Eliana Willis

Image: Symantec
In less than a week, the Parliamentary Joint Committee on Intelligence and Security (PJCIS) has conducted a review into the Foreign Intelligence Legislation Amendment Bill that will allow for the practice of incidentally collecting the data of Australians, and recommended it be passed.The Telecommunications Interception and Access Act (TIA Act) previously banned the practice, but the government and its security agencies have argued that Australia has been falling behind foreign agencies. “The challenge with the existing foreign communications warrant is that the interception of domestic communications (communications that both start and end within Australia) is prohibited, even where that interception is inadvertent or unavoidable,” the PJCIS report said. The report said this approach made sense when interception warrants were introduced in 2000, and the main ways to communicate where telephone and fax lines, which had “reliable geographic identifiers such as country code, city code and exchange code”, but the use of the internet has changed that environment. “Advances in technology — particularly widespread use of internet‑based communications and mobile applications — mean that it can be impossible to know, at the point of interception, if a communication is foreign or domestic,” the report added. “Currently, to avoid breaching the TIA Act, intelligence agencies do not intercept foreign communications where there is even the smallest risk of incidentally intercepting domestic communications. This considerable constraint on the collection of foreign intelligence is creating the real risk that intelligence agencies are missing critical foreign intelligence.” The committee argued the changes would be accompanied by a set of “robust safeguards” including warrants only being able to be issued for obtaining foreign intelligence from foreign communications, the warrant request must specify the risk of interception domestic data, as well as having the Attorney-General create a mandatory written procedure that will cover screening domestic communications, destroying all domestic records captured, and that agencies need to alert the Inspector‑General of Intelligence and Security (IGIS) of when domestic data is captured.

The one loophole for keeping domestic data will be when communications “relates, or appears to relate” to circumstances that involve a “significant risk to a person’s life”. “Only in the exceptional circumstance where there is a significant risk to life will intelligence agencies be able to rely on inadvertently intercepted domestic communications. This exception will ensure Australia’s intelligence agencies can respond to, for example, an imminent terrorist attack,” the report said. Prior to the Attorney-General creating or modifying the procedure, they must consult with the Foreign Minister, Defence Minister, IGIS, and the head of ASIO. “The Attorney‑General must review the mandatory procedure as soon as practicable within one year of it being issued, and then every 3 years,” the report said. The Bill also includes powers allowing the Attorney-General to issue foreign intelligence warrants to collect “foreign intelligence on Australians in Australia who are acting for, or on behalf of, a foreign power”. This practice is also currently banned. “These amendments will close a legislative gap where foreign intelligence can be collected offshore on an Australian working for a foreign power, but that same intelligence cannot be collected inside Australia on that Australian under a warrant,” the report said. “There are circumstances where Australian citizens and permanent residents are of legitimate foreign intelligence interest. For example, where an Australian citizen is acting as an agent of a foreign state.” The committee said during its inquiry it had been assured that non-compliance would be reported to IGIS, and recommended the Bill be amended to the PJCIS would also be informed about changes to the procedure, and the committee could review the Bill within five years of it receiving assent. “The committee notes that this Bill aligns Australia with the Five Eyes community but with a stronger set of safeguards,” it said. “These are not powers that the Parliament provides lightly and the committee sees its role in reviewing the provision of such powers as one of its most important functions.” The Bill was referred to the PJCIS on Friday, and handed down its report on Wednesday after a single classified hearing. “It is not ordinarily the preference of the committee to conduct private inquiries nor to do so on an expedited basis,” it wrote. “The committee only agreed to in this instance because of the unique circumstances of this bill and the additional risks to Parliamentary sittings caused by the current COVID outbreaks.” At the time of writing, the Bill had cleared the House with amendments and was in its second reading in the Senate. On Wednesday, the Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020 cleared Parliament, and hands new powers to the Australian Federal Police and the Australian Criminal Intelligence Commission that would allow them to modify, add, copy, or delete data when dealing with online crime. The new powers have a sunset clause of five years. PJCIS justifying its proposed protections against Australia’s Five Eyes allies.
Image: PJCIS
Related Coverage More

