Non-Indian call centres and High Street shops on the way

These truly are strange times. BT is plotting a return to the High Street, unleashing hundreds of tech troubleshooters onto the unsuspecting public – and onshoring all of its call centres to Britain quicker than scheduled.

New broom Philip Jansen – who took over as CEO from Salesforce bound Gavin Patterson on 1 January – trotted out a flurry of announcements today; handy to deflect attention from declining sales and profits, or indeed the massive cost-cutting programme underway.

“We’re helping families and communities across the UK, and companies in Britain and around the world, to remove the barriers of today to realise the potential of tomorrow,” he said in a canned remark. “We’re starting a journey today with real changes that will have a positive impact.”

Back down on earth – or maybe not – BT said it is “reinventing what it means to provide great customer service”, in much the same way that, er, Dixons’ Knowhow team has done. The 900-strong team of “tech experts “ will be dispatched to people’s homes to help them install or fix their digital stuff. For business customers, the fleet of techies will “carry out personalised set-up of products and services that are most critical” to run organisations.

The service is free to existing customers and is said to cost £30 for non-BT customers. We presume this is per hour but have asked BT to clarify. We have also asked what the parameters for such visits are.

A year ahead of schedule, BT said that all of its customer calls will be answered from a UK call centre from January next year, bringing forward its previous pledge of January 2021 for this to happen. Separately, it will launch regional route calling so that the nearest open call centre takes the call.

In another nod to a bygone era the telco will also reappear on the High Street for the first time in 15 years. Some 600 EE stores will get a new lick of paint and sport dual branding, giving individual customers and small businesses “local access” to a BT employee who can get them online for the first time or flog gadgets to the unwary.

BT needs all the good news it can promote these days, what with the multi-year £1.5bn expense purge that includes exiting 90 per cent of its real estate in the UK and laying off up to 13,000 employees. So far the cost-cutting has helped improve BT’s profits for fiscal year ’19, though fiscal ’20 didn’t start so well. ®

Sponsored: Disrupting with data – challenges for digital native organizations

Yep, storage firm’s software pre-installed on HPE servers

Hyperconverged playa Nutanix opened its .NEXT conference in Copenhagen with a triple announcement: an HPE GreenLake deal, its software pre-installed on HPE servers, and integration with ServiceNow for automated incident-handling.

Six months after it first inked a deal with HPE around a subscription-access hyperconverged box, ending a spat over sales tie-ins, an expanded GreenLake deal sees Nutanix’s Enterprise Cloud OS software, including the AHV hypervisor, offered as part of a fully HPE-managed private cloud, with customers paying on a contractual basis.

Nutanix, which moved to a software-led biz model where it became hardware-neutral in May 2017, said it is initially focused on simplifying customer deployments of end user computing, databases, and private clouds.

The GreenLake/Nutanix deal can be ordered across the 50+ countries where HPE GreenLake is available. Customers have the option to outsource operations to HPE PointNext services.

When you play the game of HCI thrones, you win or you slowly shrivel up


The second part of the HPE announcement is a ProLiant DX tie-up. The duo are pushing Nutanix software – Acropolis, AHV and Prism – pre-installed on HPE ProLiant DX servers, and shipped from HPE factories.

The focus is on enterprise apps, big data analytics, messaging, collaboration, and dev/test.

ProLiant DX with Nutanix is generally available now.

SimpliVity under pressure

And what about SimpliVity’s new step-brother? Well, Nutanix software will still be visible to customers and the vendors have split support. This comes days after HPE’s adoption of the Datera server SAN into its product book. Both tie ups with Nutanix compete with HPE’s own SimpliVity HCI product.

Analyst IDC noted that Cisco’s HyperFlex HCI product overtook SimpliVity to take third place in HCI market revenue share in this year’s Q2. HPE also said SimpliVity sales grew just 4 per cent in its Q3, down from its 25 per cent growth in the previous quarter.

It looks like the SimpliVity product is not motoring fast enough to meet all of HPE’s HCI sales needs.


Nutanix has integrated its hyperconverged infrastructure system with ServiceNow’s IT Operations Management (ITOM) cloud service. Nutanix and ServiceNow users can automate incident handling with ITOM to highlight Nutanix systems data, HCI clusters, individual hosts, virtual machine (VM) instances, storage pools, configuration parameters and application metrics. They can also provision, manage and scale applications via Nutanix Calm blueprints, published as service catalogue items in the cloud computing firm’s Now Platform.

