Welcome to the south coast of england, and the countrys biggest fortification, dover castle. They say a british mans house is his castle. This week, this castle is mine. Like every other home in the land, it needs to be well defended, because these days, it is constantly under attack. The walls may keep out burglars, but todays digital invader is wily and can worm its way in through the smallest gaps. Last weeks global cyber attack on companies in around 150 countries shows just how vulnerable systems can be, even if you are not fooled into clicking dodgy links. So this week, were looking at cyber security. Its me versus the bad guys out there. And they might be small, but theres a lot of them. So what can i do to shore up my defences . One way is through biometrics. Gadgets already recognise our fingerprint, and now banks are starting to identify us by using our voices. So, how secure is it . Is it possible, for example, to pick someones voice . We asked dan simmons to give it a go or most precisely, to find the one person who might stand a chance of breaking into his bank account. Thanks, ben. Well, one of the things that you might not know about me is that i am the only member of the click team to have a twin brother. Hi. His name isjoe, and we kind of sound quite alike. We kind of do sound quite alike. But i came out first, and hejust copied me. Yeah, well, for this report, its going to bejoe trying to copy me. Together . As we try to break into a bank. But first, were going to need some help. Yep, i really think this guy is going to help us. Right, good, good. All right, nice to meet you. If youd like to sit down. What were going to do first is i have this little analysis tool here. And what this will do is just detect, first of all, the pitch of your voice. This system that youre trying to break in is analysing your voice in lots and lots of different ways. So there will be about 100 different variables it is picking up on. Hello, id like to access my account, please, today. Hi, i wondered if i could access my account today. You see there are pretty big differences between them. So who do you think has the bigger adams apple, out of both of you . I cant see mine. Together yayayayahh. I wondered if i could make a withdrawal, today, please. A what . Laughs. Hi, id like to make a withdrawal. Thats like gimme the money at the same sort of time. Together yayayayahh. Together ayayayahh. Ive not spent two hours not to get your money. Youre going to get excited, thats whats going to happen. And your voice that will raise my voice, so. All ive got to focus on, its simple, ive just got to go slower. Five seconds. Just go slower. Its the first time ive tried to use the telephone banking service, and im not set up, so i am hoping. Laughs. How many how long do you want to make this . A bit shorter, ok, a bit shorter. That wasnt exactly the way you said it the first time. Id like to take everything out, today, please. That was. Id like to take everything out, today, please. That is that is gross. Thats not true. That is not true. Excellent, that is brilliant. Thank you very much. No worries at all whatre you dressed like that for . Well, were doing a job, arent we . Ive got a gun. You dont need a gun, do you . Your voice is your weapon. Take that off erica is the voice of nice nice is the voice Security Provider for citibank Credit Ca Rd Holders in the us, among others. Hi, nice to meet you, too. Joes going to try to break into my account, what chances do you think he has . Very slim. What advice can you give me to try and break into his account . Well, youve known him your entire life, so try to imitate his voice. She seems very confident about this what what why is it that you think that, maybe, my twin brother cant break into my account . Voice biometrics is the most accurate form of identification there is for access into financial institutions. Why . It registers over 100 different characteristics of voice. Half of them are personality, and the half are physical. And you do look a little bit different, and your voices are different, so you will have different vocal characteristics. So therefore, what percentage chance you think i have, then . It would be one out of several hundred thousand. How do you make it so that i can access my account, even if, like, at the moment, i have a little bit of a. Coughs. As i said, theres over 100 characteristics, and a cough or cold only affects about two. So we still have all those other characteristics to work with, and we still have identification. And has anybody fooled the system through the front door . Basically, pretending to be somebody theyre not . No. Can i ask another question . It might be a bit out the ballpark, but is this legal . I just dont want to look like a mug. With the niceties out of the way, i got to work giving the system a sample of my voice by speaking to it. I know that there might be people who might try to access my account, perhaps, so you need to be aware of that. Oh, ok, you are . 