Can A Linux Cert Payoff?

The Linux Foundation has announced an online certification programme for entry-level system admininstration and advanced Linux software engineering professionals to help expand the global pool of Linux sysadmin and developer talent.

The foundation indicated that it established the certification programme because there’s increasing demand for staff in the IT industry, saying, “Demand for experienced Linux professionals continues to grow, with this year’s Linux Jobs Report showing that managers are prioritizing Linux hires and paying more for this talent.

“Because Linux runs today’s global technology infrastructure, companies around the world are looking for more Linux professionals, yet most hiring managers say that finding Linux talent is difficult.”

Linux Foundation executive director Jim Zemlin said, “Our mission is to address the demand for Linux that the industry is currently experiencing. We are making our training [programme] and Linux certification more accessible to users worldwide, since talent isn’t confined to one geography or one distribution.

“Our new Certification [Programme] will enable employers to easily identify Linux talent when hiring and uncover the best of the best. We think Linux professionals worldwide will want to proudly showcase their skills through these certifications and that these certificates will become a hallmark of quality throughout our industry.”

In an innovative departure from other Linux certification testing offered by a number of Linux distribution vendors and training firms, the foundation said, “The new Certification [Programme] exams and designations for Linux Foundation Certified System Administrator (LFCS) and Linux Foundation Certified Engineer (LFCE) will demonstrate that users are technically competent through a groundbreaking, performance-based exam that is available online, from anywhere and at any time.”

The exams are customised somewhat to accommodate technical differences that exist between three major Linux distributions that are characteristic of those usually encountered by Linux professionals working in the IT industry. Exam takers can choose between CentOS, openSUSE or Ubuntu, a derivative of Debian.

“The Linux Foundation’s certification [programme] will open new doors for Linux professionals who need a way to demonstrate their know-how and put them ahead of the rest,” said Ubuntu founder Mark Shuttleworth.

Those who want to look into acquiring the LFCS and LFCE certifications can visit the The Linux Foundation website where it offers the exams, as well as training to prepare for them. The exams are priced at $300, but apparently they are on special introductory offer for $50.

The Linux Foundation is a nonprofit organization dedicated to accelerating the growth of Linux and collaborative development. It is supported by a diverse roster of almost all of the largest IT companies in the world except Microsoft.

Source

UPS Breached

Credit and debit card information belonging to customers made purchases at 51 UPS Store Inc. locations in 24 states this year may have been illegally accessed as the result of an intrusion into the company’s networks.

In a statement on Wednesday, UPS said it was recently notified by law enforcement officials about a “broad-based malware intrusion” of its systems.

A subsequent investigation by an IT security firm showed that attackers had installed previously unknown malware on systems in more than four-dozen stores to gain access to cardholder data. The affected stores represent about 1% of the 4,470 UPS Store locations around the country.

The intrusion may have exposed data on transactions conducted at the stores between Jan. 20 and Aug. 11, 2014. “For most locations, the period of exposure to this malware began after March 26, 2014,” UPS said in a statement.

In addition to payment card information, the hackers also appear to have gained access to customer names, as well as postal and email addresses.

Each of the affected locations is individually owned and runs private networks that are not connected to other stores, UPS added. The company provided alist of affected locations.

The breach is the third significant one to be disclosed in the past week. Last Thursday, grocery store chain Supervalu announced it had suffered a malicious intrusion that exposed account data belonging to customers who had shopped at about 180 of the company’s stores in about a dozen states. The breach also affected customers from several other major grocery store chains for which Supervalu provides IT services.

Source

Is Windows ‘Threshold’ Enroute?

Microsoft will unveil a preview of “Threshold,” the current code name for Windows 8′s successor, as soon as next month, according to an online report on Monday.

ZDNet’s Mary Jo Foley, citing unnamed sources, said that Microsoft will deliver a “technical preview” of Threshold late in September or early in October. Previously, Foley had reported that Microsoft would offer a preview of some kind this fall.

