Information Technology

Birdie+ features: Same pin-pull activation as the original Birdie alarm | 0.25 inches shorter than the original | Instant, 24/7 access to a Live Support Rep | Request and receive an “Excuse-to-Leave” call | Location sharing with emergency contacts | Six-month long battery lifeFollowing the success of the original Birdie alarm, the company recently rolled out a more compact, feature-rich successor, the Birdie+. The Birdie+ embodies the sleek look and fun colors of the original, and it has the same pull-apart pin-activated alarm function. But being 0.25 inches shorter, it’s even more compact. Unlike the 1st-generation alarm, the Birdie+ uses Bluetooth and an app connection (both for iOS and Android) to enable 24/7 internet connection with access to a live emergency support line. The line can dispatch first responders directly to your location or just remain on the phone with you until you feel safe as a precautionary measure. Additionally, you can request an “excuse to leave call” to swiftly remove yourself from sketchy situations while immediately sharing your location with designated contacts. With one discrete tap on the button, you’ll get an immediate pre-recorded excuse-to-leave call. The Birdie+  may have ditched the circular strobe light, but the tap-to-control button provides easy access to the live support features, so you won’t have to fumble through the phone app. The Birdie+’s upgraded connectivity does come at a price — on top of the $39.95 for the hardware, there’s an added $89.99 annual or $8.99 monthly subscription fee. If you ask me, however, it’s a small price to pay for peace of mind and on-demand assistance. It’s also worth noting that She’s Birdie says that the app subscription will activate 30 days after purchase. More

Image: Getty/Tom Werner The way we work has changed. The rise of remote and hybrid working means that many office professionals are no longer tied to an office all of the time.  While working from home is a suitable option for many people, sometimes a change of scenery is nice — which is why some […] More

Image: Getty/Tom Werner The way we work has changed. The rise of remote and hybrid working means that many office professionals are no longer tied to an office all of the time.  While working from home is a suitable option for many people, sometimes a change of scenery is nice — which is why some […] More

Getty Images/Javier Zayas Photography Your security and privacy have both become critically important. Businesses are not the only entities that have to keep sensitive information from prying eyes. You might have bank account details, contracts, wills, and other files on your desktop that should be locked behind a password, so only you can access them. […] More

David Gewirtz/ZDNET So. Programming. For people who program for a living, it’s a constant game of mental Jenga: one line of code stacked upon another, building a tower of code you hope is robust enough not to come crashing down. But it always does. Code never works the first time it’s run. And so, one […] More

A glitch in a scheduled system upgrade has been identified as the cause of immigration delays at Singapore’s Changi Airport, which only recently was again named the world’s best airport.Long lines were spotted Thursday morning at the country’s airport where travellers usually would not need more than mere minutes to clear immigration. In a series of posts on Facebook and Twitter, Singapore’s Immigration & Checkpoints Authority (ICA) said it was experiencing “system slowness” at several passenger clearance checkpoints, including all automated departure lanes at all terminals at Changi Airport. Selected automated systems at the Woodlands and Tuas border checkpoints, through which travellers would enter neighbouring country Malaysia, also were affected.Immigration systems at coastal checkpoints were the only ones that were not disrupted. Passengers were advised to postpone non-essential travel and expect delays, as they would be redirected to manual lanes for immigration clearance. By 4pm the same day, automated immigration clearance at all checkpoints were back up and running.ICA said in a statement late-Thursday that preliminary investigations revealed a “technical glitch” had occurred during a pre-scheduled system upgrade, causing an “unanticipated system overload”. This brought down the automated immigration clearance systems, which affected all departure terminals at Changi Airport and arrival terminals at Terminals 2 and 4. ICA did not provide details on the system upgrade or whether the procedure was tested before the scheduled live rollout.Singapore Changi Airport earlier this month was named the World’s Best Airport for the 12th time at Skytrax’s World Airport Awards, which winners are voted by passengers. Singapore in recent years has placed emphasis on boosting the cyber resilience of its critical information infrastructures, including aviation, maritime, banking and finance, and healthcare. The country in 2021 tweaked its cybersecurity strategy to focus on OT (operational technology) and provided guidelines on the skillsets and technical competencies these sectors needed. The government had said this was critical to beef up the cybersecurity of OT systems, where attacks could pose physical and economic risks.Singapore defines OT systems to include industrial control, building management, and traffic light control systems that monitor or change the physical state of a system, such as railway systems.RELATED COVERAGE More

