These are devices like smart thermostats that allow users to remotely control household temperatures or LED lights that can be switched on and off from a smartphone. Basically it is the same thing as the IoT concept in the residential setting.

Navigant Research, global revenue from shipments of residential IoT devices is expected to total more than US$330 billion from 2015-2025. That is a lot of talking fridges and Internet connected underware.

Neil Strother, principal research analyst with Navigant Research said that the IoT is like putting together a jigsaw puzzle without any edge pieces, with the number of pieces growing exponentially into the billions.

“Communicating devices in the IoT traverse a wide range of industries and sectors-virtually all areas of life can expect to see some form of this connected world.”

Despite the many drivers for the residential IoT market, there are at present multiple protocols and standards that are creating an interoperability barrier, he said.
Wi-Fi, ZigBee, Bluetooth, and others are all vying for market viability, which is creating confusion for consumers and stalling overall adoption, he said.

Courtesy-Fud

In its third report this year, Quick Heal warns that Apple users in particular better brace themselves for impact as more and more malware writers who’ve earned their stripes targeting Android users turn their attention to iOS.

“As the number of iPhone owners rises across the world, iOS has become a new potential target for Android malware authors and hackers. It is expected that Android malware will soon be altered to attack iOS users as well, and jailbroken iOS devices will be the first wave of targets for these attacks,” explained the firm (PDF).

“Recently, the ‘XcodeGhost’ malware was found on the Apple App Store and this is just the beginning of such attacks.”

In a section on wearables, Quick Heal predicts hackers will increasingly target fitness trackers, something that other security researchers have already warned about.

A lot of space in the report is reserved for Android-flavoured threats, and users are offered advice on protecting themselves such as if there is an option to use a password over a touch sign-in, then you ought to take it.

“A group of researchers have discovered a serious security flaw in the Android Lollipop version running on devices right now. This flaw allows attackers to bypass the lockscreen of an Android smartphone by using a massive password and thereby exposing the homescreen,” it explains.

“The attack essentially works by opening the in-built camera application and afflicts people using a password to protect their Android device and lock their screen.”

The most significant Android threat is a rascal called Android.Airpush.G, which claims 30 percent of the bug pool and is the kind of adware thing that makes you want to take a hammer to your phone screen. The second most prominent issue is Android.Reaper.A, which can haul in a large data harvest when in place.

Quick Heal is not the only security company in town, and a post on the Symantec website also seems set to put the fear into the Apple user community. That post, read it here – if you dare, says that the Mabouia ransomware is capable of causing a problem for Mac and PC users alike.

Fortunately, Mabouia is a proof-of-concept attack that a researcher shared with both Apple and Symantec. Symantec says that the PoC effort achieves at least one first.

“Mabouia is the first case of file-based crypto ransomware for OS X, albeit a proof-of-concept. Macs have nevertheless already been targeted by ransomware in the form of browser-based threats,” it explained.

“For example, in 2013, researchers at Malwarebytes discovered browser-based ransomware that targeted Safari for Mac users through a malicious website. The website directed Windows users to a drive-by download, while Mac users were served JavaScript that caused Safari to display persistent pop-ups informing the user their browser had been “locked” by the FBI for viewing illegal content.”

Source-http://www.thegurureview.net/computing-category/will-the-xcodeghost-malware-wreak-havoc-on-ios-devices.html

Ericsson, whose like-for-like sales are down 7 percent so far this year and were roughly flat over the previous three years, said the partnership means new areas of revenue as it will boost its addressable market, mainly in professional services, software and the resale of Cisco products.

“We are the wireless No. 1 in the world,” Ericsson Chief Executive Hans Vestberg told Reuters.

“Cisco is by far the No. 1 in the world when it comes to IP routers. Together we can create innovative solutions.”

The companies said in a statement they would together offer routing, data center, networking, cloud, mobility, management and control, and global services capabilities.

“The strategic partnership will be a key driver of growth and value for the next decade, with each company benefiting from incremental revenue in calendar year 2016 and expected to ramp (up) to $1 billion or more for each by 2018,” they said.

Ericsson expects full-year cost synergies of 1 billion Swedish crowns ($115 million) in 2018 due to the partnership and said it would continue to explore further joint business opportunities with Cisco.

Source http://www.thegurureview.net/aroundnet-category/ericsson-and-cisco-join-forces-in-network-partnership.html

Redmond had earlier said that Windows would block SHA-1 signed TLS (Transport Layer Security) certificates from January 1, 2017, but is now mulling moving up the date to June.

There have been concerns about the algorithm’s security as researchers have proven that a forged digital certificate that has the same SHA-1 hash as a legitimate one can be created. Users can then be tricked into interacting with a spoofed site in what is called a hash collision.

In October, a team of cryptoanalysts warned that the SHA-1 standard should be withdrawn as the cost of breaking the encryption had dropped faster than expected to US$75,000 to $120,000 in 2015 using freely available cloud computing.

