Category: Tech

SAP’s sales tactic of circumventing IT and enterprise resource planning (ERP) teams to go directly to business heads when selling its Rise cloud ERP product is putting pressure on IT leaders, analyst Gartner has warned.

Among the key challenges is SAP’s ambition to reduce customisation of the core ERP system, which simplifies upgrades but limits the ability to adapt the ERP to meet unique business requirements.

IT leaders are also likely to face practical hurdles when looking at how SAP Business Transformation Platform, which is part of Rise, can be deployed to move data in and out of the SAP system.

According to Gartner, it is only available in a limited number of cloud regions, which not only poses challenges related to latency but also raises data sovereignty concerns. In addition, IT leaders will need to account for data transfer costs incurred when moving data off the SAP cloud to other enterprise systems.

SAP’s latest results shows that its quarterly cloud revenue is reaching $5bn, an increase of 26%. According to a transcript of the earnings call posted on Seeking Alpha, CEO Christian Klein sees the migration of SAP customers to the company’s cloud subscription services as a key growth opportunity.

“Our very large cloud backlog and high recurring revenue share will be the foundation for double-digit total revenue growth in 2025 and for many years to come,” he said.

SAP Rise is very much part of this growth plan. SAP positions Rise as a business transformation system, which is sold as a subscription, and bundles S/4Hana and SAP’s Business Transformation platform (BTP) as part of the full service.

During the company’s latest earnings call, Klein said: “For all customers on their Rise journeys, we have been accelerating time to value while reducing the implementation costs of SAP projects with excellent AI tools.”

SAP is giving businesses a 50% discount to upgrade to the Rise platform, an incentive which has been applauded by the German SAP user group DSAG (Deutschsprachige SAP-Anwendergruppe).The user group had previously been critical of SAP’s plans to offer innovations such as artificial intelligence (AI) and a green ledger only on Rise.

While the product bundle does offer some organisations the ability to get value out of their SAP systems quicker, according to Gartner, SAP customers have reported that their senior management signed contracts without sufficient prior due diligence or a comprehensive understanding of how and whether Rise with SAP aligns with the organisation’s needs.

In a report, Our organization committed to Rise with SAP: What now?, Gartner noted that this leads to IT teams struggling to satisfy the directives from the business while simultaneously ensuring that the new system is compatible with existing infrastructure and organisational priorities. 

Although Rise is a managed service, Gartner said it has been told by Rise customers about the rigidity of the SAP delivery model. Unlike competitors’ managed service provider (MSP) services, Gartner said the split of responsibilities are not negotiable or adjustable to specific customer needs.

The authors of the Gartner report urged IT decision-makers to work with a system integrator (SI) throughout the duration of the SAP Rise contract to create a bridge between the standardised approach of the Rise model and the organisation’s unique business process and workflow requirements.

“Check with your sourcing team and IT teams if there is already a list of preferred suppliers with whom you can have initial discussions or if the current outsourcer has the capabilities to support the organisation with Rise as well,” they wrote.

An SI can offer skilled SAP Basis programmers and service managers who are able to navigate the intricacies and rigidity of the Rise with SAP delivery structure. However, while an SI can help navigate the complexities of Rise with SAP, Gartner urged IT leaders who work with an SI to consider retaining at least in part or all their SAP Basis team. Keeping certain activities in-house could mitigate the risk of long-term lock-in with the selected third party and enhance operational continuity.

Service level agreements (SLAs) are also something that differ between MSPs and SAP’ Rise. While MSPs tend to offer an SLA with 99.9% uptime, according to Gartner, Rise with SAP’s 99.7% SLA translates to a downtime of 2h 10m 24s each month. Higher availability is available at extra cost.

Another potential cost arises when organisations need to transfer data between their SAP Rise system and other enterprise applications. Gartner urged IT decision-makers to assess data transfer costs related to both ingress and egress from their organisation’s Rise account, along with any supplementary cloud services needed, such as transit gateways and virtual networks.

