll reach a point where you create a security architecture where you prevent everything that you could reasonably be expected to prevent,” Perkins says. After that, you’ll need to respond to the ones you missed in an effective way and catch the others you’ll never detect with predictive security.“Detection and response is a lot like going to the barn and seeing the door open and realizing the horse has escaped,” he says. “Predictive would allow us to know the horse is acting kind of funny and we need to be ready.”The technical version of keeping the horse in the barn involves a commitment to software define architectures, dividing a control pane of applications and APIs from your data plane. Your security team should be preventing attacks by isolating systems in this way, and when an incident is detected, the risk needs to be confirmed.From a budget point of view, shift spending from prevention to detection and response, as well as predictive capabilities. From a conceptual point of view, operate like a security operations centre that is in continuous response mode.

5. Security infrastructure adapts

The number of code libraries being used by your organization is only growing and they are all aging. Security checks need to be run on these code sets often, not just when they are deployed. So security application testing has to be embedded into the lifecycle of these repositories.As organizations create a pervasive digital presence through always-connected devices, sensors, actuators, and other IoT gear, network security concerns will grow.“Wi-Fi is not the answer to doing the Internet of Things,” Perkins says. While your gateways will still talk with IP and Wi-Fi devices, there will be strange new elements more familiar to those with OT (operational technology) skill sets. Make sure to talk with those experience with OT in your organization.Many organizations will want to invest in discovery solutions just to find IoT devices within their organization. Also key to managing network security will be setting up segmented network portions, and designating trust zones.

6. Data security governance and flow arrives

“You’re going to have introduced to you different kinds of data flows,” Perkins says. “Some of it will look familiar and some won’t look familiar at all.”To continue to ensure that you can properly audit and protect your data, you’ll have to profile it by its flow type. To start with – is it structured, semi-structured, or unstructured data? In line with your software-defined strategy, create a boundary between your data and its destinations.CSOs will want to incorporate big data plans into their security strategies to keep pace. Priorities should be placed on organization-wide data security governance and policy.

7. Digital business drives digital security

Thanks to IoT, “there is a pervasive digital presence,” Perkins says. “Once you network this presence, it substantively alters the risk for your business.”Digital security is the next wave in cybersecurity and it involves getting a grip on this pervasive presence. Risks include espionage and fraud, sabotage of automated devices, device impersonation and counterfeiting, and beyond.

Source : itworldcanada

Americans are heading to the polls to choose a new president after one of the most rancorous election campaigns the country has seen.

Voting gets under way in earnest on the East Coast from 06:00 EST (11:00 GMT), though some villages in New Hampshire have already polled.

Hillary Clinton and Donald Trump criss-crossed America in a hectic last-minute campaign push for votes.

Results should begin emerging late on Tuesday night, US time, from 04:00 GMT.

Both candidates have held rallies in the battleground states of North Carolina, Pennsylvania and Michigan.

Mrs Clinton urged voters to back a "hopeful, inclusive, big-hearted America" while Mr Trump told supporters they had a "magnificent chance to beat the corrupt system".

Polls give Democrat Mrs Clinton a four-point lead over Republican Mr Trump.

A record number of Americans - more than 46 million - have voted early by post or at polling stations.

There are signs of a high turnout among Hispanic voters, which is believed to favour Mrs Clinton.

The rivals held the final rallies of their campaigns after midnight - Mr Trump in Grand Rapids, Michigan, and Mrs Clinton in Raleigh, North Carolina.

"Today the American working class is going to strike back, finally," said Mr Trump, pledging to reverse job losses.

Earlier, in New Hampshire, he told supporters: "We are just one day away from the change you've been waiting for all your life.

"Together we will make America wealthy again, we will make America strong again, we will make America safe again and we will make America great again."

Mrs Clinton told her audience that they did not "have to accept a dark and divisive vision of America".

She looked forward to "a fairer, stronger, better America. An America where we build bridges, not walls. And where we prove conclusively that love trumps hate".

Election day follows a bitter campaign during which the candidates have traded insults and become mired in a series of scandals.

At a star-studded event in Philadelphia, Pennsylvania, Mrs Clinton was joined on stage by celebrities Bruce Springsteen and Jon Bon Jovi as well as her husband Bill, President Obama and his wife Michelle.

