on monday and then northern ireland on monday and then the threat of moderate rain across the threat of moderate rain across the top half of scotland. elsewhere it will turn out to be a warm day. hello. this is bbc news with me ben brown. the headlines. president trump continues his visit to saudi arabia, where he's preparing to address gulf leaders on the need to confront extremism. party leaders will stop campaigning for an hour today labour renews its push to attract older voters, while the conservatives defend their plans to overhaul social—care funding. party leaders will stop campaigning for an hour today to remember the mpjo cox, who was murdered in her constituency last year. north korea has launched another missile test, according to the south korean military. it follows this test last week of a rocket said to be capable of carrying a nuclear warhead. now on bbc news, click. guards!

welcome to the south coast of england and the country's biggest fortification, dover castle. they say an englishman's home is his castle. this week, this castle is mine. like every other home in the land, it needs to be well defended, because, these days, it is constantly under attack. the walls may keep out burglars,

but today's digital invader is wily, and can worm its way in through the smallest gaps. last week's global cyber attack on companies in around 150 countries shows just how vulnerable systems can be, even if you are not fooled into clicking on dodgy links. so this week, we're looking at cybersecurity. it's me versus the bad guys out there. and they might be small, but there's a lot of them. so what can i do to shore up my defences? one way is through biometrics. gadgets already recognise our fingerprints, and now banks are starting to identify us recognising our voices. so how secure is it? is it possible, for example, to fake someone‘s voice? we asked dan simmons to give it a go, or most precisely, a go, or more precisely, to find the one person who might stand a chance at breaking into his bank account.

thanks, ben. well, one of the things that you might not know about me is that i am the only member of the click team to have a twin brother. hi. his name isjoe, and we kind of sound quite alike. we kind of do sound quite alike. but i came out first, and hejust copied me. yeah, well, for this report, it's going to bejoe trying to copy me. together: as we try to break into a bank. but first, we're going to need some help. yep, i really think this guy is going to help us. great, good, good. all right, nice to meet you. if you'd like to sit down. what we're going to do first is i have this little analysis tool here. and what this will do is just detect, first of all, the pitch of your voice. this system that you're trying to break in is analysing your voice in lots of different ways.

so there will be about 100 different variables it is picking up on. hello, i'd like to access my account, please, today. hi, i wondered if i could access my account today. you see there are pretty big differences between them. so who do you think is the bigger adam's apple, out of both of you? i can't see mine. together: yeah, yeah. hello, i would like to make a withdrawal. together: yeah, yeah. you are going to get excited and you will raise your voice. just got to go solo. it's the first time i've tried to use the telephone banking service, and i'm not set up, so i am hoping...

laughs. how long do you want to make this? a bit shorter, ok, a bit shorter. that wasn't axactly the way you said it the first time. i'd like to take everything out, today, please. that was. computer: i'd like to take everything out, today, please. i'd like to take everything out, today, please. that is — that is close. that's not true. that is not true. excellent, that is brilliant. thank you very much. no worries at all. what are you dressed like that for? well, we're doing a job, aren't we? i've got a gun. you don't need a gun, do you? your voice is your weapon. take that off! erica is the voice of nice — nice is the voice security provider for citibank credit card holders in the us, among others.

hi, nice to meet you, too. joe's going to try to break into my account, what chances do you think he has? very slim. what advice can you give me to try and break into his account? well, you've known him your entire life, so try to imitate his voice. she seems very confident about this, why is it that you think that, maybe, my twin brother can't break into my account? voice biometrics is the most accurate form of identification there is for access into financial institutions. why? it registers over 100 different characteristics with voice. half of them personality and the half are physical. and you do look a little bit different, and your voices are different, so you will have different vocal characteristics. so therefore, what percentage chance do you think i have? it would be one out of several hundred thousand. how do you make it so that i can access my account, even if, like at the moment, i have a little bit of a... coughs.

as i said, there's over 100 characteristics, and a cough or cold only affects about two. so we still have all those other characteristics to work with, and we can use those for identification. and has anybody fooled the system through the front door? basically, pretending to be somebody they're not? no. can i ask another question? it mightjust be a bit out the ballpark, but is this legal? with the niceties out of the way, i gave the sample of my voice by speaking to it. i know people might try and access my account, you need to be aware of it. joe kept himself busy. music plays.

