Sign up for our Technology Newsletter 
Is Windows ‘Threshold’ Enroute?
Microsoft will unveil a preview of “Threshold,” the current code name for Windows 8′s successor, as soon as next month, according to an online report on Monday.
ZDNet’s Mary Jo Foley, citing unnamed sources, said that Microsoft will deliver a “technical preview” of Threshold late in September or early in October. Previously, Foley had reported that Microsoft would offer a preview of some kind this fall.
Threshold may be officially named “Windows 9″ by Microsoft — the company has said nothing about either the code name or labeled the next iteration of its desktop and tablet OS — although there are arguments for dumping a numerical title because of the possible association with Windows 8, which has widely been pegged as a failure.
“Technical Preview” is a moniker that Microsoft has used in the past for its Office suite. For both Office 2013 and Office 2010, Microsoft used the term to describe an invitation-only sneak peek. Both application suites were later released as public betas prior to their official launch.
Windows, however, has used a different nomenclature. For 2012′s Windows 8, Microsoft called the early looks ”Developer Preview,””Consumer Preview” and “Release Preview,” all open to everyone. The first was analogous to an alpha, the second to a beta, and the third to a done-but-not-approved release candidate.
Windows 7, however, had used the more traditional “Beta” to describe the first public preview in early 2009. The previous fall, when Microsoft unveiled Windows 7, the firm had seeded an invite-only “pre-alpha” version, also dubbed a Developer Preview, of the OS to programmers and some influential bloggers.
Within hours, the Windows 7 Developer Preview leaked to file-sharing websites. Microsoft may have changed its practices for Windows 8, letting anyone download the first preview, because of the inevitably of leaks.
In an update to her blog of earlier today, Foley added that the “Technical Preview” nameplate notwithstanding, Microsoft would allow anyone to download Threshold/Windows 9 when it becomes available in the next few weeks.
If Microsoft does ship a preview soon and sets its sights on a second-quarter 2015 final release, it will have significantly accelerated the tempo from past practice. With Windows 7 and Windows 8, Microsoft offered its first previews 12 and 13 months, respectively, and the public beta 8 or 9 months, before launching the operating system.
Eight or nine months from September would be May or June 2015; that, however, assumes that the Technical Preview is of beta quality. The name itself hints at something less.
Microsoft appears eager to put Windows 8 behind it. It has stopped beating the drum about the OS and recently announced that it would not issue any additional major updates. Instead, the firm said last week, it will include improvements or new features in small packets using the same Windows Update mechanism that regularly serves security patches.
Is Epic Turla Exploiting Windows XP?
Kaspersky Lab has discovered an espionage network that successfully attacked government institutions, intelligence agencies and European companies.
The firm has dubbed the spy operation Epic Turla, and said that it is in no doubt about its capabilities.
“Over the last 10 months, Kaspersky Lab researchers have analyzed a massive cyber-espionage operation which we call ‘Epic Turla’,” it said.
“The attackers behind Epic Turla have infected several hundred computers in more than 45 countries, including government institutions, embassies, military, education, research and pharmaceutical companies.”
Kaspersky said that Epic Turla used two zero-day exploits that affected Adobe and Microsoft software, along with some backdoor and social engineering tricks.
In particular, Kaspersky said a vulnerability in Windows XP and Windows 2003 – CVE-2013-5065 – termed a “privilege escalation vulnerability” is being used. “The CVE-2013-5065 exploit allows the backdoor to achieve administrator privileges on the system and run unrestricted. This exploit only works on unpatched Microsoft Windows XP systems.”
The use of this Windows XP flaw underlines the risk that the unsupported Windows XP OS poses. Kaspersky went on to explain that, once inside, attackers install their own rootkits and other malware tools and begin their surveillance.
“Once the attackers obtain the necessary credentials without the victim noticing, they deploy the rootkit and other extreme persistence mechanisms,” it said. “The attacks are still ongoing as of July 2014, actively targeting users in Europe and the Middle East.”
The attacks are just the latest in a long line of incidents that businesses need to be aware of as cyber attacks continue at an alarming rate.