Source

The next big leap in electric vehicle design might not come from faster charging or better software, but from the battery itself doubling as the car’s frame. Scientists are developing a new kind of structural battery that could dramatically reduce weight while boosting performance, a shift that could reshape EV transportation.

Traditional lithium-ion batteries are powerful, but bulky. Their design forces engineers to build heavy, separate battery packs that take up space and limit efficiency. Structural batteries solve this by doing two jobs at once. They store energy and physically support the car.

Instead of hiding batteries in the floor or under the seats, the battery becomes part of the structure, like the roof or chassis. Researchers at Chalmers University of Technology in Sweden are leading this innovation. Their latest EV structural battery design uses carbon fiber as both an energy-storing material and a load-bearing component.

Image source: Christian de Looper for BGR

These new composites are light, stiff, and energy-dense enough to replace traditional materials like aluminum, and the benefits are massive. Swapping standard parts for structural batteries could cut an EV’s weight by 20%, allowing automakers to either increase range or install smaller, lighter powertrains.

Tech. Entertainment. Science. Your inbox.

Sign up for the most interesting tech & entertainment news out there.

By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.

In some cases, the driving range could jump by up to 70%. The same idea also applies to other industries, too. But starting with EVs is smart, as new battery tech has led to faster EV charging, but nothing has really solved the weight problem these batteries introduce.

This battery tech is made from carbon fibers coated with lithium iron phosphate (LFP) and bonded using advanced materials like reduced graphene oxide to improve performance and durability. Recent models reached energy densities up to 42 Wh/kg with stiffness comparable to aluminum, making them viable for real-world use.

While there are still hurdles, like improving the overall voltage output and switching to safer solid-state electrolytes, the technology is inching closer to commercial use. Brighter Side of News says a startup called Sinonus AB is already working to bring structural batteries to market, focusing first on lightweight electronics before scaling to vehicles and aerospace.

Source

At its .Next event in Washington DC this week, Nutanix announced its nodes would be able to use Pure Storage FlashArray arrays as external storage, with general availability later this year.

That follows a move last year in which it did something similar, but with Dell PowerFlex software-defined scale-out storage. We caught up with Nutanix CEO Rajiv Ramaswami (pictured above) to talk about that announcement and the implications for Nutanix.

To allow external storage, with Nutanix acting as mere compute – or not quite, as Ramaswami says here – breaks the bounds of the hyper-converged infrastructure (HCI) that Nutanix helped pioneer.

HCI saw compute and storage bundled together in nodes that could connect in grid-like fashion to form clusters, often with server and storage components scalable independently. This was a particularly attractive proposition to customers that lacked deep skillsets as they were relatively easily deployable and scalable.

So the idea that Nutanix should allow the use of external storage from third parties somewhat goes against the original principle it pioneered.

But it also opens up a market for Nutanix, which can offer hypervisor capabilities to customers currently seeking to escape VMware following changes that have resulted from its acquisition by Broadcom.

Here, Ramaswami talks to Computer Weekly storage editor Antony Adshead about the implications for the concept of hyper-convergence, plans to extend connectivity to any external storage, and questions of Nutanix’s scalability.

I’m particularly interested in the linkup with Pure Storage and Dell. So, what I gather is that in those situations where you use those as external storage, Nutanix becomes compute-only. So why, in that case, would people buy Nutanix at all when they could buy any compute?

First of all, I will just say it’s a little bit more than just compute-only. It’s compute plus networking, micro-segmentation and operations capability. So, the rest of the stack minus storage.

We didn’t do this in the past because most people have stayed on the VMware hypervisor, but now there is a lot of interest from customers that want an alternative to VMware. And if you think about what’s available out there, I think AHV [Nutanix’s Acropolis hypervisor] has emerged as one of the best options, and is why the storage providers are now interested in working with us.