Earlier Mrs Clinton said in a radio interview that if she won she would call Mr Trump and hoped he would play a "constructive role" in helping to bring the country together.

At his rally in Scranton in the same state, Mr Trump insisted the momentum was with his campaign.

The businessman described Mrs Clinton as the "most corrupt person ever to seek the presidency", referring to an FBI investigation into Mrs Clinton's use of a private email server while she was serving as secretary of state between 2009 and 2013.

On Sunday Mrs Clinton's campaign received a boost when the FBI said newly discovered emails sent by an aide showed no evidence of criminality.

Election day voting began just after midnight in the small New Hampshire village of Dixville Notch, where seven votes were cast - four for Mrs Clinton, two for Mr Trump and one for the libertarian Gary Johnson.

Results are expected some time after 23:00 EST (04:00 GMT on Wednesday) once voting ends on the West Coast. State projections will not be available until polling ends - in most states between 19:00 EST (24:00 GMT) and 20:00 EST (01:00 GMT).

Americans are also voting for Congress. All of the House of Representatives - currently Republican controlled - is up for grabs, and a third of seats in the Senate, which is also in Republican hands.

US election: The essentials

Meanwhile Mr Trump's campaign manager Kellyanne Conway sought to allay international anxiety about the Republican candidate in a BBC interview on Monday.

She said criticism from abroad "does not reflect why Donald Trump is running and who he would be on the global stage".

French President Francois Hollande has said the billionaire made him "want to retch".

It follows a series of sex assault allegations made against Mr Trump, which he denies, and the emergence of a recording of him making obscene remarks about women.

Mr Trump has also been accused of stoking xenophobic sentiment after vowing to ban Muslims from entering the US, describing Mexicans as "rapists" and saying he would build a wall along the US southern border to stop illegal immigration.

Source : bbc

QUEBEC — Pulling hate material from the Internet will never be enough to curb the phenomenon of violent extremism, the head of free expression and international relations at Google told a conference on radicalization Tuesday.

“What we’ve seen over the past couple of years is a realization that simply taking the content down doesn’t work because one website goes down, two or three more are up the very next day,” Ross LaJeunesse said. “Simply taking down the content doesn’t address the feeling and the hatred which caused the speech in the first place. You need to engage the speakers who are promoting radicalization and hate online.”

He acknowledged that Google, the U.S.-based company that runs a search engine and the video-sharing service YouTube, has a role to play and argued the company is taking that responsibility very seriously. “We have started doing various programs, where, much like a regular advertising campaign, when someone searches for a key word that we think indicates they’re looking for radical content, we then show them an advertising campaign about content that counters that speech,” LaJeunesse said.

Also, “we don’t allow violent images on YouTube, we don’t allow pornography, we’ve always built YouTube to be a community where everyone is going to feel comfortable participating and speaking and watching content that they like.”

LaJeunesse added people must differentiate between YouTube, which Google controls, and the Internet, which the company doesn’t control. Many people equate Google with all of the Internet, he said.


When young people search the Internet, they’re asking questions and are usually not confirmed radicals, the conference heard on Tuesday. They’re at a stage where you can reach them, engage them, and present them with authentic, alternative voices.

Arguing that “blocking the Internet is a bit like trying to block wind,” panellists agreed that instead of focusing on censorship, societies should teach young people to navigate through the overload of information on the Internet and help them determine what is credible and what is bunk.

“Basically, you want the younger generation to question everything,” said Anantha Kumar Duraiappah, director of the UNESCO Mahatma Gandhi Institute of Education for Peace and Sustainable Development (MGIEP).

Duraiappah insisted the most important skill to have in the 21st century is critical inquiry, “deconstructing an argument and then reconstructing it to see if you’re comfortable with it, being able to say ‘That’s not right.’ ”

He said he’d also like young people to “fire their Gandhi neurons,” in other words, express compassion and empathy, and develop the moral courage to change. All of that has to be in school curricula, Duraiappah argued, because it is what will help teenagers build their identities and belief systems. 

While not promising to change the curriculum in Quebec, Premier Philippe Couillard said it is important to maintain an “analysis culture.” 

“We’re doing it — are we doing it enough, that’s another question to be resolved,” he said.