Singapore bank DBS’ second major online service outage in just over a year is “unacceptable” and indicative of its failure to ensure system availability. It now faces supervisory actions from industry regulator, Monetary Authority of Singapore (MAS), which said it placed great emphasis on the reliability of banks’ critical IT systems. DBS on Wednesday morning said via its Facebook page that access to its digital services, including its mobile payment app PayLah, was unavailable. The bank said its systems were “secure and uncompromised”, but gave no details on what caused the disruption in its initial and subsequent updates as the outage persisted throughout the day. Some customers reported being asked to reset their PIN when they tried to log into their accounts, prompting concerns of a scam. One customer said DBS should have posted a service notification on its login page and disabled all login attempts to ease such concerns. The bank’s online services were restored in the evening, about 10 hours after they went down. Noting that the latest incident came a year after a similar service outage in November 2021, MAS said DBS had “fallen short” of the regulator’s expectations to ensure high system availability and swift recovery of its IT systems. The bank had been instructed to run a full investigation so the root cause of the disruption could be identified, MAS said, adding that it would take supervisory actions once the necessary facts were established.DBS’ November 2021 service outage lasted two days and was caused by a problem with the bank’s access control servers, resulting in customers’ inability to log into their account. For the disruption, MAS had imposed on the bank an additional regulatory capital requirement totalling SG$930 million.Singapore in recent years has implemented tighter guidelines for the financial sector, as part of efforts to boost the cyber resilience of the country’s critical information infrastructures. These include technology risk management processes, such as having “strong oversight” of partnerships with third-party service providers to ensure data confidentiality as well as security controls and stress tests.RELATED COVERAGE More