And that’s why you heard from early access customers for the Dell option with PowerFlex. You saw Moody’s on stage yesterday. They’re interested in it, and they’ve been an early access customer. So, the landscape has changed around us.

What’s stopping you just opening Nutanix up to any external storage? In other words, what are the engineering hurdles?

When we did the Dell PowerFlex integration, that was more of a one-of-a-kind, because Dell PowerFlex is a unique scale-out array.

As we start doing Pure, there’s an opportunity to build a more standardised approach towards integrating third-party storage. I’d love for us to get to a point where we can just have a self-certification programme, through which we can onboard new storage platforms. We’re not quite there yet.

What, specifically, is the engineering involved?

We definitely looked at VMware. They had vVols as one of the ways of doing this. We don’t have an equivalent. We never focused on this in the past with our hypervisor, because it wasn’t a part of our platform. We weren’t doing third-party storage support.

So now, as we started doing it, Dell PowerFlex was kind of a unique thing, because that’s a unique array. That’s different from the rest. It’s scale out, not scale up, and it’s IP only. With the others, we want to take a more standardised approach, with Pure and then beyond Pure.

The link-up with Pure allows for quite an expansion in terms of scale, in terms of storage nodes, etc, so is this move in some ways an admission that Nutanix has been limited in terms of its ability to scale?

I don’t think this is an issue of scaling at all, because even yesterday we had Micron talk about how it has built fairly massive scale.

So, this is not about scaling, in as much as, if you look at the total market out there, we have been trying to eat into the external storage market for many years. And HCI across VMware and us – the two big players – has taken over maybe 20% of the market after all these years.

The pace of migration in these things is slow. So, there’s still 80% of the market out there on three-tier, not necessarily because HCI can’t scale, but because there’s a lot of inertia in the system. People just don’t move.

So, to me, the reason for doing this was more that other 80%, some of which we will continue to convert to HCI. For the rest, I think we can get in there with the compute-only platform, and then at some point, once we are in there, maybe someday they’ll start converting portions of it to HCI.

Source

Google I/O 2025 kicks off on Tuesday, and we expect the keynote to focus entirely on AI announcements. Last week, Google unveiled the top Android 16 upgrades, including the new design, better security, and Gemini replacing Google Assistant on every smart device.

Google I/O might as well be called Gemini I/O at this point, though. AI has been its biggest priority since ChatGPT arrived, and Google has been making significant progress in the field over the past few years. The newest Gemini models have been a success, with Google continuously tweaking their performance and adding new features.

For example, Google has just updated Gemini 2.5 Pro to improve its coding abilities. It also brought image generation and editing support to Gemini users. Google also included Audio Overviews in the Gemini experience, a previously NotebookLM-only feature that lets you turn research reports into interactive podcasts.

I said more than once that I’d love ChatGPT to get a similar feature to make consuming the detailed Deep Research reports from OpenAI’s models easier. I don’t know whether we’ll see such an upgrade from OpenAI anytime soon, but Gemini might get something even better than that, and the feature leaked ahead of a potential I/O 2025 reveal.

Tech. Entertainment. Science. Your inbox.

Sign up for the most interesting tech & entertainment news out there.

By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.

I’ve often used the ChatGPT Deep Research feature since it was released a few months ago. But I’d love an easy way to listen to the reports while I run, especially those I don’t have to read right away. That’s what Audio Overviews offer Gemini users.

I’ve also often wondered when I’ll be able to tell ChatGPT to make me videos that explain certain concepts. I ask the AI to give me graphical representations for certain ideas or make graphs for others. But that’s about it. What if the AI could create video tutorials/summaries on the spot?

It turns out that Google might be working on that sort of functionality, which might be available to Gemini users in the future as a Video Overviews feature.

Nothing has been confirmed, and Google’s I/O event kicks off this Tuesday, but TestingCatalog has found evidence that such an all-in-one product might be coming to Gemini soon.