In June the security firm Crowdstrike alerted the industry to Putter Panda, a cute-sounding but nasty piece of malware. That firm pointed an accusatory finger at China and charged it with espionage on the US and Europe.
Crowdstrike CEO George Kurtz said at the time, “China’s decade-long economic espionage campaign is massive and unrelenting. Through widespread espionage campaigns, Chinese threat actors are targeting companies and governments in every part of the globe.” Chinese authorities disputed this.
The report comes in the same week Hold Security reported uncovering a huge trove of 1.2 billion web passwords and login details that have been gathered by Russian cyber criminals.
Is Snapdragon A Security Flaw?
Security researcher Dan Rosenberg has told a Black Hat conference how it is possible to permanently unlock the bootloader on Android phones – provided they use a Qualcomm Snapdragon chip.
Rosenberg said that the flaw is in ARM’s TrustZone technology, which runs a trusted operating system and another for normal apps. This is supposed to improve device security, but in Qualcomm’s implementation, they cocked it up. It means that if a hacker gets access to the trusted operation part of the chip, it can run whatever application he or she likes.
This affects all known Android devices with a Qualcomm Snapdragon SoC, including the Nexus 5, the HTC One, and Samsung’s Galaxy Note 3, as well as the Moto X. The Samsung Galaxy S5 and the HTC One M8 have already been patched.
OpenSuse Goes Rolling
OpenSuse, the free Linux distribution forked from Suse Linux Professional and the basis for Suse Linux Enterprise, is switching to a rolling release model.
The development change will see daily builds released to keep the distribution at the cutting edge of development.
Announced by the Opensuse Project on Wednesday, the rolling release model for the development version of Opensuse, which is called Factory, will shorten the stabilisation process for releases and eliminate the need for pre-release or “milestone” builds, the project said.
Opensuse board chairman Richard Brown said that the project team was hopeful that the move would lead to more users of the software and more contributors to the code, which would have a knock-on effect on quality.
“With a daily fresh Factory distribution making it easier for those who want to preview and test, we hope to see more users and contributors, leading to faster fixes and even higher quality. Factory is critical as it provides the base technology for Opensuse and Suse Linux Enterprise, which is used by tens of thousands of organisations around the world,” he said.
The new development model balances responsibility among packagers, testers and end users while putting more emphasis on automated quality assurance. As a result, Opensuse Factory is no longer just the development branch of Opensuse but becomes a reliable, always-ready working distribution, according to the project.
The move also means that Opensuse is following a similar development model to Fedora, the cutting-edge Linux distribution sponsored by Red Hat that Red Hat Enterprise Linux (RHEL) is based upon.
More information on Opensuse Factory can be found on the project’s online portal. However, at the time of writing this was still showing a notice warning that the Factory repository is not guaranteed to be fully stable, and advising users to download the current release build.
An Opensuse spokesperson told stated that this is because the Factory build is primarily for developers and those keen to see the latest developments, and is not recommended for production environments.
HP Increases SlateBook Pricing
Hewlett-Packard’s SlateBook 14 laptop with Google’s Android OS has started shipping on schedule, but it’s priced at $429, which is $30 more than the company had said it would cost.
The laptop, which has a 14-inch screen and Android 4.3, was announced in June. At the time, HP said it would be priced at $399.
It is available on HP’s website.
The SlateBook 14 was introduced after customers told HP they wanted laptops with Android. The laptop has an interface similar to that on Android tablets and can adjust mobile apps to run on the larger touchscreen. Users will also be able to sync laptop data with mobile devices and vice versa.
The laptop is also for those who rely on the Web for most of their computing, much like Chromebooks. It has a few advantages over Chromebooks, with support for key Android apps such as Skype. Android also boasts better wireless printing support than Chromebooks.
The laptop weighs 1.68 kilograms and offers nine hours of battery life, according to specifications on HP’s website.
It has a quad-core Tegra 4 processor, 2GB of DRAM and 16GB of storage. Connectivity features include 802.11b/g/n Wi-Fi and Bluetooth 4.0. It also has a webcam, USB 3.0 port and a micro-SD slot for expandable storage.