Huawei has reportedly received licence approval from the United States to buy chips for the auto component portion of its business. Reported by Reuters, the United States has granted licences authorising suppliers to sell chips to Huawei for vehicle components, such as video screens and sensors. The licence approval from the United States is a shift from its usual position in relation to Huawei. The Chinese technology giant was added to the US entity list in 2019, which banned US companies from selling goods and technology to the company without special licences from government.The US then added further restrictions last year, banning overseas companies from selling chips to Huawei if they contained US equipment.During this time, the US has also rallied other countries to exclude Huawei from their 5G networks over spying concerns. Despite Huawei repeatedly denying the allegations, Australia, Sweden, the UK, among other countries have banned the networking equipment giant from their 5G networks. All of Canada’s major telcos have also gone elsewhere for their 5G rollouts and, although not officially banned, Huawei has not made any inroads in New Zealand after GCSB prevented Spark from using Huawei kit in November 2018.  In the face of these restrictions, Huawei reported a steep decline in its first-half revenue for 2021, with its business to the end of June reporting 320 billion yuan in sales, compared to 454 billion yuan at this time last year.

Automotive manufacturers have struggled to produce cars since the pandemic started due to chip shortages, with some countries’ car production being halved during that period. Ford, for example, lost around 700,00 vehicles that were planned for production in the second quarter of 2021, while General Motors has stated that losses caused by the lack of semiconductors could cost up to $2 billion in profit. RELATED COVERAGE More

Following a cybersecurity meeting at the White House on Wednesday, President Biden secured promises from major tech companies to spend significant sums improving the nation’s cyber resiliency. Microsoft and Google, for instance, each committed billions to specific cybersecurity investments. The meeting comes in the wake of a series of dramatic cybersecurity incidents, including the Colonial Pipeline ransomware attack that shut down gas and oil deliveries throughout the southeast, the SolarWinds software supply chain attack and an extensive hack on Microsoft Exchange servers.In a statement, the White House said a “whole-of-nation effort” is needed to address cybersecurity threats. To that end: Microsoft announced it will invest $20 billion over the next five years to advance “cyber security by design” and deliver advanced security solutions. The company also announced it will immediately make available $150 million in technical services to help federal, state and local governments upgrade their security.Google committed $10 billion over the next five years to expand zero-trust programs, help secure the software supply chain and enhance open-source security. The company also said it will help 100,000 Americans earn industry-recognized digital skills certificates.Apple will establish a new program to make the technology supply chain more secure. As part of that effort, it plans to work with its suppliers to drive the mass adoption of multi-factor authentication, security training, vulnerability remediation, event logging and incident response. IBM said it will train 150,000 people in cybersecurity skills over the next three years, and it will partner with more than 20 Historically Black Colleges & Universities to establish Cybersecurity Leadership Centers. Amazon announced it will offer Amazon Web Services account holders a free multi-factor authentication device. It also plans to make its security awareness training, which it currently offers to employees, free to the public.  The White House also received commitments from cyber insurance providers and educational organizations to improve the nation’s security posture. President Biden issued a cybersecurity executive order in early May, requiring federal agencies to modernize their cyber defenses. The Biden Administration earlier this year also launched a 100-day initiative to improve cybersecurity across the electric sector. On Wednesday, the administration announced the initiative has improved the cybersecurity posture of more than 150 electric utilities and would now expand to natural gas pipelines. Additionally, the White House Wednesday said the National Institute of Standards and Technology (NIST) will develop a new framework to improve the security and integrity of the technology supply chain.  To do so, it will work with partners including Microsoft, Google and IBM. More