Couillard announced $10,000 for a “No to hate” campaign that will travel across Quebec schools and youth clubs in the months to come. 

Source : montrealgazette

Discovering potential business and career opportunities is a lot like assembling a jigsaw puzzle. To succeed, you need skills in identifying patterns, finding missing parts and visualizing the big picture. While dozens of variables could affect a new business or job search, success often springs from knowledge of emerging trends in the marketplace.

According to a recent labor market study by CareerBuilder, three catalysts in the U.S. marketplace affect certain occupations, industries and related businesses. These trends, which have accelerated the demand for certain services, products and skill sets, are creating opportunities for both entrepreneurs and job seekers.

"Whether we're talking about the rise of the sharing economy, the power of smart technology, or companies communicating in multiple languages or time zones, these trends are moving the needle on job growth for a wide variety of fields," Matt Ferguson, CEO of CareerBuilder and co-author of "The Talent Equation" (McGraw-Hill Education, 2013), said in a statement.

Lifestyle changes

Although the restaurant business has long been perceived as a risky enterprise with a high failure rate, employment figures suggest a growing demand for well-managed eating establishments. One key indicator is the rate of job growth in the restaurant business from 2012 to 2016. During that time span, nearly 165,000 jobs were added, an increase of 16 percent.

The study also noted that Americans are becoming more health-conscious. The growing popularity of grocery stores that specialize in organically grown, unprocessed food is one of several signs of an escalating consumer demand for products and services that support healthier lifestyles. Additionally, the 12 percent job expansion in the fitness profession reflects increasing opportunities for personal trainers, aerobics instructors, and entrepreneurs starting gym or fitness businesses.

Technology advancement

Predictably, technology continues to play a growing role in everything from business management and marketing to home security and vacation planning. In many parts of the country, career and business startup opportunities are available for software developers, tech-savvy marketing managers and IT consultants, the CareerBuilder study said.

Looking at the big picture, the growth rate of the U.S. technology market is expected to climb from 5.1 percent in 2016 to 5.9 percent in 2017, based on projections from Forrester Research released earlier this year.


The trend toward a more global approach to doing business is also opening doors for consultants, corporations and aspiring entrepreneurs. As companies seek to gain a greater understanding of international markets, more opportunities will emerge for market research analysts. That profession has shown a 15 percent rate of job growth over the past four years, and is expected to continue growing.

The move toward globalization is also creating a stronger demand for cartographers to develop maps for mobile phones and navigation systems. Professionals fluent in several languages are also increasingly sought after in the corporate world.

Globalization has also affected the job market in the environmental arena. The occupation that has shown the most growth in recent years is wind turbine service technician, the report showed. CareerBuilder attributed the 37 percent surge in hiring in this field to "a greater emphasis on preserving the global environment."

The CareerBuilder study was conducted through the company's labor market analysis arm, Emsi, which collects and interprets data from more than 100 employment resources.

Source : businessnewsdaily

HTC was one of the first Android phone makers to settle on a brand and style for its Android skin: HTC Sense. It has changed a lot over the years, but the last few design iterations have been really good. While we might like the Galaxy S6 better than the One M9 overall, it’s hard to ignore how powerful and fun Sense is to use. You just need to know where all the best features are hiding to take full advantage, so here they are.

Use BlinkFeed offline

m9 tips blinkfeed

One of the best features of HTC’s stock home screen is the BlinkFeed panel. Just swipe over to this screen on the left of your main home screen and you can see an aggregated list of posts from all your social networks and a variety of configurable news sources. It’s all very clean and straightforward, but did you know it also works offline? It does, and the feature is pretty robust.

Access the offline configuration by opening up the BlinkFeed settings from the slide-out navigation bar. First, set a mode for Offline reading, which is disabled by default. You can have BlinkFeed cache the full content of the posts or just the text. Content is added to your offline reading list with the button in the top right corner of expanded stories.

You can also decide how you want to read your offline content. The BlinkFeed settings let you pick a reading list service. The default is HTC Reading List, but you can install and use Pocket, Instapaper, and others.

Make themes more customizable

m9 tips htc themes

HTC’s theme engine on the M9 is fantastic, but the options are a little scattered. For example, you can download a theme from the store and apply it, but if you want to change any part of the look, you need to go back to the My Theme section and tap on My current theme. Not the most intuitive place. You can do this for any downloaded or custom themes.

