Twitter Tightens Security

Twitter Inc said it has put in place a security technology that makes it harder to spy on its users and called on other Internet firms to do the same, as Web providers look to thwart spying by government intelligence agencies.

The online messaging service, which began scrambling communications in 2011 using traditional HTTPS encryption, said on Friday it has added an advanced layer of protection for HTTPS known as “forward secrecy.”

“A year and a half ago, Twitter was first served completely over HTTPS,” the company said in a blog posting. “Since then, it has become clearer and clearer how important that step was to protecting our users’ privacy.”

Twitter’s move is the latest response from U.S. Internet firms following disclosures by former spy agency contractor Edward Snowden about widespread, classified U.S. government surveillance programs.

Facebook Inc, Google Inc, Microsoft Corp and Yahoo Inc have publicly complained that the government does not let them disclose data collection efforts. Some have adopted new privacy technologies to better secure user data.

Forward secrecy prevents attackers from exploiting one potential weakness in HTTPS, which is that large quantities of data can be unscrambled if spies are able to steal a single private “key” that is then used to encrypt all the data, said Dan Kaminsky, a well-known Internet security expert.

The more advanced technique repeatedly creates individual keys as new communications sessions are opened, making it impossible to use a master key to decrypt them, Kaminsky said.

“It is a good thing to do,” he said. “I’m glad this is the direction the industry is taking.”

Source

Intel Buys KNO Software

Intel has acquired educational software developer Kno to add to its Education division.

Speaking in the company blog, Intel Sales and Marketing Group VP John Galvin explained that in a world where kids are being bombarded by technology, Intel Education has a mission to support the rollout of technology in the classroom.

Galvin said, “The Kno platform provides administrators and teachers with the tools they need to easily assign, manage and monitor their digital learning content and assessments.”

This acquisition brings Intel’s global digital content library to over 225,000 [higher education] and K-12 titles from 74 education publishers. “We’re looking forward to combining our expertise with Kno’s rich content so that together, we can help teachers create classroom environments and personalized learning experiences that lead to student success,” Galvin added.

Intel Education has been working for the past decade with over 10 million teachers that it has assisted to integrate technology with education.

In the UK alone there have been tremendous strides in educational software over the past 30 years, dating back to the government pledge to provide a computer in every school, which led to the creation of the BBC Microcomputer designed specifically for that purpose.

Today, not only is ICT a dedicated lesson in its own right, but it forms one of the key skills that educators are expected to incorporate into all lesson plans, putting it on a par with English and Maths, showing just how far we’ve come from making Venn diagrams with ascii art.

Source

Tizen Announces New Partners

Samsung and Intel announced on Tuesday that the open source Tizen operating system now has 36 partners, including eBay, Trend Micro and Panasonic.

The full list of new partners was announced at the Tizen Developer Summit, and includes a mix of firms from different sectors. Among the 36 backers are eBay, Nokia’s Here mapping service, Konami, McAfee, Panasonic, Sharp and The Weather Channel, giving us some insights as to what software applications are likely to appear on the Linux based operating system.

Trevor Cornwell, founder and CEO of Appbackr, one of Tizen’s newly added partners, said that his firm found the operating system appealing due to its open nature, perhaps hinting that it is more open than Google’s Android mobile operating system.

He said, “The Tizen OS promises to be the most open and comprehensive software platform available for those companies wishing to target the consumers of connected devices.

“The Association’s commitment to support HTML5 applications, combined with their vision that extends beyond the smartphone and tablet ecosystem to a wider array of other connected device segments, makes it attractive to all types of companies. We look forward to collaborating with the Tizen Association to ensure that all stakeholders can contribute to the development of a platform for this growing market opportunity.”

It’s still unclear when Samsung’s first Tizen powered smartphone will make it to market, but online speculation suggests we’ll be seeing the firm’s debut Android challenging smartphone at some point in 2014.

Further speculation suggests that Samsung’s first Tizen phone will be an updated version of the Galaxy S4, possibly to reduce its reliance on Android.

Source

Will nVidia’s Tegra 5 Go LTE?

The tradition continues. Our sources are confirming that Nvidia’s Logan SoC, possibly called Tegra 5, doesn’t come with an integrated LTE modem. Just like Apple, Nvidia makes a big fast chip with impressive Kepler based GPU, but it won’t put a an icera LTE solution inside the same chip.