“We have almost made the decision around which cloud meaningless to our customers,” says Elastic CEO Shay Banon, “because they can just go and pick and choose, and we integrate with the marketplace.”
Elastic Inc.
Enterprise search technology company Elastic this afternoon reported fiscal Q1 revenue that topped analysts’ expectations, and a surprise profit where analysts had expected a loss, and raised its forecast for revenue. The report sent Elastic shares up almost 4% in late trading. “Our cloud revenue grew 89%, year over year, we’re very proud of that,” CEO and founder Shay Banon told ZDNet in an interview via Zoom. “Next year, we expect to breach the $1 billion barrier,” added Banon. “We’ve very excited about our growth.Elastic’s total revenue in the three months ended in July rose 50%, year over year, to $193.1 million, yielding a net profit of 4 cents a share, excluding some costs.Analysts had been modeling $173.2 million and a 10-cent net loss per share.Total cloud revenue of $61.5 million made up a third of total revenue.

Elastic’s progress in cloud is being helped by the ability to have search function across different clouds where customers have workloads, Banon told ZDNet. Customers can deploy Elastic’s Elasticsearch software on Amazon AWS and also GCP, and search across the two, for example. Elastic “move the search, we don’t move the data,” meaning that customers information stays where it is hosted. “That’s pretty unique,” said Banon. The ability to span clouds can save money in terms of cost of data hosting, claimed Banon.”We have almost made the decision around which cloud meaningless to our customers,” said Banon, “because they can just go and pick and choose, and we integrate with the marketplace.” That integration has “required substantial investment on our part,” said Banon. “I’m happy to start to see it panning out.”In a separate release, Elastic announced it has agreed to acquire five-year-old security startup Cmdwatch Security, Inc., of Vancouver, British Columbia, also known simply as Cmd, for undisclosed terms. The startup will bring runtime security capabilities to Elastic’s observability and event management tools, with particular emphasis on protecting assets in cloud environments, including things such as Kubernetes installations.Banon said observability tools such as application management and DevOps are on course to merge with security tools. “There is another phase of consolidation that is going to happen in the next five years in the market, which is that observability and security are going to start to merge together,” said Banon. “Because while you observe, why not protect?”For the current quarter, the company sees revenue of $193 million to $195 million, and net loss per share in a range of 15 cents to 19 cents. That compares to consensus for $188.7 million and a 14-cent loss per share.For the full year, the company raised its outlook for revenue from a prior rang of $782 million to $708 million to a new range of $808 million to $814 million. That compares to consensus of $789 million. The company also lowered its outlook for profitability, forecasting a net loss of 57 cents to 67 cents a share, excluding some costs, below the prior outlook of 51 cents to 50 cents a share.

Tech Earnings More

Security, in both the physical and digital sense, is imperative for companies to deter trespassers and would-be thieves and to protect valuable equipment crucial for businesses to operate successfully.  A robust security setup can take the pressure off existing security staff and give business owners peace of mind out-of-hours. Luckily for organizations, the emergence of the Internet of Things (IoT) technology, mobile connectivity, apps, and cloud technologies has radically changed the security landscape and made it easier than ever to set up multi-room and on-premise systems. The possibilities are endless: cloud or local feed storage, customizable or automatic alerts and alarms, smartphones and tablet connectivity, wired or wireless, battery-powered or mains options, video capture, night vision, audio feeds of varying quality, and the ability to check-in, in real-time, are all on offer and can be tailored depending on the requirements of your business.  To make navigating the variety of hardware and vendor ecosystems available to today’s company owners less of a challenge, we have assembled our top ten picks for businesses. 

Flexible, mobile security solution without spending a fortune

Ring

It was once the case that to protect a business premise, heavy-duty, wired surveillance systems were the only options available. Times have changed and with the explosion in mobile solutions and the increased bandwidth offered by broadband and 4G/5G, there are mobile-friendly options for SMBs seeking a budget-conscious security option.  The benefit of the Ring camera range, including indoor, outdoor, stick-up, and floodlights, lies within its flexibility. Each camera can be connected to the same account and accessed via smartphone, alerting users to motion from all areas.  Of particular note are Stick Up Cams, which can be placed inside or outdoors and on flat surfaces or walls. Battery and wired options are available, as well as devices that come with a solar panel and backup battery pack. The Spotlight and Floodlight models, too, are of interest given their inbuilt security sirens.  As there are a variety of different cameras users can pick from, a mix-and-match set up to protect a premise is possible.Pros:Flexible and quick setupsProfessional monitoring availableBolt-on ecosystem additions available including outdoor camerasCons:Long shipping timeMultiple camera costs are high

