Top 10 IT news stories of the week: Barclays wants to read your veins, the BBC thinks you're a filthy pirate and a little-known company released a new mobile phone...

Only one thing could push security off the top this week when a little-known company released a new mobile phone...

One story towered above all others this week - but you'll have to scroll down to the bottom of the page for confirmation of what it was.

Elsewhere, however, the security of the so-called "Internet of Things" received much attention - the problem is that it doesn't appear to have any. At the same time, the user name-password paradigm has come under its regular weekly attack, with Salesforce.com users being specifically targeted by malware and the credentials of five million Gmail accounts being spilled on the usual websites in Eastern Europe. However, Barclays (with the help of some clever chaps from Hitachi) might have a potential solution to that problem. Whether you'd want to use, though, is another matter.

10. IoT: Things could get nasty and Security warning over the Internet of Things

Just a day after Computing published an excellent feature (if we says so ourselves...) focusing on the security risks of the Internet of Things, Beecham Research came out with a report which said pretty much the same things.

The trouble with the whole concept, is that there are no security standards governing the sector, which in any case could cover anything from a "smart light bulb" to internet-connected thermostats or fridges. Not only would security add to the cost and complexity, many of the developers are in such a rush to get to market (or to get acquired by Google) that security comes a long way down their list of priorities.

The message, it seems, is to let other people cut themselves at the "bleeding edge" until all the security risks have been overcome. That's if manufacturers can ever find a compelling reason to connect your fridge to the internet, that is.

9. NHS Spine ‘successfully' rebuilt, says HSCIC

Rejoice! The NHS spine has been successfully rebuilt, according to the Health and Social Care Information Centre (HSCIC). This is excellent news the Spine is about the only part of the ill-fated NHS National Programme for IT (NPfIT) that has emerged from one of the biggest ever disasters in public sector IT. The spine stores patient information and enables electronic messaging across the NHS.

8. RBS among the Salesforce users targeted by 'Dyre' malware

Two days after publishing this story, we took a peculiar call from someone representing Salesforce. They weren't happy with the headline. Or the story. Or anything, it seemed. We asked them to put their complaints into an email so that we might have a chance of comprehending exactly what their complaint was and acting on any legitimate complaints. We're still waiting at the time of writing.

As users of practically every other internet service has found out in recent years, the old user name/password security combination has become somewhat frayed - especially when the user name is invariably someone's password, making it trivially easy to conduct brute-force attacks in order to break into systems secured in this way.

What is disturbing is how such attacks have graduated from Facebook, Twitter and Yahoo's Ymail to corporate services such as Salesforce.com. More disturbing still, perhaps, was the way in which the "Dyre" malware seemed to target Salesforce users in financial services.

Salesforce is adamant that it warned users in a timely fashion about the risks posed by this new form of Trojan horse attack, but it is almost certain that it isn't just Salesforce that is being attacked in this way, but all internet-connected services.

7. Backbytes: A year too late, MPs realise that the UK's smart meters are a waste of money

Sometimes, a story is just so absurd that a straight news report will not do. The impending disaster of the UK's smart meter roll-out is one such story.

The Public Accounts Committee, which has become the Metropolitan Police of government waste (in that it arrives on the scene way too late and just sucks its teeth as it surveys the scene of devastation) has turned its attention to smart meters and made all the criticisms that every one was making last year.

However, it's all a bit late as all the multi-billion pound contracts have now all been signed, and electricity and gas bill payers are now stitched up like kippers to pay for a system that is excessively complex, more expensive than it ought to be, and which will oblige householders to buy mysteriously expensive devices in order to read their own meters remotely.

6. 'Staff would just open up Dropbox accounts all over the place' admits US government services CIO

Dropbox is a fantastic utility in an age when people are working from work PCs, home PCs, smartphones, tablets, laptops in coffee shops, etc. It's also fantastically insecure as far as many organisations are concerned: with just one quick drag-and-drop, corporate data can be outside the firewell before the CIO can say "have you read the corporate security policy?"

However, getting people to understand the risks of such behaviour - the same people who habitually double-click on dodgy attachments - is invariably a challenge too far.

Indeed, the CIO of the US government's General Services Administration pretty much admitted as much during the final day of the BoxWorks conference. "We'd provide these super-secure, highly regulated tools, but people would go around them. We had a perfectly good email platform, but it was a client-based thing - you had to work at a PC - so people would open up Dropbox accounts all over the place and use all kinds of different sites and tools."

His solution was to provide a similar service under the umbrella of the company so that they can be properly managed - provided by Box, of course...

5. Backbytes: Use a VPN? You're probably a filthy pirate, BBC tells Australian government

It's often said - particularly of lesser sites, such as the Daily Mail, Telegraph Online and the Guardian's Comment is Free - that you should never read the comments if you want to remain sane. However, on www.computing.co.uk, the comments are invariably as enlightening as the articles.