The blog looked at Illuminate, a Google AI experiment that lets you turn content into AI-generated audio discussions. That sounds like NotebookLM technology at play, but it’s a different product. TestingCatalog says a new Illuminate version has been rolled out, packing features that are hidden from most testers.

The blog says that Illuminate might let users create Audio Overviews for all sorts of content, not just research papers. Classic books like Alice in Wonderland and The Great Gatsby might also be supported.

The new UI features experimental controls, such as an Edit button, caption toggles, and a cover image generation tool.

However, the most interesting new Illuminate feature is a section called Sparks that’s in Early Preview with the following description:

Imagine any question could be instantly transformed into a short video, 100% AI-generated.

Now, this is a reason to get excited about a Video Overview feature coming to Gemini in the near future. TestingCatalog shared several samples on X that reveal how the feature would work. You’d give the AI a question, and Illuminate will create a video complete with audio commentary that addresses the prompt.

These clips are between one and three minutes long, so they could hardly cover a large ChatGPT Deep Research report. However, they’d be perfect to explain all sorts of concepts with the help of visual cues. It would make understanding certain topics even easier, while others might be more entertaining to certain audiences.

It’s unclear what AI models the experimental project uses. The blog speculates that, due to the high quality of the videos it can put out, it might connect a video generation tool like Veo 3 to a multimodal next-gen version of Gemini, a Gmini Ultra tool that Google could always unveil at I/O 2025.

Also, the videos keep the podcast-like experience in place, with AI-generated hosts discussing the topic. Therefore, the Sparks feature could always become some sort of Video Overview feature across Gemini-powered products.

As exciting as all of that might be, we should all remember that AI tech isn’t cheap, especially the kind that lets you generate videos from scratch. The longer and the higher quality the clip is, the more expensive it might be. I wouldn’t expect Video Overviews to be as widely available as Audio Overviews anytime soon. Also, you might have to pay for it via a Gemini subscription.

But the ability to tell AI to illustrate a concept, a piece of research, or a book in video form is definitely exciting. Such tech should get better and more widely available in the future, and I can’t wait for OpenAI to bring a similar tool to ChatGPT. 

While we wait for Google’s big AI announcements at I/O 2025, you can check out more Sparks samples at this link.

Source

Last year, Chromecast digital media players became the latest product line to enter the Google Graveyard. Google dumped the brand in favor of its Google TV Streamer, but Walmart appears to be picking up the slack with a new budget streaming device called the Onn 4K Plus.

As spotted by 9to5Google, the device launched this week without any promotion from Walmart. There had been numerous leaks spoiling the existence of the Onn 4K Plus as early as last year, but it’s now suddenly available to buy on Walmart.com.

All the details about the new Onn 4K Plus. Image source: Walmart

Priced at just $29.88, it’s a rather capable device, with a quad-core Cortex-A55 CPU, G310 V2 GPU, 2GB RAM, and 16GB of storage. The Onn 4K Plus can stream in 4K Ultra HD resolution, supports Dolby Vision and Dolby Atmos, and runs Google TV, giving users access to 700,000+ movies, shows, and more across 10,000+ apps, and 800+ free live TV channels.

The streaming box also comes with a voice remote that features branded buttons for YouTube, Netflix, Disney+, and Paramount+, as well as a Free TV button. You can press the button at the top of the remote to activate Google Assistant for voice commands.

Tech. Entertainment. Science. Your inbox.

Sign up for the most interesting tech & entertainment news out there.

By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.

For now, the Onn 4K Plus is only available in the US and will be region-locked everywhere else, so unless you live in the US, you can safely skip this streaming device.

Why exactly Walmart has done nothing to advertise this new release remains a mystery.

Source

In its second international trade deal in the space of a week, the UK government has secured a major trade deal with the US that leaves Britain’s Digital Services Tax unchanged and potentially opens the doors to a future UK-US technology partnership via which the science and tech sectors in both countries will collaborate in areas such as quantum computing.