Programme manager for Microsoft Edge Kyle Pflug wrote in his blog that Redmond will coordinate with other browser vendors to evaluate the impact of this timeline based on telemetry and current projections for feasibility of SHA-1 collisions.

Mozilla said in October that in view of recent attacks it was considering a cut-off of July 1, 2016 to start rejecting all SHA-1 SSL certificates, regardless of when they were issued, ahead of an earlier scheduled date of January 1, 2017.

Courtesy- http://www.thegurureview.net/computing-category/microsoft-to-block-sha-1-hashing.html

But they are being resisted by the banking industry, which sees no need to invest further in PIN technology, already used with debit cards, resulting in halting adoption and widespread confusion.

A small band of retailers with the clout to call the shots on their branded credit cards is leading the charge. Target Corp is moving ahead with a chip-and-PIN rollout, and Wal-Mart Stores Inc plans to do the same.

But Wal-Mart said it faces obstacles because its credit card partner, Synchrony Financial, is not yet able to handle PINs on credit cards. Synchrony declined comment.

Broadly, U.S. banks are unprepared or resisting the change.

The impasse comes after many consumers got their hands on new credit cards embedded with so-called EMV chips in advance of an Oct. 1 deadline that required retailers to accept chip cards or be liable for fraud losses. EMV stands for EuroPay, MasterCard and Visa.

But only about a third of merchants are actually using the chip technology, according to analyst estimates. The number may not pick up until early next year, if at all, because the retail industry typically halts upgrades during the crucial holiday shopping season.

“PIN issuance will remain a niche,” said Julie Conroy, credit-card analyst with Aite Group.

Banks favor using chip cards verified by old-school signatures, even though chip-and-PIN usage has led to lower fraud over the decade they have been used in Europe and elsewhere.

“The PIN is definitely a must,” said Lance James, chief scientist with cyber intelligence firm Flashpoint. “It’s one extra step that provides true two-factor authentication.”

But bankers say PINs provide little benefit beyond the advantage of using chips in combating the estimated $7 billion-plus in annual U.S. card fraud.

EMV chips thwart criminals who use stolen data to create counterfeit cards, a category that Aite estimates accounts for 37 percent of that fraud. Banks say that PINs only provide additional fraud protection when criminals seek to use lost or stolen cards, a situation that Aite estimates accounts for only 14 percent of fraud.

Banking groups say there are better approaches than PINs for verifying customers and have asked retailers to embrace tokenization and encryption to prevent theft of credit card numbers.

“PIN is a static data element that would not have a meaningful impact on overall payments fraud,” said Electronic Payments Coalition spokesman Sam Fabens.

Courtesy-http://www.thegurureview.net/aroundnet-category/confusion-continues-to-reign-with-u-s-chip-pin.html

The Sparc M7 chip was originally unveiled at last year’s Openworld show in San Francisco, and was touted at the time as a Heartbleed-prevention tool.

A year on, and Oracle announced the Oracle SuperCluster M7, along with Sparc T7 and M7 servers, at the show. The servers are all based on the 32-core, 256-thread M7 microprocessor, which offers Security in Silicon for better intrusion protection and encryption, and SQL in Silicon for improved database efficiency.

Along with built-in security, the SuperCluster M7 packs compute, networking and storage hardware with virtualisation, operating system and management software into one giant cloud infrastructure box.

Oracle CTO Larry Ellison was on hand at Openworld on Tuesday to explain why the notion of building security into the silicon is so important.

“We are not winning a lot of these cyber battles. We haven’t lost the war but we’re losing a lot of the battles. We have to rethink how we deliver technology especially as we deliver vast amounts of data to the cloud,” he told delegates.

Ellison said that Oracle’s approach to this cyber war is to take security as low down in the stack as possible.

“Database security is better than application security. You should always push security as low in the stack as possible. At the bottom of the stack is silicon. If all of your data in the database is encrypted, that’s better than having an application code that encrypts your data. If it’s in the database, every application that uses that database inherits that security,” he explained.

“Silicon security is better than OS security. Then every operating system that runs on that silicon inherits that security. And the last time I checked, even the best hackers have not figured out a way to download changes to your microprocessor. You can’t alter the silicon, that’s really tricky.”

Ellison’s big idea is to take software security features out of operating systems, VMs and even databases in some cases – because software can be changed – and instead push them into the silicon, which can’t be. He is also urging for security to be switched on as default, without an option to turn it back off again.

“The security features should always be on. We provide encryption in our databases but it can be switched off. That is a bad idea. There should be no way to turn off encryption. The idea of being able to turn on and off security features makes no sense,” he said.

Ellison referred back to a debate that took place at Oracle when it first came up with its backup system – should the firm have only encrypted backups. “We did a customer survey and customers said no, we don’t want to pay the performance penalty in some cases,” he recalled. “In that case customer choice is a bad idea. Maybe someone will forget to turn on encryption when it should have been turned on and you lose 10 million credit cards.”

The Sparc M7 is basically Oracle’s answer to this dire security situation. Ellison said that while the M7 has lots of software features built into the silicon, the most “charismatic” of these is Silicon Secured Memory, which is “deceptively simple” in how it works.