Threshold may be officially named “Windows 9″ by Microsoft — the company has said nothing about either the code name or labeled the next iteration of its desktop and tablet OS — although there are arguments for dumping a numerical title because of the possible association with Windows 8, which has widely been pegged as a failure.

“Technical Preview” is a moniker that Microsoft has used in the past for its Office suite. For both Office 2013 and Office 2010, Microsoft used the term to describe an invitation-only sneak peek. Both application suites were later released as public betas prior to their official launch.

Windows, however, has used a different nomenclature. For 2012′s Windows 8, Microsoft called the early looks ”Developer Preview,””Consumer Preview” and “Release Preview,” all open to everyone. The first was analogous to an alpha, the second to a beta, and the third to a done-but-not-approved release candidate.

Windows 7, however, had used the more traditional “Beta” to describe the first public preview in early 2009. The previous fall, when Microsoft unveiled Windows 7, the firm had seeded an invite-only “pre-alpha” version, also dubbed a Developer Preview, of the OS to programmers and some influential bloggers.

Within hours, the Windows 7 Developer Preview leaked to file-sharing websites. Microsoft may have changed its practices for Windows 8, letting anyone download the first preview, because of the inevitably of leaks.

In an update to her blog of earlier today, Foley added that the “Technical Preview” nameplate notwithstanding, Microsoft would allow anyone to download Threshold/Windows 9 when it becomes available in the next few weeks.

If Microsoft does ship a preview soon and sets its sights on a second-quarter 2015 final release, it will have significantly accelerated the tempo from past practice. With Windows 7 and Windows 8, Microsoft offered its first previews 12 and 13 months, respectively, and the public beta 8 or 9 months, before launching the operating system.

Eight or nine months from September would be May or June 2015; that, however, assumes that the Technical Preview is of beta quality. The name itself hints at something less.

Microsoft appears eager to put Windows 8 behind it. It has stopped beating the drum about the OS and recently announced that it would not issue any additional major updates. Instead, the firm said last week, it will include improvements or new features in small packets using the same Windows Update mechanism that regularly serves security patches.

Source

Apple Changes Policy In China

Apple Inc has started the processing of keeping the personal data of some Chinese users on servers in mainland China, marking the first time the tech giant is storing user data on Chinese soil.

The storage of user data in China represents a departure from the policies of some technology companies, notably Google Inc, which has long refused to build data centers in China due to censorship and privacy concerns.

Apple said the move was part of an effort to improve the speed and reliability of its iCloud service, which lets users store pictures, e-mail and other data. Positioning data centers as close to customers as possible means faster service.

The data will be kept on servers provided by China Telecom Corp Ltd, the country’s third-largest wireless carrier, Apple said in a statement.

“Apple takes user security and privacy very seriously,” it said. “We have added China Telecom to our list of data center providers to increase bandwidth and improve performance for our customers in mainland china. All data stored with our providers is encrypted. China Telecom does not have access to the content.”

A source with knowledge of the situation said the encryption keys for Apple’s data on China Telecom servers would be stored offshore and not made available to China Telecom.

Apple has said it has devised encryption systems for services such as iMessage that even Apple itself cannot unlock. But some experts expressed scepticism that Apple would be able to withhold user data in the event of a government request.

“If they’re making out that the data is protected and secure that’s a little disingenuous because if they want to operate a business here, that’d have to comply with demands from the authorities,” said Jeremy Goldkorn, director of Danwei.com, a research firm focused on Chinese media, internet and consumers.

“On the other hand if they don’t store Chinese user data on a Chinese server they’re basically risking a crackdown from the authorities.”

Goldkorn added that data stored in the United States is subject to similar U.S. regulations where the government can use court orders to demand private data.

A spokesman for China Telecom declined to comment.