Icera i500 is Tegra 5 compatible and it has AT&T certification. As the launch draws near, it should become compatible with other US and international LTE carriers like Verizon and T-mobile.

This should not be a big issue for Nvidia’s target market, manufacturers will have to choose two chips instead of one, a clear competitive disadvantage compared to future Qualcomm chips with Adreno 400 graphics and updated CPU cores, expected in early 2014.

During Nvidia’s recent conference call, CEO Jen Hsun Huang said devices based on the new Tegra 4i with integrated LTE should be announced in Q1 and ship no later than Q2. Jensen also mentioned that people are going to be “delighted by the OEM that it comes from” which is probably his way of of announcing some big brand design wins, but he also emphasised that the designs will be global rather than US. For US success you need CDMA Jensen said, but as far as we know Verizon is the only company using it.

Since Apple can pull of two chip designs from day one, we can only assume that two chip approach won’t cost much battery life compared to single chip design that has LTE on board (Snapdragon 600 and 800 ed. ). However, Nvidia is likely going to be making bets on its Kepler based GPU, expected to be the fastest graphics core ever integrated in a mobile SoC that will rock tablets and some phones around the world. The fact that Logan is likely to pack very powerful graphics sans on-die LTE makes it a bit more interesting for tablets than phones, which is exactly what we saw with the Tegra 4.

We expect to see Tegra 5 devices announced at CES 2014 so early January and with some luck we might see them shipping very early in 2014.

Source

Did Stuxnet Infect A Russian Nuclear Plant?

Kaspersky has claimed that the infamous Stuxnet computer worm “badly infected” the internal network of an unnamed Russian nuclear plant after it caused chaos in Iran’s nuclear facilities.

Speaking at a keynote presentation given at the Canberra Press Club 2013, Kaspersky CEO Eugene Kaspersky said a staffer at the unnamed nuclear plant informed him of the infection.

“[The staffer said] their nuclear plant network which was disconnected from the internet was badly infected by Stuxnet,” Kaspersky said.

“So unfortunately these people who were responsible for offensive technologies, they recognise cyber weapons as an opportunity.”

Stuxnet was discovered to have spread throughout industrial software and equipment in 2010 and is believed to have been created by the United States and Israel to attack Iran’s nuclear facilities. According to Kaspersky’s source, the malware was carried into the Russian nuclear plant and installed on a physically separated “air-gapped” network.

Kaspersky also made a rather outlandish joke during his speech, saying that all data is subject to theft. “All the data is stolen,” Kaspersky said. “At least twice.”

“If the claim of the Russian nuclear plant infection is true, then it’s easy to imagine how this “collateral damage” could have turned into a very serious incident indeed, with obvious diplomatic repercussions,” said security expert Graham Cluley.

“There is no way to independently verify the claim, of course. But it is a fact that Stuxnet managed to infect many computer systems outside of its intended target in Iran,” Cluley added. “Indeed, the very fact that it spread out of control, was what lead to its discovery by security firms.”

Earlier this year, Symantec claimed that the Stuxnet computer worm could date back further than 2010 and was more widespread than originally believed.

Symantec’s report called “The Missing Link” found a build of the Stuxnet attack tool, dubbed Stuxnet 0.5, which it said dated back to 2005 and used different techniques to sabotage industrial facilities.

Source

Adobe Data Found Online

A computer security firm has discovered data it says belongs to some 152 million Adobe Systems Inc user accounts, suggesting that a breach reported a month ago is much larger than Adobe has so far disclosed and is one of the largest on record.

LastPass, a password security firm, said that it has found email addresses, encrypted passwords and password hints stored in clear text from Adobe user accounts on an underground website frequented by cyber criminals.

Adobe said last week that attackers had stolen data on more than 38 million customer accounts, on top of the theft of information on nearly 3 million accounts that it disclosed nearly a month earlier.

The maker of Photoshop and Acrobat software confirmed that LastPass had found records stolen from its data center, but downplayed the significance of the security firm’s findings.

While the new findings from LastPass indicate that the Adobe breach is far bigger than previously known, company spokeswoman Heather Edell said it was not accurate to say 152 million customer accounts had been compromised because the database attacked was a backup system about to be decommissioned.