ServiceNow’s ITSM cloud is linked to Nutanix’s Prism Pro management facility and its X-Play automation engine. There is an X-Play action for ServiceNow, so IT managers can notify their team of incidents and alerts in the Nutanix environment, such as a host losing power or a server running out of capacity.

The ServiceNow capability is available now, through platform discovery for Acropolis and a Calm plug-in in the ServiceNow Store. ®

Sponsored: Disrupting with data – challenges for digital native organizations

Delicate thing doesn’t like turbulence, apparently

A second Airbus Zephyr high altitude pseudo-satellite (HAPS) drone, built for the UK’s Ministry of Defence, has crashed in Australia while on a test flight.

The 25m-wingspan aircraft reportedly crashed after encountering turbulence, according to a local news story.

It was being flown from Wyndham, a remote airstrip in a northerly part of Western Australia that lies around 442km (275 miles) southwest of Darwin. The crash was said to have happened on 28 September during routine flying.

With the Zephyr being a noticeably light and fragile craft, northern Australia’s predictable climate (hot, dry, sunny, generally calm winds) gives a much better chance of carrying out useful test flights without seeing the weather destroying the aircraft. Indeed, Airbus probably ought to be giving lessons to the British Army and Thales on weather conditions suitable for flying unmanned aircraft.

Unfortunately for Airbus, the £4.3m Zephyr surveillance drone encountered “clear turbulence” while climbing away from the airstrip which caused it to tumble out of control, as reported in depth by Flight Global.

Earlier this year another Zephyr crashed shortly after taking off for what was planned to be a month-long test flight. The electrically powered and unmanned aeroplane is designed to be able to fly for weeks on end without needing to land and refuel. Its wings are covered in solar panels, while propulsion is provided by a 300W electric motor driving wing-mounted propellers.

With a 5kg payload, as we reported back when the MoD started buying Zephyrs in 2016, the craft is intended to be used for surveillance and communications relay duties. Flying a HAPS is much cheaper than launching a satellite or renting airtime on someone else’s satellite. The operating concept of “persistent surveillance” using Zephyrs means a rolling programme of flying them over areas of interest and replacing them on station every so often.

The Zephyr-S started life with British defence tech firm Qinetiq before the programme was sold to Airbus in March 2013. The aircraft are assembled at Farnborough in Hampshire. ®

Sponsored: What next after Netezza?

That was just an unfortunate accident that ended up padding Jack’s bank account

Twitter says it was just an accident that caused the microblogging giant to let advertisers use private information to better target their marketing materials at users.

The social networking giant on Tuesday admitted to an “error” that let advertisers have access to the private information customers had given Twitter in order to place additional security protections on their accounts.

“We recently discovered that when you provided an email address or phone number for safety or security purposes (for example, two-factor authentication) this data may have inadvertently been used for advertising purposes, specifically in our Tailored Audiences and Partner Audiences advertising system,” Twitter said.

“When an advertiser uploaded their marketing list, we may have matched people on Twitter to their list based on the email or phone number the Twitter account holder provided for safety and security purposes. This was an error and we apologize.”

Twitter assures users that no “personal” information was shared, though we’re not sure what Twitter would consider “personal information” if your phone number and email address do not meet the bar.

“We cannot say with certainty how many people were impacted by this, but in an effort to be transparent, we wanted to make everyone aware. No personal data was ever shared externally with our partners or any other third parties,” the mea cupa reads.

UK ads watchdog bans Burger King Twitter jibe for condoning chucking milkshakes at politicians


“As of September 17, we have addressed the issue that allowed this to occur and are no longer using phone numbers or email addresses collected for safety or security purposes for advertising.”

Earlier this year, Facebook was handed a $5bn fine by the US government for playing fast and loose with the personal information of its customers. It is not clear what this incident could mean for Twitter legally, if anything. The FTC declined to comment on the matter.

Users, however, do not look to be happy with either the mishap or the way Twitter is handling the disclosure.

Aside from being a violation of privacy and potential legal liability for Twitter, the incident will have the added effect of making users less safe by discouraging them from using phone numbers and email verification as additional levels of security.