i'm here to break into the account of dan simmons. joe, you really don't need the gun. what do i have to do? let's give this a shot. 0k? hi, yes, i'd like to access my current account, if i can, please? yes, it's probably about £10, something like that. yeah. thanks very much. yeah, that's great. thank you. you failed. but close. wow, look at how close

this is over here. look at that! if we come over here, it you can see there's the threshold level, and that — that is pretty close. that was not a bad first go. thatjust came out of nowhere. first go, very good. it came out of absolutely nowhere! very good. but that's how you test the system, isn't it? yes, that's how we test the system. we test it with twins, and siblings, and imitators. you know, a fraudster wouldn't get three chances, and the reason a fraudster wouldn't get three chances is that we would register the multiple failures, and it would dynamically increase the threshold on the third, and put a flag on the account. right, that is not to say, of course, that it's impossible, is it? it's not impossible, it's just very improbable. so, dan, your bank account is still safe, although your twin got away with some pretty cool stationery. yeah, the old fashioned way. were you surprised that the voice attack didn't work? yeah, iwas, actually. we really tried hard to match up our voices. you know, we used the voice coach and the rest of it, and itjust bubbled under what we needed and couldn't get in. what about the simpler stuff that we have been asked by banks to try in the last few years,

like "my voice is my password," did you try that? oh yeah, we had a crack at that. to get into my account, my twin needs my sort code and my account number, things i have already helped him outwith. he also needs to know my birth date, but that's probably something he already knows. the question is, can my voiceprint give me any extra protection? secret bank, we're not giving any bank names away. good afternoon. welcome to hsbc. oh, it's... please enter your sort code, or... oh, i've got this one. now, interestingly, it's the pin number, and the account number, which, if you are from the days from the old cheque book, then both of those things used to be printed on cheques. so if you've got an old cheque from somebody you already know that.

..your date of birth. he knows my date of birth because we share the same date of birth. after the tone, please repeat the phrase "my voice your password". the phrase "my voice my password". my voice is my password. i'm sorry, i didn't catch that. after the tone, please repeat the phrase "my voice my password". my voice is my password. welcome to hsbc advance. the balance of your account is £1.le credit. i'm off to the bank! for your available balance... i thought it would be more than that, dan. laughs. evil twin was in. perhaps more surprising when you consider the service providers test their systems with twins to improve security. i can get into other accounts, apparently, dan, so... hsbc told us. joe did break into your

real bank account. in this case, that wouldn't be a great defence. he is my twin and not many people have one of those. computers can emulate and clone voices. we have started to see people fooled in the same way we have been fooled by photoshop pictures. i don't think that will work. do you mind if we give that a go? be my guest. i'm thinking tower of london and the crown jewels. i need to record dan's voice. next i

sent the recording to a voice mimicking company in canada. here is their version of donald trump. not bad. i would have to say "great, the best". we are working with security searches to find out what is the best way to send. this is why we haven't made it public yet. the developers hope it will give someone back their voice if they lose it through illness or an accident, but they are aware it could be used to fake a voice id. it is a scary app, so one idea i have to work on is to mark the samples. we are able to detect this. they are not quite ready to help you. close, then, but no luck.

give it a few years. the bank have come up with something quite new. even if you have the details of someone, you have their fingerprints. you could replicate their voice print. you still wouldn't be able to get in. i know because, i've tried to hack in. major security no—no man works at an undisclosed financial institution. 0h. he manages innovation, because they have an innovation unit. so what's he been innovating? just watch the way he uses his phone, because his security system is doing just that. and even with all his login details, i'll need to replicate how he holds, taps and tilts his device. ha, hi! chris, would you mind lending me that for a moment?

no luck. it's beaten me. that'll be yours, then. thank you very much. cyber security headlines this week. things could get worse if the shadowbrokers goes ahead with its promise to release fresh batches of tools each month. it threatens to sell new code that

could compromise handsets and windows ten and data stolen from central banks. and space x offered to take your loved one‘s remains into space. capsules of ashes will orbit earth for two years before re—entering the atmosphere as a shooting star. a reservation costs around £2000. its previous efforts didn't reach orbit. finally, over in latvia, this man achieved the first—ever human parachutejump from a drone. rising to over 1000 feet.

he landed safely with his parachute. not looking good out there. i've retired to the inner sanctum. dover castle was continuously defended for 900 years, right up until the 1950s. it was a successful defence. i wonder whether our homes are more vulnerable.

as we are filling them with more and more connected devices. this is the family room at the heart of the castle where the lord and his family can relax between some thick walls. the king could unwind with a game of chess. in the 13th century, they didn't have the internet of things but they still have things. how do we make iot more secure? we have a security expert as our guest. we keep hearing about these connected devices continually being hacked. why is it so hard for manufacturers to make them more secure? it is not hard. itjust needs thought, effort and time to do it right. they have to get their product to market and get first mover and someone says security. do they carry on and ship it out

and expose us as consumers? that is shocking. i like to think security is getting better. i think it is getting worse at the moment. everyone wants to jump on the bandwagon. there is less security, cheaper products and people are buying it. don't worry about that. it's fine. give me a hand with this chest, please. in here, i've got some iot devices. here is one i like the look of. it sends an image of what is going on at your door to your phone so you can answer the door when you are not at home. you can unhook it from the door, press this button and it'll give you a wifi key so you can hack the customer's network. ok, right. beggars belief. here we are in a castle.