She said the records include some 25 million records containing invalid email addresses, 18 million with invalid passwords. She added that “a large percentage” of the accounts were fictitious, having been set up for one-time use so that their creators could get free software or other perks.

She also said that the company is continuing to work with law enforcement and outside investigators to determine the cost and scope of the breach, which resulted in the theft of customer data as well as source code to several software titles.

The company has notified some 38 million active Adobe ID users and is now contacting holders of inactive accounts, she said.

Paul Stephens, director of policy and advocacy for the non-profit Privacy Rights Clearinghouse, said information in an inactive database is often useful to criminals.

He said they might use it to engage in “phishing” scams or attempt to figure out passwords using the hints provided for some of the accounts in the database. In some cases, people whose data was exposed might not be aware of it because they have not accessed the out-of-date accounts, he said.

“Potentially it’s the website you’ve forgotten about that poses the greater risk,” he said. “What if somebody set up an account with Adobe ten years ago and forgot about it and they use the same password there that they use on other sites?”

Source

Google Expands Malware Blocker

Google has expanded malware blocking in an early development build of Chrome to sniff out a wider range of threats than the browser already recognizes.

Chrome’s current “Canary” build — the label for very-early versions of the browser, earlier than even Chrome’s Dev channel — will post a warning at the bottom of the window when it detects an attempted download of malicious code.

Features added to the Canary build usually, although not always, eventually make it into the Dev channel — the roughest-edged of the three distributed to users — and from there into the Beta and Stable channels. Google did not spell out a timetable for the expanded malware blocking.

Chrome has included malware blocking for more than two years, since version 12 launched in June 2011, and the functionality was extended in February 2012with Chrome 17.

Chrome is now at version 30.

Canary’s blocking, however, is more aggressive on two fronts: It is more assertive in its alerts and detects more malware forms, including threats that pose as legitimate software and monkey with the browser’s settings.

“Content.exe is malicious, and Chrome has blocked it,” the message in Canary reads. The sole visible option is to click the “Dismiss” button, which makes the warning vanish. The only additional option, and that only after another click, is to “Learn more,” which leads to yet another warning.

In Canary, there is no way for the user to contradict the malware blocking.

That’s different than in the current Stable build of Chrome, which relies on a message that says, “This file is malicious. Are you sure you want to continue?” and gives the user a choice between tossing the downloaded file or saving it anyway.

As it has for some time, Chrome will show such warnings on select file extensions, primarily “.exe,” which in Windows denotes an executable file, and “.msi,” an installation package for Windows applications. Canary’s expansion, said Google, also warns when the user tries to download some less obvious threats, including payloads masquerading as legitimate software — it cited screen savers and video plug-ins in a  blog posting — that hijack browser settings to silently change the home page or insert ads into websites to monetize the malware.

Google’s malware blocking is part of its Safe Browsing API (application programming interface) and service, which Chrome, Apple’s Safari and Mozilla’s Firefox all access to warn customers of potentially dangerous websites before they reach them.

In Chrome’s case, the malware warning stems not only from the Safe Browsing “blacklist” of dodgy websites, but according to NSS Labs, a security software testing company, also from the Content Agnostic Malware Protection (CAMP) technology that Google has baked into its implementation of Safe Browsing.

Source

Is Qualcomm’s Adreno 400 Coming in 2014?

Qualcomm’s Adreno 330 GPU will be replaced by new Adreno 400-series parts and naturally the new generation will be faster than the one that sits inside the Snapdragon 800.

Our sources are telling us that Adreno 400 is expected with the new version of Snapdragon that is set to debut in early 2014. Traditionally Qualcomm uses CES to showcase its new chips and CES 2014 starts on January 7th, so it sounds like the right time for it.

The only key detail that we learned about Adreno 400 is that despite a significant increase in GPU performance the chip won’t have a compute part and it doesn’t support OpenCL. Many will see this as a handicap, but to be honest we see limited uses for OpenCL in mobile chips, at least for now.

Nvidia’s Logan comes with Open CL 1.1 as well as Open GL 4.4 support. Adreno 330 can push 3.6 Gigapixels a second making it one of the fastest GPUs in mobile market, capable of going head to head with the Tegra 4. Adreno 400 naturally ends up faster.