All in all, this is a bad look for Twitter that isn’t likely to go away any time soon. ®

Sponsored: Your Guide to Becoming Truly Data-Driven with Unrivalled Data Analytics Performance

Turns out the Feds make the CIA and NSA actually look good

The FBI routinely misused a database, gathered by the NSA with the specific purpose of searching for foreign intelligence threats, by searching it for everything from vetting to spying on relatives.

In doing so, it not only violated the law and the US constitution but knowingly lied to the faces of congressmen who were asking the intelligence services about this exact issue at government hearings, hearings that were intended to find if there needed to be additional safeguards added to the program.

That is the upshot of newly declassified rulings of the secret FISC court that decides issues of spying and surveillance within the United States.

On Tuesday, in a year-old ruling [PDF] that remains heavily redacted, everything that both privacy advocates and a number of congressmen – particularly Senator Ron Wyden (D-OR) – feared was true of the program turned out to be so, but worse.

Even though the program in question – Section 702 – is specifically designed only to be used for US government agencies to be allowed to search for evidence of foreign intelligence threats, the FBI gave itself carte blanche to search the same database for US citizens by stringing together a series of ridiculous legal justifications about data being captured “incidentally” and subsequent queries of that data not requiring a warrant because it had already been gathered.

Despite that situation, the FBI repeatedly assured lawmakers and the courts that it was using its powers in a very limited way. Senator Wyden was not convinced and used his position to ask questions about the program, the answers to which raised ever greater concerns.

For example, while the NSA was able to outline the process by which its staff was allowed to make searches on the database, including who was authorized to dig further, and it was able to give a precise figure for how many searches there had been, the FBI claimed it was literally not able to do so.

Free for all

Any FBI agent was allowed to search the database, it revealed under questioning, any FBI agent was allowed to de-anonymize the data and the FBI claimed it did not have a system to measure the number of search requests its agents carried out.

In a year-log standoff between Senator Wyden and the Director of National Intelligence, the government told Congress it was not able to get a number for the number of US citizens whose details had been brought up in searches – something that likely broke the Fourth Amendment.

Today’s release of the FISC secret opinion reveals that giving the FBI virtually unrestricted access to the database led to exactly the sort of behavior that people were concerned about: vast number of searches, including many that were not remotely justified.

For example, the DNI told Congress that in 2016, the NSA had carried out 30,355 searches on US persons within the database’s metadata and 2,280 searches on the database’s content. The CIA had carried out 2,352 search on content for US persons in the same 12-month period. The FBI said it had no way to measure it the number of searches it ran.

But that, it turns out, was a bold-faced lie. Because we now know that the FBI carried out 6,800 queries of the database in a single day in December 2017 using social security numbers. In other words, the FBI was using the NSA’s database at least 80 times more frequently than the NSA itself.

The FBI’s use of the database – which, again, is specifically defined in law as only being allowed to be used for foreign intelligence matters – was completely routine. And a result, agents started using it all the time for anything connected to their work, and sometimes their personal lives.

In the secret court opinion, now made public (but, again, still heavily redacted), the government was forced to concede that there were “fundamental misunderstandings” within the FBI staff over what criteria they needed to meet before carrying out a search.

Huh, imagine that

Those misunderstandings had somehow persisted even after a series of public Congressional hearings that discussed and reviewed the program.

Even after Wyden’s fierce questioning and calls for greater accountability, the FBI failed to document when the database was being searched and for what reason. As such the FISC judge, James Boasberg, determined in October 2018 that “without such documentation and in view of reported instances of non-compliance with that standard, the procedures seemed unreasonable under FISA’s definition of minimization procedures’ and possibly the Fourth Amendment.”

Or, in other words, the FBI was breaking the law and the constitution. And it did so tens of thousands of times between 2017 and 2018 – while at the same time promising Congress that everything was fine and it was only using the database for rare instances connected to national security.

*Microsoft taps your shoulder* Hi sorry yeah, we’re still suing US govt for right to tell people when they are spied on


To say Senator Wyden is unhappy about this turn of events would be an understatement. “Last year, when Congress reauthorized Section 702 of FISA, it accepted the FBI’s outright refusal to account for all its warrantless backdoor searches of Americans,” he said today in a statement.

“Today’s release demonstrates how baseless the FBI’s position was and highlights Congress’ constitutional obligation to act independently and strengthen the checks and balances on government surveillance.