this is a smart door lock. you can lock your door from your phone, but it hooks up with voice control. with amazon's eco, you can go, lock door. it locks the door for you. it doesn't do anything silly like unlock door unless you hooked it up to siri. before you could shout through the door, "unlock door," says the burglar and it unlocks the door. this is a smart thermostat and you can control your heating from your phone. in we found that you could hack them and do crazy things like install ransomeware on them so they could hold your heating system to ransom in the middle of winter. so you can turn the heating off and demand money to turn it back on. yeah. buy yourself a fire, like we've got!

it seems these gaps in our defences are proving to be a gift for our attackers. really? a smart kettle? what's the problem with a smart kettle? you can boil a cuppa from your bed when you wake up. properly and you could sit outside someone‘s house, point an aerial at your kitchen and get your wi—fi keys. goodhew maliciously boil water from someone‘s else‘s house? goodhew maliciously boil water from someone's else's house? you could. good lord. this is more secure. i've locked the doors. ok, right, how can we defend ourselves and our data if we have a home full of connected devices? most of what i have shown you has

been fixed already. you have to update your phone. check the software is bang up—to—date because the manufacturers may have fixed the bugs. would you buy a connected device for your children? i wouldn't. i don't think they are safe enough yet. one extra word of advice. it is boring, but please make sure you got a good strong password on app that you'd use to talk to your toys. ok, looks like we have some unwelcome guests. i will hand you over to lara, who has some important security tips that we maybe should have paid more attention to. it is every geek for himself. the recent ransomware attack showed

you don't have to be personally targeted to end up being a victim. this first tip would have protected you against that and many similar attempts to get inside the walls of your castle. one thing you need to do is to update the operating system, the browser and the applications you use. these pieces of software are complicated and they contain bugs. there are other ways we could be leaving ourselves vulnerable. don't jailbreak devices. use reputable download applications because without that, you are bypassing the security that has gone into them. at some point, you will lose your devices. when you set it up, ask it

to encrypt the storage. if you don't think you've got anything of value, your contacts are worth a lot of money to cyber criminals. if you are putting documents that you don't want other people to see, i say not to put them in. if you download something and you are not expecting it, don't do it. protect your family and friends. remove that risk. brilliant security tips there. unfortunately, i think they've arrived a little bit too late for me. still, there you go. thanks for watching and i really, really hope that i will see you soon! this sunday should be drier and

brighterfor this sunday should be drier and brighter for many parts. it started that way on the western side of scotla nd that way on the western side of scotland but things will change here. saturday started well on the eastern side of england and it was that way again, but the difference is that in the eastern side, you will keep hold of fine weather. this looks threatening, a low pressure area lurking on the west of the british isles. i suspect it is the warm front that will thicken cloud to bring rain at times across the western side of scotland, having been through northern ireland in the first part of the day. elsewhere, it

really is going to be a glorious day. this is how it is shaping up early afternoon. almost by this stage unbroken sunshine for some southern counties and the temperature comfortably into the teens. somewhere between london and cambridge it will push towards 22. mummy comeback to the western quarter, we see a chance of rain —— it is when we come back to the western quarter we see a chance of rain. elsewhere across the greater pa rt rain. elsewhere across the greater part of england and wales and maybe the borders of scotland by this stage, fine and sunny all the way. watch out because the sun can be strong at this time of year and even where you have some clout, do not think you will escape all of the effects of the sun. not as cold in

the glens of scotland. importing relatively mild air from the continent by day and night. monday sees a new weather front bringing the threat of rain for a time. it will peg the temperatures but elsewhere it will feel warmer than of late, comfortably into the teens and may be for sum into the mid—20s. the middle part of the week, high pressure a dominant feature. initially cloud in the west, but eventually the high pressure will dry out things and it will feel very warm as we move to the latter part of the week. good afternoon. the conservatives have defended their planned changes to social care and winter fuel payments if they win the next election. they insisted the new system would be fairer to everyone. the work and pensions secretary damian green also told the bbc that he thought £100,000 was a reasonable inheritance when questioned about the moves to reform social care. our political correspondent, susana mendonca, reports.

pensioners are used to being courted by politicians because they vote him larger numbers than younger people do. but the conservatives'