Then again we expect that Logan Tegra 5 has what it takes to dominate the mobile GPU market in 2014. Let’s not forget about PowerVR 6-series parts, ARM’s recently announced Mali 700-series or Vivante’s upcoming mobile GPU designs, either.

Unlike the AMD-Nvidia duopoly in the PC GPU market, right now there are five players vying for the top spot in the mobile space and things are bound to get interesting.

Source

Africa To Lead Global Bandwidth Demand

Africa’s demand for Internet access to the rest of the world will grow by an average of 51 percent every year until 2019, ahead of all other regions, according to a forecast by research company Telegeography.

Rapid economic growth and wider Internet use will drive the increase in demand, which will be met mostly by turning on unused capacity in existing cables, according to Telegeography analyst Erik Kreifeldt. Terrestrial links are in demand partly because much of Africa still relies on satellite, which is far more expensive per bit than wired broadband, he said.

Most Internet bandwidth between continents is provided by undersea cables built and financed by groups of service providers. From Africa, most of those links go to Europe. Other carriers pay to tap into those cables and link their customers to the Internet. In some parts of Africa, running cables from coastal areas to the interior is a challenge so satellite remains the major Internet source, Kreifeldt said.

The capacity of international cables landing on African shores is just a fraction of the bandwidth available between Europe, the U.S. and Asia. After seven years of the growth that Telegeography forecasts, from 2012 through 2019, Africa will have 17.2Tbps (bits per second) of links to the outside world. That’s up from just 957Gbps in 2012 but will still be only about one-quarter of the international capacity of Latin America and less than that of Canada, according to Telegeography.

The hunger for the Internet varies among African countries. Through 2019, bandwidth demand is expected to grow fastest in Angola, at 71 percent per year; Tanzania, at 68 percent; and Gabon, at 67 percent.

Many new cables have been built to Africa and around the continent in the past several years, giving service providers excess fiber capacity that can be turned on when needed, Kreifeldt said. As that fiber gets lit up and supply rises, prices should fall for enterprises and other users in African countries, he said. However, due to relative scarcity, a given amount of bandwidth between Africa and Europe costs about 10 times as much as the same size connection between Europe and North America, he said. Africa’s bandwidth gains aren’t expected to shrink that gap.

Source

MediaTek’s Octa-Core Processor Tested

MediaTek raised quite a few eyebrows earlier this year when it announced it would build the world’s first proper ARM octa-core, not a big.LITTLE design. The MT6592 has now popped up on a Chinese site, with the first Antutu results.

It scored 25,496, which places it behind the 1.7GHz Snapdragon in the HTC One, but it’s still a lot faster than the Nexus 4’s Qualcomm APQ8064, although throttling may have something to do with that. The score seems too high, but not long after the results emerged, a number of mobile sites started talking about disappointing results, claiming that MediaTek’s octa-core was somehow supposed to end up on a par with Samsung’s latest Exynos 5 big.LITTLE chip and the Qualcomm 800.

This of course is utter rubbish and FUD of the highest order.

The 28nm MT6592 is indeed an octa-core, but it has eight A7 cores, not a combo of A15 and A7 cores. The A7 is about one fifth of the die area of an A15 and according to ARM it consumes one quarter to one fifth of the power, making such comparisons asinine. In other words, MediaTek’s octa-core should end up a lot smaller and cheaper than a quad A15, maybe even a quad A12. That is why we find the 25,496 result hard to believe – it should be less, not more. For example, the Tegra 4 on Shield hits about 36,000, yet it’s a much bigger chip, on a device with more RAM.

The benchmarked chip ran at 1.7GHz, but MediaTek said the MT6592 should have no trouble hitting 2GHz, which could make it faster than a Snapdragon 600. What’s more, the tested device featured 1GB of RAM, 720p display and a Mali-450 GPU, so it is clearly not high-end.

However, the big problem for MediaTek’s curious new SoC is the sheer number of cores. Most apps simply can’t put them to good use and unless MediaTek has a clever trick up its sleeve, the chip might not be nearly as fast in real world applications. It does look promising in benchmarks, though.

Source

« Previous Page — Next Page »