The UK Digital Services Tax (DST) was introduced at the height of the Covid-19 pandemic in the spring of 2020, and applies a 2% levy on search engines, social media platforms and online marketplaces that make worldwide sales of more than £500m and derive £25m of that total from the UK. This includes the likes of Google, Meta and Amazon. At the time, it was estimated that it could contribute over £500m to the economy. The true figure is thought to be much higher.

However, amid a swathe of Executive Orders (EOs) issued at the start of his second presidential term, Donald Trump directed the US government to take action to “defend” US companies and innovators from DSTs, which have been enacted by other countries besides the UK.

Trump had accused other governments of exercising undue extraterritorial authority over American tech business and said their officials had openly admitted they were “designed to plunder American companies”.

The president also said US partners were engaged in practices such as limiting cross-border data flows, requiring US streaming services such as Netflix to fund local productions, and charging network usage and internet termination fees. He claimed such measures violate US sovereignty, limit the competitiveness of its digital businesses and increases costs.

However, this has now been walked back because in place of changes to the DST, the deal instead provides for Britain and the US to start work on a digital trade deal to “strip back” paperwork for UK firms trying to export across the Atlantic. Westminster claimed that if successful, the deal will put “rocket boosters” on the economy.

The retention of the DST will come as a relief to many government insiders and outside observers who raised concerns that axing it could cause a backlash given Labour’s controversial changes to benefits and National Insurance contributions since the General Election. In March, MP Clive Lewis said the mere suggestion of killing it off would look “absolutely horrific” to the public.

Speaking after the deal was announced in Washington DC, prime minister Keir Starmer said: “This historic deal delivers for British business and British workers. My government has put Britain at the front of the queue because we want to work constructively with allies for mutual benefit rather than turning our back on the world.

“As VE Day reminds us, the UK has no greater ally than the United States, so I am delighted that eight decades on, under president Trump the special relationship remains a force for economic and national security. My government is determined to go further and faster to strengthen the UK’s economy, putting more money in working people’s pockets as part of our Plan for Change.”

Speaking at a press conference, Trump said: “The actual deal is a very conclusive one. We think just about everything’s been approved. It’s so good for both countries.

“Both countries have agreed that the economic security is national security and will be working together as allies to ensure that we have a strong industrial base, appropriate export controls and protections for key technologies and industries.”

US commerce secretary Howard Lutnick added: “This deal marks a new era in our relationship with the United Kingdom, our great ally. And more importantly this deal opens up an enormous multibillion-dollar export opportunity for hardworking Americans. While groundbreaking, this deal is the first of many as president Trump continues to deliver on his promises to the American people.” 

Cars and steel

The headline elements of the deal centre manufacturing and see car export tariffs dropped to 10% from 27.5% on a quote of 100,000 vehicles per annum – saving hundreds of millions of pounds for the likes of Jaguar Land Rover – and the elimination of tariffs on UK steelmakers. The UK has also secured new reciprocal market access on beef and will not have to weaken its food safety regulations to comply with US standards.

Work is set to continue on other sectors, including pharmaceuticals and other remaining reciprocal tariffs. However, the government also revealed that the US has agreed the UK is to get preferential treatment in any future tariffs imposed under Section 232 of the US’ Trade Expansion Act (1962) – the basis under which Trump has enacted his controversial tariff regime.

“This week, the UK government should be commended for securing a trade deal with India and now the US. A clear message is being sent to the international community: the UK is a fierce advocate of free and fair trade and a reliable partner with whom to do business,” said Rain Newton-Smith, chief executive at the CBI.

“As one of our largest trading partners, a strong relationship with the US will always be welcomed by business to bolster our mutual competitiveness and kickstart growth. Today’s agreement must pave the way for deeper cooperation, making both of our economies prosper and grow.

“As the dust settles, we need to understand the impacts and work with our allies to extend its reach. The government must also work with business to spell out exactly how it can make the most of the opportunities this deal creates,” said Newton-Smith.