Discreetly keep an eye out for intruders outside of hours

Nest

Google Nest cameras will be of interest to business owners already in the Nest ecosystem — including users of the Nest Thermostat, Nest CO2 alarms, as well as Nest X Yale Locks. The Nest Cam Indoor and Outdoor cameras are mobile options for on-premise security. They are best suited for budget-friendly users that need basic security measures in place. The cameras can record footage in 1080p HD, and when it comes to the outdoor version, this quality is maintained at night through infrared LEDs.  Both versions have inbuilt speakers and will alert users via their mobile devices if suspicious activity or visitors are detected by motion and noise sensors. Once the app has been installed and an account has been set up, monitoring begins.  The Nest Aware and Nest Aware Plus services will record everything 24/7 on a monthly or annual subscription basis. Nest Indoor cameras are priced at $129.99, whereas you can expect to pay $199 for an Outdoor camera. However, if you want a cheaper alternative, Google is set to roll out more budget-friendly, wired options.Pros:Easy setupMobile device monitoring and accessData analytics implemented to monitor hot spotsCons:Wired options not yet availableExpensive for single cameras

A cheap home security camera

Wyze

If you want to dip a toe into the world of IoT and intelligent home security devices, you may want to consider the Wyze Cam v3, one of the most affordable options on the market today.The Wyze Cam v3 is a $35 internet-connected camera offering 1080p recording, IP65 quality for indoor or outdoor use, a CMOS sensor designed to improve nighttime vision, a siren, and two-way communication.The camera can be part of a wider Wyze security ecosystem including outdoor cameras, motion sensors, leak sensors, keypads, and entry monitors. Pros:Additional security products on offer to create a wider security networkSmall, compact designCons:Only 14 days of cloud storage included (rolling), unless subscribed

Wireless monitoring for the workplace

Arlo

Another option is the Arlo Pro 4. This slimline, business-ready option can be used either in or outdoors, being a weather-resistant model with a variety of mounting options that can detect both sound and motion. The Arlo Pro 4, available in black or white, can work as a day-to-day camera on the shop floor; a discreet camera placed outside to act as a night watchman, or as a part of a full network of cameras in a large workplace. A spotlight to improve low-light recording is included alongside object scanning and detection.Arlo’s camera is compatible with Amazon Alexa, Google Assistant, and Apple HomeKit. Users will receive real-time alerts whenever motion or sound is detected and footage is captured in up to 2K HDR resolution. The vendor has also implemented Activity Zones which can be set to reduce unwanted or nuisance notifications.Pros:Six months of battery lifeMagnetic mountsCons:An Arlo Secure subscription is required for premium features 

Protection for multiple outdoor zones

Netatmo

The Netatmo Smart Outdoor Camera should be considered if outside security is the priority for your business.  This option is a weather-resistant camera substantial enough to be seen — and may potentially deter unwanted visitors by its presence alone — and does not purely rely on night vision. Instead, the camera is equipped with a floodlight that can be remotely enabled, disabled, or set to power up when motion is detected.  Users can also set up specific zones for immediate alerts and snapshots are taken to give users the option to check in further. The camera is compatible with iOS and Android, Apple HomeKit, Amazon Alexa, and Google Assistant. In addition, there is no subscription fee as users can choose to store recorded HD footage locally.Pros:Customizable alert preferences, useful for petsNo subscription requiredCons:Some users have reported long-term weather exposure issues