There’s also a separate Personalize menu under the main system settings where you can edit the wallpaper, theme colors, and more. If you are creating your own theme, you should check this menu because for some reason, HTC doesn’t offer you as many color options for custom theme creation. It tries to extract colors from the background image, but going into the My Theme or Personalize area and you can choose the colors from any of your other installed themes.

Sense Home widget configuration

m9 tips sense home

One of the few tweaks HTC has made to the home screen on the M9 is the Sense Home widget. This is a resizable panel that lives on the home screen and shows you a selection of apps that it thinks you’re likely to need based on your location. It’s okay in its default state, but you can make it more useful.

First, tap the drop down menu in the top left to set your location. It will ask you if you’re at home or work, and allow you to set an address manually if not. You can go into the settings (via the overflow button) at any time to change these addresses. The location should switch automatically between home, work, and out. The apps you use most in each of these scenarios will be shown on the widget.

To override the widget’s judgment, you can long-press on an icon and drag it up to remove. To pin it permanently to the Sense Home widget, just hold it in place for a few seconds. You should also get rid of the suggested apps smart folder in this widget. It’s unnecessary clutter.

Motion Launch

m9 tips motion launch

The One M9’s power button is in a slightly awkward spot, but you barely have to use it thanks to Motion Launch. These gestures can be used to wake the device and perform various actions while the screen is asleep. HTC has most of them off by default, but you can choose which ones to use by going into the settings and opening Display & gestures then find Motion Launch gestures.

From this menu you can see a demo of each gesture, and choose whether or not you want it available. For example, a double tap on the screen wakes the device up to the lock screen and another double tap puts it back to sleep. You can also swipe up to unlock immediately or to the right to unlock to BlinkFeed. Most of the six gestures are useful, with the possible exception of swiping down for HTC’s built-in voice dialer. It’s not very good.

HTC Connect

m9 tips connect

HTC has a custom streaming media feature called HTC Connect, but it doesn’t do the best job of surfacing it in the software. HTC Connect will allow you to stream any video or audio to a compatible DLNA, Bluetooth, and Miracast device.

To use HTC Connect, you can open the full screen Connect interface from the quick settings or simply swipe up on the screen with three fingers. There’s a checkbox to turn the gesture on in the Display & gestures menu (called Media gesture), but it should be enabled by default. This pulls up a window where you can pick the target device and connect. To disconnect and go back to playing on your device, swipe down with three fingers.

Customize the navigation bar buttons

m9 tips nav buttons

HTC uses on-screen navigation buttons, and you can actually change the layout or add new buttons. That’s not an option on most phones. These options are accessible in the Personalize section of the main settings. Scroll down a bit and you’ll see Change navigation buttons.

The default layout from left to right is back, home, and overview. That’s the same as other Android devices. You can move those three buttons around and add one more button from a short list of options. There is an auto rotate toggle, notifications, quick settings, hide notification bar, and turn off screen.

Check the box to enable your fourth button, and place it in the list where you want. The screen off button is particularly useful if you don’t like the placement of the power button right next to the volume toggle, but you can just stick with the three standard buttons if you want.

Pocket mode and quiet on pickup

m9 tips pocket and quiet

Smartphones are still occasionally used as phones, right? When you get a call on the M9, you have a few neat options for managing the ringtone. Head into the Sound & notification menu in the main system settings and scroll down to the Incoming calls section. Along the the ringtone, there are three extra features—quiet ring on pickup, pocket mode, and flip to mute.

You can probably guess what they do from the names. Quiet on pickup drops the ringtone volume to an acceptable level when you raise the phone. The speakers on the M9 are loud, so it’s not like you need them blasting right at you while you look at the screen. The phone can also increase the volume to take advantage of those speakers when the phone is in your pocket. It uses the proximity sensor to determine whether or not to use pocket mode. Finally, flip to mute lets you shut the phone up when it rings by turning it face down.

Custom camera modes

m9 tips camera modes

HTC missed an opportunity to wow us with the M9’s camera, but you might be able to squeeze some better results out of it by taking full advantage of all the settings HTC has included. You can alter the exposure, white balance, shutter speed, and more with a few taps. What’s more, you can save your favorite presets and pull them up in the future.