0k. Whilejoe kept himself busy. Im here to break into the account of dan simmons. Joe, you really dont need the gun. What do i have to do . Lets give this a shot. 0k . Hi, yes, id like to access my current account, if i can, please . Yes, its probably about £10, Something Like that. Yeah. Thanks very much. Thats great. Thank you. You failed but close. Wow, look at how close this is over here. Look at that. If we come over here, it you can see theres the threshold level, and that that is pretty close. That was not a bad first go. Thatjust came out of nowhere. First go, very good. It came out of absolutely nowhere that is how you test the system, isnt it . That is how we test the system. We tested with twins, and siblings, and imitators. You know, a fraudster wouldnt get three chances, and the reason a fraudster wouldnt get three cancers is that we would register the multiple failures, and it would dynamically increase the threshold on the third, and put a flag on the account. Right, that is not to say, of course, that is impossible, is it . Its not impossible. Its just very improbable. So, dan, your bank account is still safe, even though your twin got away with some pretty cool stationery. Yeah, the Old Fashioned way. Were you surprised that the voice attack didnt work . Yeah, iwas, actually. Because we really tried hard to match up our voices. You know, we used the voice coach and everything, and Itjust Bubbled under what we needed and couldnt get in. What about the simpler stuff that we have been asked by banks in the last few years, like my voice is my password, did you try that . Oh yeah. We had a crack at that. To get into my account, my twin needs my code and my account number, two things i have helped him outwith. He also needs to know my birth date, but thats probably something he already knows. The question is, can my voice print give me any extra protection . Secret bank, were not getting any bank names away. Good afternoon. Welcome to hsbc. Oh, its. Please give us your code. 0h. Ive got this one. Now, interestingly, it is the pin number, and the account number, which, if you are from the days from the old cheque book, then both of those things used to be printed on objects. So if youve got an old cheque from somebody you already know that. Your date of birth. He knows my date of birth because we share the same date of birth. After the tone, please repeat the phrase my voice is my password. My voice is my password. Im sorry, i didnt quite get that. After the tone, please repeat the phrase my voice is my password. My voice is my password. Welcome to hsbc advance. The balance of your account is £121p credit. Im off to the bank for your available balance. I thought it would be more than that, dan. Laughs. Evil twin was in perhaps more surprising when you consider the Service Providers test their systems with twins to improve security. I can get into other accounts, apparently, dan, so. Hsbc told us. Sojoe actually did break into your real bank account . Yeah, my real bank account. So in this particular case, that wouldnt be a great defence. You need to remember he is my twin, and not many people have one of those. Good point. But computers can emulate peoples voices, these days, weve seen people being fooled in the same way as we have by photoshop pictures. Yeah, i i dont think thats going to work. Do you mind if it we give it a go . Be my guest. Well, im thinking tower of london. Yeah, the crown jewels. First off, i need to record dans voice, so i caught him after work, discussing his next big break in. Next, i sent the recording to a voice mimicking outfit called lyrebird. Here is their version of donald trump. I am not a robot, my intonation is always different. Not bad in fact, i have to say, great, the best. We are working with Security Researchers to figure out what is the best way to proceed with this. And this is one of the reasons we have not published to the public yet. The Developers Hope that the technology could be used to give people their voice back if they lose it to illness or an accident. But they are aware that it could be used to fake a voice id. Its a scary application, but. One idea we are considering is to watermark the Audio Samples that we produce. So we are able to detect immediately if it was generated by us. Oh, so theyre not quite ready to help you. Close, ben, but no luck. A few years, though. The banks are actually going to. They have come up with something quite new, that even if you have somebodys details, theirfingerprint, you could even perfectly replicate their voice print. All right. Youd still not be get in. I know because ive tried to hack in. Major security no no man works at an undisclosed financial institution. 