360-degree, panoramic coverage of your business premises

D-Link

The D-Link Vigilance DCS-4605EV will suit business users who want panoramic security coverage of the shop floor.  This camera is best suited for businesses concerned about vandalism as the camera has been specifically housed in a rugged casing to prevent tampering or damage. Another advantage of this camera is how weatherproof it is; being able to operate in a range of conditions and temperatures from 30 degrees C to 50 degrees C. The D-Link Vigilance includes a fixed 5-megapixel lens with a focal length of 2.8 mm and is able to record Full HD 2560 x 1920 pixel footage at a 20-foot range. Each camera can be connected to D-ViewCam, free surveillance software to manage a network of up to 32 cameras simultaneously. The camera also supports Power over Ethernet (PoE), to make deployment possible with a single cable.  The D-Link Vigilance is currently on offer for $256.Pros:Customizable video compression formatsRugged casingCons:Wired only

A must for do-it-yourself fans

Scout

Scout should be considered if you are a DIY fan and want to apply your hobby to home security.The company’s DIY system allows customers to pick the components they want — such as a hub, door panels, access and motion sensors, indoor cameras, and water detection devices. In addition, you can pick the color and finish suitable for your home (black or white) as well as the level of remote support you want. Scout’s product line is focused on mobility. Users pick their components, connect them to their mobile device, and then you’re good to go. Features include remote real-time access to activity feeds; false alarm checks; arming and disarming, and choosing how the DIY system reacts in different situations — such as how you want to be notified of motion at your front door. Packages range from a $229 starter kit containing a hub, door panel, one motion sensor, two access sensors, and two key fobs, to a large $549 package offered with a hub, door panel, one motion sensor, four access sensors, two key fobs, a smart lock, and glass break sensor. Customers can also pick-and-mix different components if they prefer.A 4G backup system is in place if home Wi-Fi cuts out and subscription-based professional monitoring is also available. Pros:FlexibilityNo hard-wiring requiredCons:Expensive start-up cost

Best for small homes and apartments

SimpliSafe

SimpliSafe is another worthy addition to our list and would suit users who need a flexible solution for smaller homes and apartments. SimpliSafe is a Wi-Fi-connected security solution backed by real-time monitoring in remote centers. While wired, in the case of a blackout, devices in the SimpliSafe range have backup batteries. The basic ‘Essentials’ package, starting at $181 (currently on sale), includes a base station, keypad, three entry sensors, and one motion sensor. At the time of writing, a free HD camera is also included in the bundle.Other packages and bolt-on options include panic buttons, freeze and water sensors, smoke detectors, and sirens. Pros:No drilling requiredStylish, discreet designCons:Assistance on offer for setup, but priced at $79

How did we choose these security cameras?

The requirements of home and business security cameras vary: the average consumer may lean toward an easy-to-install, budget-conscious product, whereas a company may be more inclined to invest in a more powerful alternative to protect valuable assets. In each case, we have considered as many aspects of a security system as possible, including recording capabilities, environmental use, and cost — both upfront and due to ongoing subscriptions.

Which is the right security camera for you?

When you are selecting your home security camera, you should consider the pain points at home or at your business location. What areas are the most important when it comes to monitoring? What assets do I need to protect? When might my home or premises be most vulnerable?If you’re working from home, for example, you might forgo constant video capture and a subscription, settling instead for clips and the ability to check-in while you’re away. However, if there is valuable stock in an office that is shut at night, you might pivot toward an option including night vision and constant video/audio feeds.

Are there alternatives worth considering?

While our top picks have included a variety of functions and uses, the below are still worth consideration.

Is it necessary to subscribe to a monitoring service?

No, but technology services now — ranging from streaming to IoT — will not usually stop at hardware: revenue models are pivoting to subscriptions, too. If you want constant monitoring and footage to be stored beyond a specific period of time, you may need to sign up.

Do I have to connect my camera to assistants like Amazon Alexa?

This bolt-on integration is usually added to make products more appealing and for the convenience for users, but you do not need to connect your home security system to anything else in your IoT ecosystem.

Will pets trigger alerts on a home security camera?

This was once a common problem with earlier forms of IoT and smart cameras, but vendors are constantly improving false-positive rates through improved object detection and the implementation of features such as ‘activity’ zones. 

ZDNet Recommends More