Source

Applied Materials Makes A Profit

Chip-equipment maker Applied Materials has surprised most of the cocaine nose jobs of Wall Street with a better-than-expected third-quarter profit. It appears that contract manufacturers are spending more on technology used to make smartphone and memory chips.

The company also forecast current-quarter adjusted profit largely above analysts’ average estimate. Chief Executive Gary Dickerson said that demand for DRAM chips is expected to grow in the current quarter.

Applied Materials, which also provides equipment to make flat panel displays and solar cells, forecast an adjusted profit of 25-29 cents per share for the fourth quarter. Wall Street was expecting a profit of 26 cents per share.

Applied Materials expects revenue growth of about 10 to 17 percent, implying revenue of $2.19 billion to $2.33 billion for the quarter. Analysts on average were expecting $2.28 billion. Applied Materials’ net income rose to $301 millionin the third quarter ended July 27, from $168 milliona year earlier. Revenue rose 14.7 percent to $2.27 billion.

Revenue in the company’s silicon systems business, which brings in about two-thirds of total sales, rose 16 percent to $1.48 billion.

Source

The FCC Extends Deadline

U.S. Federal Communications Commission has said it would accept public comments on its proposed new “net neutrality” rules through Sept. 15, giving the American public extra time to voice their opinions and concerns on how they think Internet traffic should be regulated.

The FCC has received more than 1 million comments already on new rules for how Internet services providers should be allowed to manage web traffic on their networks.

The FCC had set a deadline of July 15 for the initial comments and then September 10 for replies to those initial comments. However, the surge in submissions overwhelmed the FCC’s website and the agency had delayed the first deadline by three business days.

“To ensure that members of the public have as much time as was initially anticipated to reply to initial comments in these proceedings, the Bureau today is extending the reply comment deadline by three business days,” the FCC said on Friday, delaying the final deadline for comments to September 15.

Source

Is Epic Turla Exploiting Windows XP?

Kaspersky Lab has discovered an espionage network that successfully attacked government institutions, intelligence agencies and European companies.

The firm has dubbed the spy operation Epic Turla, and said that it is in no doubt about its capabilities.

“Over the last 10 months, Kaspersky Lab researchers have analyzed a massive cyber-espionage operation which we call ‘Epic Turla’,” it said.

“The attackers behind Epic Turla have infected several hundred computers in more than 45 countries, including government institutions, embassies, military, education, research and pharmaceutical companies.”

Kaspersky said that Epic Turla used two zero-day exploits that affected Adobe and Microsoft software, along with some backdoor and social engineering tricks.

In particular, Kaspersky said a vulnerability in Windows XP and Windows 2003 – CVE-2013-5065 – termed a “privilege escalation vulnerability” is being used. “The CVE-2013-5065 exploit allows the backdoor to achieve administrator privileges on the system and run unrestricted. This exploit only works on unpatched Microsoft Windows XP systems.”

The use of this Windows XP flaw underlines the risk that the unsupported Windows XP OS poses. Kaspersky went on to explain that, once inside, attackers install their own rootkits and other malware tools and begin their surveillance.

“Once the attackers obtain the necessary credentials without the victim noticing, they deploy the rootkit and other extreme persistence mechanisms,” it said. “The attacks are still ongoing as of July 2014, actively targeting users in Europe and the Middle East.”

The attacks are just the latest in a long line of incidents that businesses need to be aware of as cyber attacks continue at an alarming rate.

In June the security firm Crowdstrike alerted the industry to Putter Panda, a cute-sounding but nasty piece of malware. That firm pointed an accusatory finger at China and charged it with espionage on the US and Europe.

Crowdstrike CEO George Kurtz said at the time, “China’s decade-long economic espionage campaign is massive and unrelenting. Through widespread espionage campaigns, Chinese threat actors are targeting companies and governments in every part of the globe.” Chinese authorities disputed this.

The report comes in the same week Hold Security reported uncovering a huge trove of 1.2 billion web passwords and login details that have been gathered by Russian cyber criminals.