The BBC, according to readers, is living in the past if it thinks it can hold back the tide and Computing's wise commenters wondered why it didn't instead just sell advertising on all the various programmes that people around the world want to watch on iPlayer.

Good question.

4. Google Gmail users told to change passwords after five million accounts were compromised

Apparently, passwords alone are inherently insecure - who knew? Well, every week, it seems, there's a new release of user names and passwords affecting all manner of internet services. The latest is Google's Gmail email service, although some questions were asked not just how the accounts were hacked, but also the age of the accounts.

However, pretty much everyone has a Gmail account (many people more than one) so who wouldn't be concerned that there are five million cracked user names with passwords rocking around some dodgy websites in Russia?

Of course, every crisis is also an opportunity and such a story presented an excellent opportunity for Google to persuade you to give it your mobile phone number, which it can add it to your file in its Great Big Database of Personal Information, all in the name of two-factor authentication.

3. IBM acquisition of Fiberlink fuelled its own BYOD strategy

Intriguingly, when IBM acquired Fiberlink in December 2013, the computer services giant didn't actually have a formal bring your own device (BYOD) strategy. A month later, it did. According to Jim Sheward, the CEO of Fiberlink.

In a Computing web seminar, he said: "They acquired us in December and we rolled out [the platform] in January, which was very fast. Currently there are 100,000 users and at one point there were 5,000 users rolling into the system an hour. It typically takes two to three minutes for a user to enrol their device."

One of the main reasons why IBM had been slow to formally adopt BYOD was security, he added. With IBM doing so much business in sensitive sectors such as financial services, keeping data secure is key to its business, said Sheward.

To watch the full web seminar click here.

2. Barclays unveils blood-reading authentication technology for corporate banking clients

Payment fraud has become a particularly thorny problem for many businesses, especially small and medium-sized businesses (SMBs). A little bit of phishing at ACME Construction and before they're even aware of what's happening, an attacker is siphoning off their overdraft to an account in Russia or Turkmenistan, beyond the reach of conventional law enforcement.

That's why Barclays has launched its biometric authentication fingerprint reader that will be rolled out to corporate clients in 2015. According to Ashok Vaswani, CEO of Barclays' personal and corporate banking, the device - based on technology developed by the clever chaps at Hitachi - "doesn't capture a fingerprint, it actually captures the photographic view of the blood in the veins of your finger".

This, he added, is even more secure than fingerprinting. Vein authentication technology works by scanning the finger with near-infrared (NIR) light. Barclays says it has tested the technology stringently, claiming that it would take a fraudster a million attempts to even have a chance of stealing or redirecting funds.

Although that may sound complicated, it would appear to be a good deal simpler to follow than the alternative security advice, at least as far as many SMBs: to only do payment runs on a version of Linux booted and running solely from a USB.

Go on, you'll never guess what the most popular story this week was - by a long way.

Oh, you have...

1. Apple reveals iPhone 6 and iPhone 6 Plus

Yes, Apple surprised the whole world, once again, by unveiling its new smartphones in September, just like last year and the year before. As General Melchett once said: "Doing precisely what we've done eighteen times before is exactly the last thing they'll expect us to do this time."

Stephen Fry was at the launch, name-dropping other celebs on his Twitter account, so the above quote is perfectly apt.

Like last year, Apple released not one, but two models, with the iPhone 6+, a 5.5-inch screen "phablet" with a battery to match, grabbing the headlines - not least for its hefty asking price. If you want one it'll cost you between £619 for the piffling 16GB device and £789 for the 128GB device.

Perhaps more interesting than the devices, though, was the announcement of Apple Pay. The payments industry has been waiting some time for near-field communications (NFC) technology to take off and, with Apple's backing, it might well do so in 2015, when Apple Pay hits the UK.

The idea is that smartphone users will load a secure "wallet" with credit and debit card details, as well as tickets and other financial information, and use their phones to pay for things or for keeping concert and theatre tickets. Naturally, Apple intends to take its cut every time you buy your daily super-skinny frappalattacino, although with Apple's iOS continuing to lose worldwide market share to Android it may well be Google that benefits in the long term.

However, iPhones may soon have competition for recharging plug sockets at work, with Apple also unveiling an iWatch - reportedly three years in the making, which is also about how long an Apple iWatch has been rumoured.

Yes, a decade after most people threw away their watches because they could keep the time perfectly well with their mobile phones, Apple is keen to reintroduce the watch, except it will have to be recharged once a day and will be dependent on an iPhone for you to benefit from all its functions, which reportedly include accurate time keeping.

That's if the appearance from U2 didn't put off Apple's otherwise right-on fans.