Source

A growing number of ongoing cyber incidents affecting US operators of critical national infrastructure has prompted a cross-agency warning from the US authorities, with the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation, the Environmental Protection Agency, and the Department of Energy all weighing in.

In a jointly penned advisory, the organisations said they were “aware of cyber incidents” affecting the operational technology (OT) and industrial control systems (ICS) of CNI operators.

“The authoring organisations urge critical infrastructure entities to review and act now to improve their cyber security posture against cyber threat activities specifically and intentionally targeting internet connected OT and ICS,” said the advisory’s authors.

OT systems are incredibly easy targets for state-backed and financially motivated threat actors alike when connected to the internet, because they often lack up-to-date authentication and authorisation methods and can be found quickly by running searches for open ports on public IP ranges.

“Cyber threat actors use simple, repeatable and scalable toolsets available to anyone with an internet browser,” said CISA. “Critical infrastructure entities should identify their public-facing assets and remove unintentional exposure.”

Sean Tufts, managing partner for critical infrastructure and operational technology at Optiv, a security consultancy, said: “The industry has been working diligently on auditing N/S [North/South] traffic on the firewalls. We’ve seen great improvement in finding these connections and cutting them.

“What is currently left are mission-critical applications like SAP,” he added. “This is especially true in manufacturing, where workflow management has digitally transformed faster than security could keep up. Ensuring these connections are correctly configured and architected is a task measured in years, not days.”

Detailed advice

The full advisory – which can be downloaded here – contains additional guidelines on security OT and ICS estates. These include:

• Changing default passwords where possible and using strong, unique passwords – current trends seem to suggest that targeted systems all use default or easily guessable passwords. This is particularly important to do on public-facing internet devices that can control OT systems or processes.
• Securing remote access to OT networks – many CNI bodies or their contractors seem to have been making risky trade-offs when implementing remote access, and it is now time to reevaluate those. If remote access is a must, private IP network connections and VPNs should be used, as well as phishing-resistant multi-factor authentication. CNI operators may also like to consider reassessing who truly needs access to what, and to clear out dormant or unused accounts.
• Segmenting the IT and OT networks – to keep critical systems apart with a so-called “demilitarised zone” to pass control data to enterprise logistics. This cuts down the potential impact of incidents and reduces the risk of disruption to OT operations should a hacker try to come in via the IT estate.
• Practicing and maintaining the ability to operate OT systems manually – so that operations can be stood up again quickly if there is an incident.
• Keeping channels of communication open to their managed service providers, system integrators and system manufacturers – they may be able to help provide system-specific guidance for more obscure assets or help address misconfigurations.

Your systems are defenceless

Nic Adams, co-founder and CEO at 0rcus, a threat intelligence specialist, said: “Critical infrastructure systems are being targeted not because the attackers are sophisticated, but because the systems are defenceless.

“The threat is pure operational negligence,” he said. “If your control layer can be accessed without physical proximity, isolated network design and verified authentication, it is functionally compromised. Breaches now announce themselves with subtle logic changes, unauthorised sessions or misconfigurations missed during commissioning.

“Look past malware,” said Adams. “Treat every control asset as a live-fire target. If you haven’t tested under adversarial pressure, it won’t even come close to holding.”

He warned that CNI organisations that aren’t prepared to make the recommended changes risked “becoming the next headliner and laughing stock”.

Source

Artificial intelligence can work wonders in everyday life, especially when it comes to performing tasks that you’re sick of repeating. Below, we gathered three tips and tricks for asking ChatGPT and other models to improve your routine. We also have an article helping you create the best prompts possible when asking these AI chatbots to perform tasks for you.

Take meeting notes

If you’re always in and out of meetings at work or school, there’s a way to take notes without having to type them yourself. It’s possible to listen to and engage with the conversation while recording the data and after asking the AI to transcribe and/or summarize the call.