It could be a strong multimedia laptop with a 1920 x 1080 pixel screen and an integrated graphics processor that can handle 4K video. TVs can be connected to the laptop through an HDMI port.
Apple-IBM Alliance Downplayed
August 4, 2014 by admin
Filed under Around The Net
Comments Off on Apple-IBM Alliance Downplayed
IBM Corp’s recent move to team up with Apple Inc to sell iPhones and iPads loaded with corporate applications has excited investors in both companies, but two rivals say they are unfazed for now.
Top executives at Dell and BlackBerry Ltd scoffed at the threat posed by the alliance, arguing the tie-up is unlikely to derail the efforts of their own companies to re-invent themselves.
“I do not think that we take the Apple-IBM tie-up terribly seriously. I think it just made a good press release,” John Swainson, who heads Dell’s global software business, said in an interview with Reuters in Toronto last week.
PC maker Dell and smartphone maker BlackBerry are in the midst of reshaping their companies around software and services, as the needs of their big corporate clients morph.
Swainson, who spent over two decades in senior roles at IBM, said, “I have some trouble understanding how IBM reps are going to really help Apple very much in terms of introducing devices into their accounts. I mean candidly, they weren’t very good at doing it when it was IBM-logoed products, so I do not get how introducing Apple-logoed stuff is going to be much better.”
While conceding that Apple products hold more allure, Swainson said they lack the depth of security features that many large business clients like banks covet.
IBM and Apple could not immediately be reached for comment.
BlackBerry Chief Executive John Chen similarly downplayed the threat of the alliance in an interview with the Financial Times, likening the tie-up to when “two elephants start dancing.”
Can Lenovo Succeed With Tablets?
July 31, 2014 by admin
Filed under Consumer Electronics
Comments Off on Can Lenovo Succeed With Tablets?
Lenovo on Friday said it would continue selling sub-10-in. Windows tablets in the U.S., backing away from statements it made the day before, when it said it was pulling the ThinkPad 8 from the North American market and had discontinued offering a model of the Miix 2.
“We will continue to bring new Windows devices to market across different screen sizes, including a new 8-inch tablet and 10-inch tablet coming this holiday,” Lenovo said in a press release published on its website Friday.
“Our model mix changes as per customer demand, and although we are no longer selling ThinkPad 8 in the U.S., and we have sold out of Miix 8-inch, we are not getting out of the small-screen Windows tablet business as was reported by the media (emphasis in original),” the statement continued.
On Thursday, the IDG News Service — like Computerworld, owned and operated by IDG – reported the withdrawal of the ThinkPad 8 and the 8-in. Miix from the U.S. market. The ThinkPad 8 had debuted in January at prices starting at $449, and the similarly-sized Miix had launched in October 2013.
Lenovo told IDG News that it was diverting remaining stocks of the ThinkPad 8 to other countries, including Brazil, China, and Japan, where demand was stronger for smaller Windows 8.1-powered tablets.
The China-based company, which has made impressive gains in the global market — it was the world’s largest personal computer seller during the second quarter, ahead of Hewlett-Packard and Dell, according to IDC — did not say exactly when it would return with an 8-in. device. If it begins selling the unnamed device in October, typical of OEMs that seed the channel then for the holiday sales season, it will have been absent from the market for two or more months.
Is China Spying?
Security experts claim that a Chinese manufacturer has been installing malware in its hand-held scanners that steals supply chain data.
TrapX says infected scanners made by an unnamed Chinese manufacturer located in Shandong province have been sold to eight unnamed firms including a large robotics company. The manufacturer denied knowledge that its scanners and website-hosted software were infected.
Sixteen of the 48 scanners deployed at one firm were infected, TrapX found. They all successfully sought out and compromised host names containing the word finance and siphoning off the logistical and financial data. The report Anatomy of the Attack: Zombie Zero said:
“Exfiltration of all financial data and ERP data was achieved, providing the attacker complete situational awareness and visibility into the logistic/shipping company’s worldwide operations,”.