To make changes to the camera’s settings, tap the menu button in the corner. This pulls up the settings for your current camera mode (probably auto if you haven’t messed with it). You can change a few things from auto, but also take a peek in full manual mode. This gives you even more freedom to tweak the settings.

When you’re satisfied, tap the settings gear icon and select Save custom camera. Give it a descriptive name like “better low-light” or whatever you’re trying to accomplish. Any time you want to access one of your saved camera modes, tap the icon in the lower right corner that looks like a cluster of circles and pick your preset from the next screen.

App drawer organization

m9 tips app drawer

You’ve got a few options for keeping your app drawer in order on the M9. The Sense app drawer has a custom organization scheme by default, meaning you can have apps in any order and even drop them into folders. That’s all well and good, but what about good old alphabetical order? Yeah, you can do that. It’s in the drop down in the top left corner. You also have an option of ordering apps by recently used, but that seems like it could be confusing.

In the top right corner is a menu button, which when pressed offers a few useful options. You can hide/unhide apps from here, allowing you to scroll through the list and decide which icons you want removed. These apps will still be installed, and you can unhide them at any time. The menu also lets you choose between a 4x5 and 3x5 grid in the app drawer.

Power saving modes

m9 tips power saving

HTC offers two power saving modes as part of Sense 7, and they have a good amount of customization. You can find the standard Power Saving and Extreme Power Saving modes in the Power section of the system settings. Regular power saver leaves the basic functionality of the phone intact and allows you to selectively enable power savings for the CPU, display brightness, vibration motor, and background data connection. This mode is toggled on and off manually.

Extreme Power Saving is more akin to Samsung’s Ultra Power Saver. The interface is simplified and only a few apps are accessible in this mode. It includes all the tweaks from the standard power saving mode, and also disables background processes. This feature can be turned on manually or automatically when the battery reaches 20%, 10% or 5%.

Source : greenbot

BEIJING -- Baidu has hit a wall as the company struggles to overcome dependence on its mainstay internet search business, and the titan could lose its standing as one of China's big three in online services unless it cultivates new earnings sources.

Earnings barrier

The Nasdaq-listed company said Thursday that revenue for the July-September period slid 0.7% from a year earlier to 18.25 billion yuan ($2.68 billion), the first on-year drop since Baidu's 2005 debut on the U.S. stock market.

Stricter regulations for online ads are hurting Baidu's earnings, CEO Robin Li Yanhong said at the start of the earnings announcement.

Omens had been appearing. Though revenue had risen 30-50% annually for the past three years, that growth slowed to 10% in this year's April-June quarter. 

In April, a college student with cancer died after receiving questionable treatments based on ads shown on Baidu's website. Authorities tightened regulations on internet ads, leading to a plunge in medical service ads via Baidu.

Revenue from the core business of online marketing, which includes search engine ads, shrank 6.7% to 16.4 billion yuan. Clients decreased 15.9% to 524,000 companies as Baidu enhanced scrutiny of ad content in line with the government instruction. Some customers may have switched to rival ad platforms like mobile app WeChat by Tencent Holdings.

Baidu's removal of its travel website business from group earnings also dragged revenue down. Yet the company pulled off a 9.2% increase in net profit to 3.1 billion yuan by reducing costs in areas such as research and development.

But investors do not seem to appreciate the defensive Baidu. The stock price has fallen roughly 30% from its heyday in 2014. Baidu's market capitalization is less than one-quarter that of e-commerce giant Alibaba Group Holding or Tencent.

'BAT' to 'AT'?

Together the trio has been called the "BAT" internet service giants, with Baidu's initial coming first. But Baidu's earnings pale against the other two. Tencent's April-June sales soared 52% on the year to 35.6 billion yuan, while Alibaba's jumped 59% to 32.1 billion yuan. 

Baidu controls about 80% of internet search in China, serving 660 million users via smartphones alone. Global leader Google has virtually no presence here because the U.S. company refuses to accept information censorship by the Chinese authorities.

The search engine market's growth is gradually slowing. But online shopping is rising, and ad orders are seen recovering eventually. Baidu plans a comeback by narrowing its focus to preferred customers and working to raise the unit prices of ads.