Here’s how you can accomplish that with ChatGPT:

• Record your meeting using Zoom, Voice Memos, or a similar app.
• Upload the audio file to a ChatGPT chat.
• It handles the rest: transcription, summary, and even a follow-up email draft if the user wants.

Write and reply to emails

It’s 2025, and AI should be writing emails for you. While BGR has recently written about Serif, an email assistant that can improve your inbox and catch up with everything, there are several other AI tools you can use to write and reply to emails, like Gmail’s AI assistant or Microsoft Copilot, which are able to draft, rewrite, and even auto-respond to emails in your voice.

Tech. Entertainment. Science. Your inbox.

Sign up for the most interesting tech & entertainment news out there.

By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.

ChatGPT can also do it for you, although you’ll have to copy and paste an email in the chat in order to get started. Here’s what it can do with your email:

• Write a response in your tone (professional, casual, firm, etc.).
• Improve grammar, clarity, or persuasiveness.
• Translate or localize if needed (e.g., English ↔ Portuguese/Italian).

Organize your jumbled thoughts

While Apple recently released a very interesting shortcut for those who get constantly interrupted while brainstorming or performing a task, there are other useful tips and tricks for AI agents that can help you organize your messy thoughts.

For example, you can dump unfiltered ideas, such as voice notes, bullet lists, and half-finished sentences, into ChatGPT to create polished blog posts, LinkedIn updates, social captions, and more.

Here’s how it works:

• Paste your raw notes or upload a voice memo.
• Tell ChatGPT what to do with it (e.g., “Make this a tweet thread about AI productivity”).
• Done: It will deliver a sharp, clean version in your writing style.

AI tips and tricks wrap-up

These are only three tips and tricks for using AI to make live easier. However, there are many more possibilities you could be taking advantage of. Just think of a task you perform repeatedly, and there’s probably an AI tool that can help you do it faster.

Source

The transformation needed for organisations in the UK to be ready for the threat of post-quantum computing will make preparations for the millennium bug, which threatened computer systems in 2000, “look easy”, cyber chiefs said today.

Ollie Whitehouse, chief technology officer (CTO) at the National Cyber Security Centre (NCSC), said preparing for post-quantum cryptography (PQC) will take “a complex change programme” and will be a “colossal task”.

The 10-year, UK-wide PQC programme will require organisations to identify every instance of cryptographic code, to understand whether it is vulnerable to attack by a quantum computer, and put plans in place to mitigate the risk. 

It mirrors the massive effort that the UK government and companies undertook to fix software throughout their estate when it threatened to malfunction on the first day of the year 2000 because of the way programmers calculated dates.

The risk today is that the development of a large-scale quantum computer in the future will compromise widely used cryptographic authentication techniques used to secure banking and other transactions, and to verify the authenticity of people online.

Nation states are also concerned about the potential for hostile nations to intercept, collect and store sensitive communications with the anticipation that they will later be able to develop a quantum computer capable of breaking their encryption.

Predicting when the first quantum computers capable of breaking today’s encryption algorithms will be developed is difficult, but technology suppliers are coming to a consensus that usable quantum computers could be available by the 2030s at the earliest.

The NCSC, part of GCHQ, issued guidance in March that set out a staged timeline for the UK’s migration to post-quantum cryptography – which uses encryption techniques that are not capable of being easily broken by quantum computers – by 2035.

“Over the last 30 years, cryptography has pervasively been adopted in all manner of software. And we’ve got far more software than we ever had 25 years ago,” said Whitehouse. “By virtue of that, the discovery activity, let alone the migration activity, is at least as complex, if not more so, than the original Y2K challenge”.

UK government departments involved in sensitive work have already deployed post-quantum cryptographic standards, while large companies, such as Google, have begun to deploy the technology in their cloud services.