0h. He manages innovation, because they have an innovation unit. So whats he been innovating . Just watch the way he uses his phone, because his Security System is doing just that. And even with all his login details, ill need to replicate how he holds, taps, and tilts his device. Ha, hi chris, would you mind lending me that for a moment . No luck. Its beaten me. Thatll be yours, then. Thank you very much. Cyber security headlines this weeks tech news, and more on wannacry, the spyware attack on windows 7 computers, with the hackers threatening to release the tools used by the nsa. The group threatened to release tools that threatens windows 10 as well as data stolen from central banks. It is also the week that htc released its Squeezy Selfie phone, with google revealing an app called lens which turns your Smartphone Camera into search engine. And spacex released a plan to carry your loved ones remains into space. Capsules of ashes will orbit for two years before entering the atmosphere as a shooting star. A reservation of orders out this world flight cost around £2000. The starters previous efforts though did not reach orbit. And finally in lighter news, over in latvia, this man achieved the first ever Human Parachuting jump from a drone. Rising to over 1000 feet with the help of 28 propellers and a communications tower, he landed safely with his parachute. gunfire its not looking good out there. I have retired to the inner sanctum. Dover castle was continuously defended for 900 years right up until the 19505. It was a really successful defence. But i wonder whether our homes these days are more vulnerable, especially since we are filling them with more and more connected devices. The internet of things. This is the family room at the heart of the castle where the lord and his family could relax with some pretty thick walls. The king could unwind with a game of chess. In the 13th century they did not have the internet of things, but they still had things. So how do we make iot more secure. Ken munro is my dinner guest, we keep hearing about these connected devices continually being hacked. Why is it so hard for manufacturers to make them more secure . It is not hard. Itjust needs some thought, some effort and sometimes spent doing it right. The manufacturer of iot things are trying to get to the market. And if someone comprises their security, do they carry on shipping 01 expose us as consumers . I would hope that security is Getting Better year on year with these things. I dont think so. I think it is getting worse. Everyone is piling into the market, Everyone Wants to jump on the bandwagon, doing Cheaper Products with less security and it seems like we are buying it. Dont worry about that, its fine. Just give me a hand with this. Thanks. In here i have got some iot devices. Here is one that i really like the look of. This is my wi fi doorbell. Great idea. It sends an image of what is going on at your door to your phone, fantastic idea. You can answer it when youre not home. Except you can look at the door, press this button and it will give you your wi fi key so you can hack the customers network. Ok, right. It beggars belief. Another one i love talking about, here we are in a castle, this is a smart door lock. So you can lock your doorfrom your phone. It also hooks up with voice control. So with amazon eco, you can say lock door. It doesnt do anything silly like unlock door, unless you hook it up to siri. There was an error on first commission. You could actually shout through the window unlock door, goes the burglar, and your door opens. This is a smart thermostat, lots of people have got these, the idea being you can control your heating from your phone when you are on the train home. But we found that actually you can hack them and do crazy things like Install Ransomware on them. You could hold your Heating System to ransom in the middle of winter. You can turn people heating off and demand a ransom to turn back on . It seems these gaps in our defences caused by our connected gadgets are proving to be a gift for attackers. Now, come on, really . A smart kettle . What is the problem with a smart kettle . You can boil a cuppa from your bed when you wake up. Really great idea. But this early version was not secured properly. You could sit outside someones house, point an aerial at the kitchen, and steal someones wi fi keys from their kettle. Could you maliciously boil water in someones house . You could steam up their window to your hearts content. Good lord. This is more secure. I have locked the doors. 