Yet Baidu's revenue drop highlights the limits of depending on search ads. Alibaba expanded from e-commerce to online payment and cloud computing services, and the company is enjoying synergies from the varying operations. Tencent rakes in more game revenue through WeChat.

But Baidu is viewed as more cautious about launching new businesses. Its online payment service, begun in 2014, came 10 years after Alibaba's Alipay. Baidu Wallet has fewer than 100 million users, while Alipay tops 500 million.

Over the past five years, Baidu had about 10 acquisitions of at least $100 million, an analyst said. Alibaba and Tencent had more than triple such deals.

The acronym BAT has lost meaning in favor of two dominant players in Alibaba and Tencent, an internet industry analyst said. Baidu, which has charted its own path in China's internet market, has reached a critical juncture.

New engines

Baidu eyes artificial intelligence as a new growth pillar, and the company in 2014 welcomed Andrew Ng, a Stanford University professor and world authority in deep learning -- the basis of AI. He oversees Baidu's AI research institute in the U.S.

In September, Baidu formed a $200 million venture capital department to invest in AI, virtual reality and other such areas. Li himself heads the investment selection committee.

The company announced a plan this month to create Baidu Capital, a 20 billion yuan investment fund. Baidu also is developing AI for autonomous-driving cars by collaborating with a U.S. chipmaker.

Baidu seems to be watching Google, which also expanded from its search engine business. The two companies are similar in their strategy of spending 15% of revenue on research and development and in focusing on AI and autonomous driving. Google has reorganized itself into holding company Alphabet, in line with efforts to accelerate new-business development. Whether this approach succeeds has yet to be seen.

Meanwhile, Baidu faces its own challenge of producing synergies between its strength in search operations and the new business fields.

Source : asia.nikkei

Friday, 28 October 2016 15:33

It’s scary how many ways SEO can go wrong

In search engine optimization, sometimes even small errors can have a large and costly impact. Columnist Patrick Stox shares his SEO horror stories so that you can be spared this fate.

We’ve all had those moments of absolute terror where we just want to crawl into the fetal position, cry and pretend the problem doesn’t exist. Unfortunately, as SEOs, we can’t stay this way for long. Instead, we have to suck it up and quickly resolve whatever went terribly wrong.

There are moments you know you messed up, and there are times a problem can linger for far too long without your knowledge. Either way, the situation is scary — and you have to work hard and fast to fix whatever happened.

Things Google tells you not to do

There are many things Google warns about in their Webmaster Guidelines:

  • Automatically generated content
  • Participating in link schemes
  • Creating pages with little or no original content
  • Cloaking
  • Sneaky redirects
  • Hidden text or links
  • Doorway pages
  • Scraped content
  • Participating in affiliate programs without adding sufficient value
  • Loading pages with irrelevant keywords
  • Creating pages with malicious behavior, such as phishing or installing viruses, trojans or other badware
  • Abusing rich snippets markup
  • Sending automated queries to Google

Unfortunately, people can convince themselves that many of these things are okay. They think spinning text to avoid a duplicate content penalty that doesn’t exist is the best option. They hear that “links are good,” and suddenly they’re trying to trade links with others. They see review stars and will fake them with markup so that they have them and stand out in the SERPs.

None of the above are good ideas, but that won’t stop people from trying to get away with something or simply misunderstanding what others have said.

Crawl and indexation issues

User-agent: *
Disallow: /

That’s all it takes — two simple lines in the robots.txt file to completely block crawlers from your website. Usually, it’s a mistake from a dev environment, but when you see it, you’ll feel the horror in the pit of your stomach. Along with this, if your website was already indexed, you’ll typically see in the SERPs:

Then there’s the noindex meta tag, which can prevent a page you specify from being indexed. Unfortunately, many times this can be enabled for your entire website with a simple tick of a button. It’s an easy enough mistake to make and painful to overlook.