“The information released today also reveals serious abuses in the FBI’s backdoor searches, underscoring the need for the government to seek a warrant before searching through mountains of private data on Americans. Finally, I am concerned that the government has redacted information in these releases that the public deserves to know.”

In short, little had changed in the security services’ approach since Edward Snowden revealed the scale and depth of spying operations carried out against US citizens and foreigners. Given the slightest opportunity to spy on citizens, the FBI will take it, lie about it and when finally caught, promise to do better next time. ®

Sponsored: Disrupting with data – challenges for digital native organizations

On the bright side, nothing from Adobe to install this month

October brings a relatively light patch load for admins and users, thanks to Adobe’s decision to sit out this month’s update bonanza.

Cloudy patch bundle from Microsoft

For Microsoft, the Patch Tuesday update is a manageable 59 CVE-listed bugs for Windows, Edge, Office, and Azure.

Among the nine critical issues patched this month is CVE-2019-1372, a flaw in Azure that allows end-users running on virtual machines to send and execute code on the host machines.

This is particularly bad because it is, in essence, both an elevation of privilege bug and a remote code execution vulnerability.

“An attacker could use this vulnerability to have an unprivileged function run by a user execute code at the level of System. That provides an attacker a nifty sandbox escape,” explained Dustin Childs of the Trend Micro ZDI.

“Microsoft gives this an ‘Exploitation Less Likely’ Exploit Index rating, but if you use the Azure App Service, don’t depend on that and do apply the patch.”

Aside from the Azure flaw, October’s update addresses many of the usual security holes in Microsoft’s offerings. Seven critical fixes address remote code execution flaws in the Chakra and VBScript tools that can be exploited through a poisoned web page.

The remote desktop client continues to be an area of concern, thanks to CVE-2019-1333. That flaw allows a bad actor to achieve remote code execution by tricking the mark into connecting to a malicious server.

While Microsoft doesn’t usually consider Office bugs to be critical, admins should also pay special attention to those flaws, including CVE-2019-1327. An attacker would be able to get remote code execution by tricking the user into opening a poisoned file.

Considering how often users in a business setting will open Excel spreadsheet attachments without a second thought, we would argue this flaw is just as dangerous as any browser-based flaw.

Windows 10 Mobile also got in on the Patch Tuesday fun this month, as the platform was subject to CVE-2019-1314. The security bypass flaw lets users work around the Cortana lock screen to access a device.

“Although Microsoft details the bug, they aren’t fixing it. Instead, they recommend users of Windows 10 Mobile disable Cortana on the lock screen,” explained Childs.

“If your organization uses devices with this OS, start rounding them up to make the change.”

No Adobe fixes, but Android needs patching

Notably absent this month is Adobe. The media giant has opted not to post any fixes for Flash, Reader, Acrobat, or any of its other offerings. The most recent Adobe release was the September 25 update for ColdFusion.

Meanwhile, there is a late-arriving monthly patch from Google for Android. The mobile platform has received a number of fixes, most notably patches for three remote code execution bugs in the media framework that allow attacks via poisoned files.

Those who have Google-branded devices can get the Android updates directly from the Chocolate Factory, while others will have to wait for their device vendor or carrier to get around to releasing the patch.

Eight patches from SAP

MacOS ‘Catalina’ 10.15 comes packed with exclusive security fixes – gee, thanks, Apple


SAP, on the other hand, was more than happy to take part in this month’s Patch Tuesday. The enterprise software powerhouse released patches for eight CVE-listed flaws.

Among the most serious were CVE-2019-0379, a security bypass bug thanks to a missing authentication check in NetWeaver and CVE-2019-0380, an information Disclosure bug in SAP Landscape Management.

Admins are advised to test and install all of the patches as soon as possible.

While October saw a reduced patch load thanks to the absence of Adobe and Google, those who dragged their feet on the updates for MacOS and Cisco may have those patches to install on top of today’s bundle. ®

Sponsored: Your Guide to Becoming Truly Data-Driven with Unrivalled Data Analytics Performance

Protect your business with Carbon Black

Webcast Stop press: there are miscreants out there, and they are looking to break into your computer systems and steal your data. But you knew that, right?