Swept up in the ChatGPT craze like many others, a friend recently asked the generative AI platform who I was and to write up my personal profile.ChatGPT knew I was a journalist from Singapore who specializes in tech and that I was an old fart with more than 20 years of industry experience. Okay, it didn’t exactly say old fart, but it would have been accurate if it did.What ChatGPT didn’t get right was a bunch of pretty basic information that could easily have been found online. It shared incorrect dates of when I joined various media companies, even adding in publications I never wrote for. It listed incorrect job titles and gave me awards I never won.Interestingly, it pulled a list of articles I wrote from way back in 2018 and 2019 that were “particularly noteworthy and had a significant impact.” It didn’t explain how it assessed these for noteworthiness, but I personally didn’t think they were at all earth-shattering. What I thought would have made more sense were articles that generated a comparatively higher volume of shares or comments online, and trust me, some of the hate mail would have had a more significant impact than the ones the algorithm pulled. Also: The best AI chatbotsSo I would say my ChatGPT-powered profile is just about 25% accurate, though I wish this statement was true: “Eileen Yu is a respected and influential figure in Singapore’s media industry, known for her expertise in technology news and her commitment to journalistic excellence.” An old fart can indulge a little, can’t she?I suspect the inaccuracies are likely due to the lack of personal data ChatGPT was able to find online. Apart from the articles and commentaries I’ve written in the past, my online footprint is minimum. I’m not active on most social media platforms and intentionally so. I want to keep private information private as well as mitigate my online risk exposure.Call it a job hazard if you will, but my concerns about data security and privacy aren’t exactly unfounded. The less the internet knows, the harder it is to impersonate and the less there is to leak. Also: How to use Tor browser (and why you should)And with ChatGPT now driving even more interest in data, there should be deeper discussions about whether we need better safeguards in place.Cybersecurity threats and even breaches are now inevitable, and there are still too many that occur today due to unnecessary oversights. Old exploits are left unpatched and unused databases are left unsecured. Code changes are not properly tested before rollout and third-party suppliers are not properly audited for their security practices.More rigorous penalty framework neededIt begs the question of why companies today still aren’t doing what’s necessary to safeguard their customers’ data. Are there policies to ensure businesses collect only what they need? How often are companies assessed to ensure they meet basic security requirements? And when their negligence results in a breach, are penalties sufficiently severe to ensure such oversight never occurs again? Take the recent ruling on Eatigo International in Singapore, for instance, which found the restaurant booking platform had failed to implement reasonable security measures to protect a database that was breached. The affected system contained personal data of 2.76 million customers, with the details of 154 individuals surfacing on an online forum where they were offered for sale.In its ruling, the Personal Data Protection Commission (PDPC) said Eatigo had not put in place several safeguards, including not conducting a security review of the personal data held in the database. It also did not have a system in place to monitor the exfiltration of large data volumes and failed to maintain a personal data asset inventory or access logs. Furthermore, it was unable to establish how or when hackers gained access to the database. Also: These experts are racing to protect AI from hackers. Time is running out.For compromising the personal data of 2.76 million customers, including their names and passwords, Eatigo was fined a whopping… SG$62,400 ($46,942). That’s less than 3 cents for each affected customer. In determining the penalty, the Personal Data Protection Commission (PDPC) said it considered the organization’s financial situation, bearing in mind penalties should “avoid imposing a crushing burden or cause undue hardship” on the organization. The Commission did acknowledge a mere warning would be inappropriate in view of the “egregiousness” of the breach. I get that it’s pointless to impose penalties that will put a company out of business. However, there has to be at least some burden and due hardship, so organizations know there is a steep price to pay if they treat customer data so haphazardly. Exposing personal information can lead to potentially serious risks for customers. Identity theft, online harassment, and ransom demands, just to name a few. With consumers increasingly forced to give up personal data in exchange for access to products and services, businesses then should be compelled just as much to do what’s necessary to protect customer data and suffer the consequences when they fail to do so. Also: Best browsers for privacy and secure web browsingSingapore last October increased the maximum financial penalty the PDPC can impose to 10% of the company’s annual turnover if its annual turnover exceeds $10 million. This figure is $1 million for any other case.I would suggest regulations go further and apply a tiered penalty framework that increases if the compromised data is deemed to carry more severe risks to the victims. Health-related information, for instance, should be categorized under the topmost critical category, resulting in the highest financial penalty if this data is breached. Basic user profile information such as name and email can be tagged as Category 1, which carries the least — but not necessarily low — amount of financial penalty if breached. More personally identifiable information such as addresses, phone numbers, and dates of birth can fall under Category 2, with the corresponding higher penalty. A tiered system will push companies to put more thought into the types of data they make customers hand over just to access their services. More importantly, it will discourage businesses from collecting and storing more than is necessary. Also: The best VPN servicesThe Australian Information and Privacy Commissioner Angelene Falk, for one, has repeatedly underscored the need for organizations to take appropriate and proactive steps to protect against cyber threats. “This starts with collecting the minimum amount of personal information required and deleting it when it is no longer needed,” Falk said in a statement early this month. “As personal information becomes increasingly available to malicious actors through breaches, the likelihood of other attacks, such as targeted social engineering, impersonation fraud, and scams, can increase. Organizations need to be on the front foot and have robust controls, such as fraud detection processes, in place to minimize the risk of further harm to individuals.”Following a spate of large-scale data breaches that took place in 2022, the Australian government in November passed legislation to increase financial penalties for data privacy violators. Maximum fines for serious and repeated breaches were pushed from AU$2.22 million to AU$50 million or 30% of the company’s adjusted turnover for the relevant period. When businesses are recalcitrant, the most effective way to make them listen is to hit ’em where it hurts most — their pockets. And in this emerging era of AI where data shines even brighter in glistening gold, companies will be digging more fervently than ever. They should then be made to pay back in kind when they lose it. RELATED COVERAGE More