Source

Is Snapdragon A Security Flaw?

Security researcher Dan Rosenberg has told a Black Hat conference how it is possible to permanently unlock the bootloader on Android phones – provided they use a Qualcomm Snapdragon chip.

Rosenberg said that the flaw is in ARM’s TrustZone technology, which runs a trusted operating system and another for normal apps. This is supposed to improve device security, but in Qualcomm’s implementation, they cocked it up. It means that if a hacker gets access to the trusted operation part of the chip, it can run whatever application he or she likes.

This affects all known Android devices with a Qualcomm Snapdragon SoC, including the Nexus 5, the HTC One, and Samsung’s Galaxy Note 3, as well as the Moto X. The Samsung Galaxy S5 and the HTC One M8 have already been patched.

Source

FCC Mandates Text-To-911

The U.S. Federal Communications Commission voted last week to require U.S. mobile carriers and many text-messaging apps to support functionality that allows texting emergency dispatch centers, even after questions about whether the centers will be ready by the deadline.

The commission’s vote requires U.S. mobile carriers and some texting apps to put emergency text-to-911 functionality in place by the end of the year.

Even though the nation’s four largest mobile carriers have all added text-to-911 functionality this year, less than 2 percent of the nation’s 6,800 emergency dispatch centers are ready to receive texts, said Commissioner Ajit Pai. The commission’s action will give smartphone users the impression they can send text to emergency responders, when many will not be able to, he said.

The FCC’s action “encourages the public to dive into text-to-911 functionality, when in reality, there’s hardly any water in the pool,” Pai said. “The order is sure to result in massive consumer confusion, and therefore will endanger, rather than advance, public safety.”

FCC Chairman Tom Wheeler applauded the largest mobile carriers — Verizon Wireless, AT&T, Sprint and T-Mobile USA — for adding text-to-911 functionality. The agency needs to push other carriers and emergency dispatch centers, called public-safety answering points or PSAPs, to do the same, he added.

“A lot of time of has passed since [the four largest] carriers stepped up and did something voluntarily, and the other carriers serving the consumers of America did not,” he said. “If you don’t step up to your responsibility, we will.”

Smartphone users should still call 911 if possible, but text-to-911 services need to be more widely available, Wheeler said.

The adoption of text-to-911 will let smartphone users contact police and other emergency responders when it’s not safe to talk on the phone, Wheeler said. It will also aid people with hearing or speech disabilities, he noted.

“Texting is now as important a function on a mobile device as talking,” Wheeler said. “Some of those text messages are cries for help.”

Source

Judge Rejects Silicon Valley Settlement

A California judge has rejected the proposed settlement in a lawsuit over no-hire agreements used by top Silicon Valley tech firms, saying the amount being offered to compensate workers is too low.

The remaining defendants in the case — Apple, Google, Intel and Adobe Systems — had reached a deal with the worker’s lawyers to settle the case for US$324.5 million, but Judge Lucy Koh of the federal district court in San Jose, California, said that amount is too low.

After subtracting the fees for the workers’ lawyers — they’re allowed to keep up to a quarter of the award, or $81 million, as well as other money — each worker would be left with an average of only $3,750.

“The Court finds the total settlement amount falls below the range of reasonableness,” Koh wrote in her order, issued Friday.

She said she was troubled that the workers would get less money than under a previous settlement with companies that settled earlier in the case, even though the case has been progressing in the workers’ favor since then.

Last year, Intuit, Lucasfilm and Pixar settled with the workers before the case came to trial.

All of the companies were accused of striking secret deals to not poach each others’ workers, a violation of the Sherman Antitrust Act that reduced the workers’ potential to earn higher wages.

An expert hired for the case has estimated that the workers’ should receive damages of $3 billion, for wages they could have earned if the no-hire agreements hadn’t been in place.

Source

« Previous Page — Next Page »