More interesting is that different countries can face very different threats. In today’s webcast, we will speak to Carbon Black about their latest cyber-security research data, study global trends, and drill into two specific countries, with findings such as:

Singapore businesses are facing a dramatically escalating threat environment in which attack volumes have grown exponentially in the past 12 months. In particular, Singapore’s strong government and local authority sector is proving an attractive target for cyber-criminals, with CIO, CTO, and CISOs in this sector reporting significantly elevated attack frequency.

In Australia, businesses are battling a sustained threat environment where attacks continue to grow in sophistication and complexity, making network breaches an all but inevitable consequence. 97 per cent of Australian organizations participating in the study said they have suffered one or more computer security breaches in the past 12 months due to external cyber-attacks.

But there’s more. A threat is only a threat if it isn’t challenged, so we’re looking to go beyond attacker behaviours and pose the question: what are organizations doing to defend themselves, in terms of tooling and process perspectives.

We’re going to ask what differentiates our focus countries, what to do in response, and, overall, how to set priorities, keep current, and plan for whatever is around the corner.

Click here to watch today’s webcast, brought to you by Carbon Black.

Sponsored: Your Guide to Becoming Truly Data-Driven with Unrivalled Data Analytics Performance

James Peebles will get half the prize, whilst Michel Mayor and Didier Queloz share a quarter

Three scientists have won the Nobel Prize in physics for the discovery of how the early universe evolved after the Big Bang and finding the first exoplanet orbiting a faraway star.

One half of the prize, a sweet 4.5 million Swedish kroner – about $492,800 or £368,400 – goes to James Peebles, 84, a Canadian-born retired cosmology professor from Princeton University. Peebles was instrumental in producing detailed analytical models describing the universe unfolding fractions of a second after it came to be, all the way until the present, and the future. Along the way, scientists uncovered new fundamental principles.

“James Peebles took on the cosmos, with its billions of galaxies and galaxy clusters,” said The Swedish Academy, an organization responsible for awarding Nobel laureates. “His theoretical framework, developed over two decades, is the foundation of our modern understanding of the universe’s history, from the Big Bang to the present day.”

His work revealed what the universe looked like when just 5 per cent of its contents was known, the other 95 per cent was made up of dark matter and energy. One of his seminal papers published in 1965 described how the first galaxies could only form when the universe had sufficiently cooled down enough for matter to clump together under gravity.

The energy leftover from the Big Bang is still observable today. As the universe expanded, the wavelengths have increased over time to become the cosmic microwave background.

“When I started working in this subject — I can tell you the date, 1964 — at the invitation of my mentor, Professor Robert Henry Dicke, I was very uneasy about going into this subject because the experimental observational basis was so modest. … I just kept going,” Peebles said over the phone during the Nobel news conference. “Which particular step did I take? I would be very hard-pressed to say. It’s a life’s work.”

The first exoplanet in 1995

The second half of the prize will be shared by two Swiss astrophysicists: Michel Mayor, 77, a researcher working at the Observatory of Geneva, and one of his doctoral students, Didier Queloz, 53, a professor at the University of Geneva and the University of Cambridge.

IN 1995 the pair found the first exoplanet, 51 Pegasi b, orbiting a main sequence star, 51 Pegasi, similar to our own Sun, about 50 light years away in the Milky Way. Mayor and Queloz will each receive a quarter of the prize money – 2.25 million Swedish kroner ($246,400 or £199,800).

Nearly 4,000 otherworldly planets have been confirmed so far. The most popular method used to scout out these bodies is the Doppler shift, which involves monitoring a star’s brightness levels over time.

If it is harbouring an exoplanet, it’s brightness should periodically dip as an orbiting body crosses in front of it. Other techniques like the radial velocity allow astronomers to estimate the exoplanet’s mass.

Mayor and his colleagues built a new type of spectrograph that made it possible for them to observe a large number of stars covering a patch of sky in wavelengths from 390 to 680 nanometers.

They hit the jackpot when they published their paper titled “A Jupiter-mass companion to a solar-type star” in Nature. They discovered that 51 Pegasi b was just eight million kilometers from its parent star, a distance closer than Mercury is to our Sun. They believed that it was a gas-giant planet that was brought closer to its star over time.

“Discovery opened our exploration of these brand-new worlds, and now 24 years later we are at the verge of finding out if we are alone in the universe,” Lisa Kaltenegger, an accomplished exoplanet hunter and director of Cornell University’s Carl Sagan Institute, commented.