Even more fun is a UTF-8 BOM. Glenn Gabe had a great article on this where he explained it as such:

BOM stands for byte order mark and it’s used to indicate the byte order for a text stream. It’s an invisible character that’s located at the start of a file (and it’s essentially meaningless from an SEO perspective). Some programs will add the BOM to a text file, which … can remain invisible to the person creating the text file. And the BOM can cause serious problems when Google tries to read the file. …

[W]hen your robots.txt file contains the UTF-8 BOM, Google can choke on the file. And that means the first line (often user-agent), will be ignored. And when there’s no user-agent, all the other lines will return as errors (all of your directives). And when they are seen as errors, Google will ignore them. And if you’re trying to disallow key areas of your site, then that could end up as a huge SEO problem.

Also of note: Just because a large portion of your traffic comes from the same IP addresses doesn’t mean it’s a bad thing. A friend of mine found this out the hard way after he ended up blocking some of the IP addresses Googlebot uses while being convinced those IPs were up to no good.

Another horrific situation I’ve run into was when someone had the bright idea to block crawlers to get pages out of the index after a subdomain migration. This is never a good idea, as crawlers need to be able to access the old versions and follow the redirects to the new versions. It was made worse by the fact that the robots.txt file was actually the shared for both subdomains, and crawlers couldn’t see either the old or the new pages because of this block.

Manual penaltiesgoogle-penalty-blue-.jpg

Just hearing the word “penalty” is scary. It means you or someone associated with the website did something wrong — very wrong! Google maintains a list of common manual actions:

  • Hacked site
  • User-generated spam
  • Spammy freehosts
  • Spammy structured markup
  • Unnatural links to your site
  • Thin content with little or no added value
  • Cloaking and/or sneaky redirects
  • Cloaking: First Click Free violation
  • Unnatural links from your site
  • Pure spam
  • Cloaked images
  • Hidden text and/or keyword stuffing

Many of these penalties are well-deserved, where someone tried to take a shortcut to benefit themselves. With Penguin now operating in real time, I expect a wave of manual penalties very soon.

A recent scary situation was a new one to me. A company had decided to rebrand and migrate to a new website, but it turned out the new website had a pure spam penalty.

Unfortunately, because Google Search Console wasn’t set up in advance of the move, the penalty was only discovered after the migration had happened.

Oops, I broke the website!

One character is all it takes to break a website. One bad piece of code, one bad setting in the configuration, one bad redirect or plugin.

I know I’ve broken many websites over the years, which is why it’s important to have a backup before you make any changes. Or better yet, set up a staging environment for testing and deployment.

Rebuilding a website

With any new website, there are many ways for things to go horribly wrong. I’m always scared when someone tells me they just got a new website, especially when they tell me after it’s already launched. I get this feeling in the pit of my stomach that something terrible just happened, and usually I’m right.

The most common issue is redirects not being done at all, or developers arguing that redirects aren’t necessary or too many redirects will slow down the website. Another common mistake I see is killing off good content; sometimes these are city pages or pages about their services, or sometimes an entire domain and all the information will be redirected to a single page.

Issues can range from very old issues that still exist — like putting all text in images — to more modern problems like “We just rebuilt our website in Angular” when there was no reason for them to ever use Angular.

Overwrote the file

This scares me the most with overwritten disavow files, especially when a copy is not made and the default action happens to overwrite, or with an .htaccess file where redirects can easily be lost. I’ve even had shared hosts overwrite .htaccess files, and of course, no email is ever sent of the changes.

I don’t even know

In my years, I’ve seen some really random and terrible things happen.

I’ve seen people lose their domain because it expired or because they unknowingly signed a contract that said they didn’t own the domain. I’ve seen second and even third websites created by other marketing companies.

There are times when canonical tags are used incorrectly or just changed randomly. I’ve seen all pages canonicalized to the home page or pages with a canonical set to a different website.

I’ve seen simple instructions that sounded like a good idea, like “make all links relative path,” end up in disaster when they made canonical URLs relative along with alternate versions of the website, such as with m. and hreflang alternate tags.

SEO is scary

It’s amazing how one little thing or one bad decision can be so costly and scary. Remember to follow the rules, plan, execute and QA your work to prevent nightmares. Share your own tales of horror with me on Twitter @patrickstox.

Source: searchengineland

airs logo

Association of Internet Research Specialists is the world's leading community for the Internet Research Specialist and provide a Unified Platform that delivers, Education, Training and Certification for Online Research.

Get Exclusive Research Tips in Your Inbox

Receive Great tips via email, enter your email to Subscribe.

Follow Us on Social Media