0k right. How can we defend ourselves in our data if we have a home full of connected devices. Most of the toys and things i have shown you have been fixed already. You have to update your mobile app, to the app store, get your update. And with the software on your toy, make sure it is up to date. The manufacturers may have fixed the bugs. Would you buy a connected device for your children . Frankly i wouldnt, i dont think they are safe. One extra word of advice. I know it is boring, i know it is old hat, but please, please, make sure you have a good strong password on the app you use to talk to your toys. It looks like we have some unwelcome guests. I am going to hand over to laura for some important security that we should have paid more attention to. Ken, it is every geek for himself. The recent Ransomware Attack showed that you dont have to be personally targeted to end up being a victim. This first step would have protected you against that and many similar attempts to get inside the walls of your castle. One thing you need to do is to update the operating system, the browser and the applications that you use. These softerware are very incompetent, they contain bugs and some of these bugs are security vulnerabilities. There are many other ways that we could be making ourselves vulnerable. Whether people say, dontjailbreak devices. Used repeatable download applications because without that you are bypassing all the security that has gone into them. At some point you will lose one of your devices, when you set up your device in the first place, just ask it to encrypt your storage. Even if you dont think you have anything of value, your contacts are worth a lot of money to cyber criminals. If you are putting documents that you really dont want other people to see, then i advise not to put them in the cloud. If a website asks you to download something you are not expecting it, dont do it. Protect your family and your friends, protect your school and the companies you work for, remove that risk. Brilliant Security Tips there. Unfortunately, i think theyve arrived a little bit too late for me. Still, there you go. Thanks for watching and i really, really hope that i will see you soon good morning. Wednesday was a dry, settled, sunny day for most of us and we have some weather watchers pictures which help to illustrate that point, as you can see in worcester, with blue skies and sunshine, and also in the london area. These two places were the hotspots through the day, with 26 celsius. Its worth just pointing out though, in wednesdays Satellite Picture we had some cloud up into the far north west and by the end of the day we also had some sea fog through the irish sea. Now that is going to be a bit of a nuisance over the next few hours and linger during the early morning. It is going to be a pretty muggy start to the day as well, temperatures widely into the mid high teens. So theres only one place for those temparatures to go, when we get that sunshine coming through. The fog will take its time to clear but it will do so and as we go through the morning, it will be a beautiful picture. A little bit of Fairweather Cloud developing into the afternoon, which may well be welcome news as those temperatures continue to climb. It is going to be a hot day in the south east. One or two spots generally into the mid 20s, maybe as high as 28 degrees and not much of a breeze either. A noticeable breeze down towards the south west and into south wales, but head further north ans west, again, we could see temperatures into the high 20s not out of the question. Northern ireland and western of scotland, a better day in comparison to yesterday and therell be more sunshine and more warmth as well. 25 for glasgow. We do it all again on friday. That south easterly breeze driving that heat further north. By the end of the day though, signs of a few showers gathering into the western part of Northern Ireland but it looks as though in sheltered areas of scotland, in the north west, we could see temperatures into the high 20s. Somewhere like inverness could see 29, maybe 30 degrees. Widely a very warm if not hot day across england and wales as well. Thats worth bearing in mind as well if you have any time outside, the uv level are going to be pretty high across the country, very high in the south east, and certainly worth bearing in mind. As we move out of friday, into saturday, we still keep the heat but there is a potential for these showers that i pointed out in Northern Ireland to become fairly widespread into the far north west. Some of these heavy and thundery as well. So the potential for some sharpish showers, a fresher feel here, but we still keep the heat. 28 30 degrees not out off the question into the south east corner. It is Bank Holiday Weekend this weekend so it is going to be a hot and humid start but it looks as though that Thundery Breakdown will arrive and then behind it somewhat fresher conditions look likely to follow on. Take care. Hello im tom donkin, welcome to bbc news broadcasting to viewers in North America and around the world. Our top stories more raids and arrests in the uk as Police Confirm their belief a network of accomplices helped the manchester bomber. Salman abedis father and brother have been detained in libya they deny allegations of any connection to extremist groups. Leaked photos from the scene of the bombing are published in the new york times. British investigators have expressed fury and astonishment. More tributes for the victims 16 have been named so far police say they know the identities of everyone who was killed
vimarsana.com © 2020. All Rights Reserved.