“The next steps, inspired by the amazing discovery 24 years ago of the first exoplanet, is to collect enough light from these small planets in the habitable zone to figure out if there are signs of life in their atmosphere. We are already building the telescopes that can collect enough light to answer the fundamental question of whether we are alone in the universe – or not.” ®

Sponsored: Your Guide to Becoming Truly Data-Driven with Unrivalled Data Analytics Performance

‘Every voice matters’ unless there’s renminbi to be had

US games company Blizzard has caused a storm of protest after it suspended a professional gamer after he made comments in support of pro-democracy protesters in Hong Kong.

Chung Ng Wai is one of the best players of Blizzard’s Hearthstone game, going by the name “Blitzchung,” and was interviewed having just won a match of the game at an official in-person tournament on Sunday.

At the end of the interview, Chung repeated a protest slogan “Liberate Hong Kong, revolution of our time,” from his hometown of Hong Kong where protesters are clashing with the authorities over attempts to mainland China to exert greater control over the semi-autonomous’ city.

He was also wearing goggles and a face mask – the de facto uniform of protesters thanks to the extensive use of tear gas and facial recognition technology by the police. The face mask is especially politically charged at the moment thanks to a unilateral decision in the last week by Hong Kong’s chief executive Carry Lam this week to ban them.

In short, Chung used his game victory to make a political statement, albeit one that only lasted a few seconds, and has become a symbol of youthful defiance in his peer group. The two presenters hid their faces in response, giggled and cut to an advertising break, as you can see here.

Blizzard responded by banning him from the tournament with immediate effect, withdrawing the prize money he had already earned, and imposing a 12-month ban on him playing any Blizzard tournaments. The two interviewers have also reportedly been fired.

It then published its decision online citing a rule violation that allows Blizzard to ban anyone who brings themselves “into public disrepute, offends a portion or group of the public, or otherwise damages Blizzard image.”

We have asked Blizzard precisely which part of that rule it decided that Chung had broken, and if any representatives of the Chinese government had actually complained. We have yet to hear back.

But the harsh decision and punishment brought immediate condemnation from the company’s own players, with many expressing surprise and anger at the decision and some saying they would stop playing the company’s games in response.

Core values

The decision was extraordinary, not just because of its swiftness and severity, but because it goes directly against gaming culture and indeed Blizzard’s clearly stated “core values” – values it feels so strongly about that it had all eight of them cast in bronze and placed around a statue at its headquarters in California.

One of them is entitled “Every voice matters” and reads: “Blizzard Entertainment is what it is today because of the voices of our players and of each member of the company. Every employee is encouraged to speak up, listen, be respectful of other opinions, and embrace criticism as just another avenue for great ideas.”

Gamers are having a hard time reconciling those values with its decision to immediately ban one of its best gamers, with no appeal, for expressing what he is passionate about and has unique enthusiasm for, and how that is respectful to other opinions.

Of course the uncomfortable reality is that Blizzard reacted so swiftly and strongly not because Blitzchung made a political statement but because who that statement was directed at: China.

With the Hong Kong protests going into their fifth month and a growing concern that China may send in troops to the semi-autonomous city to silence the youthful protest in support of democracy, the issue has become both heightened and more sensitive, especially to businesses fearful of upsetting the Chinese authorities.

Thanks to China’s centralized and authoritarian political system, a company – particularly a foreign one – can see itself cut out of the huge Chinese market in an instant if it is deemed to have upset the authorities. It is a bind that many western companies have found themselves in.


China is particularly sensitive to calls for political reform and so messages in support of Hong Kong’s protesters, in any form, could lead to economic retribution. And it is that calculus that Blizzard executives clearly considered when banning Blitzchung.

But the severity and speed of the decision has infuriated many of the company’s customers, particularly because the protesters’ causes encompass the United States’ most closely held and deeply felt ethical values: freedom of speech and democracy. Surely a gentle non-public warning about not making political statements in an interview would have sufficed?

In short, in a choice between money and morals, Blizzard came out all guns blazing for money and burned one of its own biggest supporters without a shred of remorse or regret. By doing so, not only did Blizzard preemptively do the Chinese government’s censorship work for them, but the company became an extension of the Middle Kingdom effort to silence critical voices – the complete antithesis of its core values.