UK government departments involved in sensitive work have already deployed post-quantum cryptographic standards, while large companies, such as Google, have begun to deploy the technology in their cloud services

A consultancy scheme, announced by the NCSC today, will offer help and expertise to organisations that want to deploy PQC in their products or networks.

The NCSC has advised organisations to identify which cryptographic services will need upgrades and to develop a migration plan by 2028. 

That will be followed by executing high-priority upgrades between 2028 and 2031, and a complete migration to PQC for all cryptography by 2035.

The aim is not to cause panic, but to ensure a smooth transition to post-quantum cryptography over the decade, say security officials.

Small and medium-sized companies will be able to rely on managed service providers to provide PQC upgrades for them. But for larger organisations and those in critical sectors, PQC will require extensive planning and investment.

The NCSC introduced the guidelines partly to provide ammunition to information security chiefs in critical industries to present to company boards to help them make a case for funding the transition to post-quantum cryptography.

The guidelines also aim to put the brakes on over-enthusiastic suppliers putting pressure on organisations responsible for critical national infrastructure to upgrade to PQC products that are not fully formed or appropriate for them.

Artificial intelligence (AI) poses another challenge for companies, giving them less time to patch their systems to protect them against the discovery of new security vulnerabilities before they are potentially exploited by automated cyber attacks.

Whitehouse said organisations must better manage their “technical debt”, a measure of the cost of updating software that may have been rushed out before it was fully ready or fully secure.

At the same time, technology suppliers will need to design and maintain products and services in a way that offers resilience against cyber attacks.

Not doing so risks repeating avoidable security failures that have manifested since the rise of the internet, said Whitehouse.

“Without radical and sustained interventions, we are at real risk of repeating the last 30 years, but with far graver consequences, if we do not address the fundamental market failures which have manifested,” he added.

Source

Class action settlement emails aren’t always a scam. If you recently received a Lopez Voice Assistant message, this is likely related to the Lopez vs. Apple Inc. settlement, and you can now reclaim part of a $95 million payout over allegations of Siri spying on private conversations.

The 2019 class action lawsuit revolved around Apple allegedly violating users’ privacy by recording their conversations and forwarding them to third-party contractors. While Apple agreed to the settlement earlier this year, the company denied the allegations that it was spying on users. That said, if you received an email about the settlement from info@lopezvoiceassistantsettlement.com, you’re entitled to a part of this payout.

As noted by The Verge, if you owned a Siri-enabled device, including an iPhone, iPad, Apple Watch, HomePod, or Mac, in the US between September 2014 and December 2024, and experienced Siri activating “on its own” while you were engaged in a private conversation, you can claim up to $20 per device for as many as five eligible devices on the settlement website.

While Apple still claims that Siri wasn’t spying on users, how can users trust the company? Earlier this year, when it accepted the settlement, Apple said it was committed to “its longstanding privacy commitment with Siri.”

Tech. Entertainment. Science. Your inbox.

Sign up for the most interesting tech & entertainment news out there.

By signing up, I agree to the Terms of Use and have reviewed the Privacy Notice.

“Privacy is a foundational part of the design process, driven by principles that include data minimization, on-device intelligence, transparency and control, and strong security protections that work together to provide users with incredible experiences and peace of mind,” Apple said.

“This applies to all of our products and services, including Siri, which has been engineered to protect user privacy and is the most private digital assistant.”

The company then made it clear that Siri voice data is not used for marketing profiles or made available for ads:

Apple has never used Siri data to build marketing profiles, never made it available for advertising, and never sold it to anyone for any purpose. We are constantly developing technologies to make Siri even more private, and will continue to do so.

The statement also explains how Siri protects user privacy. Apple explained that the assistant would use on-device processing whenever possible.

Apple also teased the arrival of the smarter Siri in Apple Intelligence, explaining how the Private Cloud Compute servers protect the privacy of Siri interactions that require server-side AI processing.

With that in mind, don’t forget to look at your Lopez Voice Assistant emails to ensure you get paid what Apple owes you.

Source