“Every time a computer program asks for memory, say you ask for 8MB of memory, we compute a key and assign this large number to that 8MB of memory,” he explained. “We take those bits and we lock that memory. We also assign that same number to the program. Every time the program accesses memory, we check that number to make sure it’s the memory you allocated earlier. That compare is done by the hardware.”

If a program tries to access memory belonging to another program, the hardware detects a mismatch and raises a signal, flagging up a possible breach or bug.

“We put always-on memory intrusion detection into the silicon. We’re always looking for Heartbleed and Venom-like violations. You cannot turn it off,” the CTO warned.

“We’ve also speeded up encryption and decompression, which is kind of related to encryption. It runs at memory speed there’s zero cost in doing that. We turn it on, you can’t turn it off, it’s on all the time. It’s all built into the M7.”

Ellison claimed that running M7-based systems will stop threats like Heartbleed and Venom in their tracks.

“The way Venom worked, the floppy disc driver concealed this code. It’s the worst kind of situation, you’re writing into memory you’re not supposed to. You’re writing computer instructions into the memory and you’ve just taken over the whole computer,” he explained. “You can steal and change data. M7 – the second we tried to write that code into memory that didn’t belong to that program, where the keys didn’t match, that would have been detected real-time and that access would have been foiled.

All well and good, except for the fact that nearly every current computer system doesn’t run off the M7 processor. Ellison claimed that even if only three or four percent of servers in the cloud an organisation is using have this feature, they will be protected as they’ll get the early warning to then deal with the issue across non-M7 systems.

“You don’t have to replace every micro processor, you just have to replace a few so you get the information real-time,” he added.

“You’ll see us making more chips based on security, to secure our cloud and to sell to people who want to secure their clouds or who want to have secure computers in their datacentre. Pushing security down into silicon is a very effective way to do that and get ahead of bad guys.”

SuperCluster M7 and Sparc M7 servers are available now. Pricing has not been disclosed but based on normal Oracle hardware costs, expect to dig deep to afford one.

Source-http://www.thegurureview.net/computing-category/oracles-new-m7-processor-has-security-on-silicon.html

The carrier also announced it is creating a new dedicated network core for IoT connections that can scale far beyond the ability of its existing networks with the intent to reach billions of sensors and devices.

“Continued innovation in smart cities, connected cars and wearables demonstrates that IoT is the future for how we will live and work,” said Mike Lanman, senior vice president of enterprise products at Verizon during an event held at Verizon’s San Francisco Innovation Center. He said Verizon is taking a “holistic approach” to help expand the IoT market from millions of connections to billions. The event was webcast.

Other major wireless carriers, including AT&T, are developing programs to offer a range of services to industries and cities for connecting IoT sensors to wireless networks and then to cloud services for data analysis.

At Verizon, Lanman said the company is working to lower the cost of connecting billions of existing devices that companies have used for years to Verizon’s network. Holding up a new computer chip made by Sequans Communications, an LTE chip maker, he said the chip will provide a “significant reduction in cost…that changes the game.” It will provide 4G LTE connectivity in modules connected to IoT devices to “make the wide-area network more accessible to developers.”

Also, next year Verizon will launch a new IoT core network within its LTE network to provide a “much lower cost” than with Verizon’s existing wired and wireless networks.

“The cost for an IoT module and the cost to connect will both drop dramatically,” Lanman added. “Whether you are connecting your dog or water meters and any other low-payload devices, we’ll handle it through a new IoT core.”

Source-http://www.thegurureview.net/consumer-category/verizon-launches-thingspace-for-iot-development.html

ABI has added up the numbers and divided by its shoe size and multiplied by the age of its youngest child and worked out that China’s IoT market will grow more than five times in the next five years, exceeding $41 billion by 2020.

Dan Shey, VP and IoT practice director at ABI Research said that driving China’s IoT numbers is the smart meter segment.

“It leads all other segments in both connections and revenues. In fact, by 2020, smart meter connections will exceed the next highest market segment in total connections by nearly 10 to 1.”

Other major segments driving the China IoT market are home security and automation, OEM telematics, video surveillance, home appliances, aftermarket telematics and home monitoring.
Home monitoring is expected to become an important market in China as it attempts to care for its aging population, which will reach nearly 340 million people in 2020 for citizens age 55 and older.

“Data analytics revenues will generate the most IoT revenues in China. This statistic is reflective of the sheer volume of smart meter connections,” Shey said.

This is indicative of the relative lack of revenues in both platform and professional services in the China market.

“Platform revenues are not as high due to, for example, a higher share of proprietary embedded telematics deployments, especially by domestic OEM brands. Professional services revenues are similarly not as high, not only due to fewer connections in the telematics segments, with a higher proportion of tethered solutions, but also because IT and consultancy services are not as mature a market segment as in some of the more developed world markets such as Japan, South Korea and the US,” he wrote.

Source-http://www.thegurureview.net/computing-category/is-china-the-fastest-growing-market-for-iot.html