No wonder gamers are hopping mad. And they are not alone – US politicians on both sides of the political spectrum were quick to criticize Blizzard.

“Blizzard shows it is willing to humiliate itself to please the Chinese Communist Party,” said Senator Ron Wyden (D-OR). “No American company should censor calls for freedom to make a quick buck.”

“Recognize what’s happening here. People who don’t live in #China must either self censor or face dismissal & suspensions,” said Senator Mark Rubio (R-FL). “China using access to market as leverage to crush free speech globally. Implications of this will be felt long after everyone in U.S. politics today is gone.”

Blizzard is not the only tech company to be sucking up to China recently. Freedom-loving Apple caught flack after if banned an app called HKmap, which showed the city’s residents where to avoid riots and police actions, although the ban has since been lifted, and has also blocked Hong Kong and Macao residents from using the Taiwanese flag.


Blizzard’s decision may also not make poor financial sense: China contributes less than 10 per cent of its revenue, whereas the US accounts for more than half of its money. That said, Chinese firm Tencent does own a 4 per cent stake in Blizzard.

Here’s that hippie, pro-privacy, pro-freedom Apple y’all so love: Hong Kong protest safety app banned from iOS store


Blizzard faces the very real prospect of a boycott in the US for its spineless actions against a revered gamer who achieved a level of skill and success that most gamers aspire to. And, unlike the NBA, there are many more games companies that people can turn to – with the tap of a button.

“While we stand by one’s right to express individual thoughts and opinions, players and other participants that elect to participate in our esports competitions must abide by the official competition rules,” Blizzard concluded its decision to came down on top of Blitzchung.

No one believes it. The question, however, is how strongly gamers feel about a blatant act of censorship and how it was carried out. We will likely find out in a month’s time when the company hosts its annual Blizzcon in California where virtual tickets are $50. Blizzard is in a storm of its own making. ®

Sponsored: Beyond the Data Frontier

Nearly all admin warnings are false alarms, says Kaspersky, and that’s not a bad thing

Just one per cent of all Indicator of Attack (IOA) warnings are actually caused by network attacks.

This according to security giant Kaspersky, who analyzed (PDF) customer data over the first six months of 2019 and concluded that, 99 per cent of the time, alarms are being raised as the result of something other than a hacker.

The Kaspersky team analyzed more than 40,000 reports generated by its Managed Protection service and found that of those, just 515 were actually traced back to an attack on the customer’s network.

This isn’t unusual, says the security house. In fact, somewhat astonishingly Kaspersky argues that if you’re not up to your armpits in such reports, you’re doing something very wrong.

“If you don’t see a large number of false-positive events in your network, that probably means that you are missing a lot of important security incidents,” explained Sergey Soldatov, head of the security operation center at Kaspersky.

“Therefore, you should switch towards more wide-scale usage of Indicators of Attack methods, among other tools. While IoA-based alerts are much trickier to investigate due to the necessity to perform a lot of research to create efficient IoA and then a lot of manual analysis (when the IoA are triggered), our statistics show that these are most prone to false positives yet, they are the most effective and allow you to find really critical incidents.”

Here’s the thinking: IOA warnings are based on the behavior Kaspersky and other researchers notice hackers using while they carry out attacks on networks. Increasingly, those attacks are designed to mimic legitimate network activities.

If your org hasn’t had a security incident in the last year: Good for you, you’re in the minority


For example, Kaspersky said that 37 per cent of the attacks were taking place in code execution – a sign the attackers were hijacking legitimate processes to do their dirty work. Another 16 per cent of the attacks were detected performing lateral movement between systems on the network, another activity that happens legitimately every day.

In other words, companies are getting so many false positives from everyday activity because the bad guys are doing more to disguise their activities as everyday network traffic and system activity.

“The low IoA conversion rate reflects the need to detect advanced threats which use a ‘living off the land’ approach , with behaviors that are very similar to legitimate activity,” Kaspersky writes.

“The more a malicious behavior mimics the normal behavior of users and administrators, the higher the rate of false positives and, consequently, the lower the conversion rate from alerts.”

The alternative is that Kaspersky and other vendors could, you know, just produce better software that doesn’t deluge admins with false positives, but you shouldn’t hold your breathe on that score. ®

Sponsored: Your Guide to Becoming Truly Data-Driven with Unrivalled Data Analytics Performance