TrapX suspected the attacks dubbed Zombie Zero were backed by the Chinese government and were a bid to gain intelligence on either logistics firms or their customers.
Is Malware Wreaking Havoc On XP?
One of the top three malware programs affecting businesses in the second quarter is a worm that takes advantage of the large number of companies still using Windows XP, Trend Micro has warned.
The worm, dubbed DOWNAD, also known as Conficker, can infect an entire network via a malicious URL, spam email, or removable drive. Windows XP is particularly susceptible to this threat because it is known to exploit the MS08-067 Server service vulnerability in order to execute arbitrary code.
DOWNAD also has its own domain generation algorithm (DGA) that allows it to create randomly-generated URLs. It then connects to these created URLs to download files to the system. Trend Micro said that around 175 IP addresses are found to be related to the DOWNAD worm and that these IP addresses use various ports and are randomly generated via the DGA capability of DOWNAD.
“During our monitoring of the spam landscape, we observed that in Q2, more than 40 percent of malware related spam mails are delivered by machines infected by DOWNAD worm,” said Trend Micro anti-spam research engineer Maria Manly in a blog post.
“A number of machines are still infected by this threat and leveraged to send the spammed messages to further increase the number of infected systems. And with Microsoft ending the support for Windows XP this year, we can expect that systems with this OS can be infected by threats like DOWNAD.”
The security company warned that spam campaigns delivering FAREIT, MYTOB, and LOVGATE payloads in email attachments are attributed to DOWNAD infected machines. FAREIT is a malware family of information stealers that download variants of the Zeus Trojan, while MYTOB is an old family of worms known for sending a copy of itself in spam attachments.
The other top sources of spam with malware are the CUTWAIL botnet, together with Gameover ZeuS (GoZ). Manly said CUTWAIL was actually previously used to download GoZ malware but now a malware called UPATRE employs GoZ malware or variants of ZBOT which have peer-to-peer functionality.
“In the last few weeks we have reported various spam runs that abused Dropbox links to host malware like UPATRE,” Manly said. “We also spotted a spammed message in the guise of voice mail that contains a Cryptolocker variant. The latest we have seen is a spam campaign with links that leveraged CUBBY, a file storage service, this time carrying a banking malware detected as TSPY_BANKER.WSTA.”
According to Manly, cybercriminals and threat actors are probably abusing file storage platforms to mask their malicious activities and go undetected in the system and network.
“As spam with malware attachment continues to proliferate, so is spam with links carrying malicious files. The continuous abuse of file hosting services to spread malware appears to have become a favoured infection vector of cyber criminals most likely because this makes it more effective given that the URLs are legitimate thereby increasing the chance of bypassing anti-spam filters,” she added.
Microsoft’s Killswitch Incoming
July 1, 2014 by admin
Filed under Smartphones
Comments Off on Microsoft’s Killswitch Incoming
Responding to mounting pressure, Google and Microsoft will follow Apple in adding an anti-theft “kill switch” to their smartphone operating systems.
The commitment comes at a time when new data shows a dramatic drop in theft of Apple iPhones and iPads after the September 2013 introduction of iOS 7, which included a kill-switch function that allows stolen devices to be remotely locked and deleted so they become useless.
In New York, iPhone theft was down 19 percent in the first five months of this year, which is almost double the 10 percent drop in overall robberies seen in the city. Over the same period, thefts of Samsung devices — which did not include a kill switch until one was introduced on Verizon-only models in April — rose by over 40 percent.
In San Francisco, robberies of iPhones were 38 percent lower in the six months after the iOS 7 introduction versus the six months before, while in London thefts over the same period were down by 24 percent. In both cities, robberies of Samsung devices increased.
“These statistics validate what we always knew to be true, that a technological solution has the potential to end the victimization of wireless consumers everywhere,” San Francisco District Attorney George Gascon told IDG News Service.
Gascon and New York State Attorney General Eric Schneiderman have been leading a push to get smartphone vendors and telecom carriers to include kill switches in their products as a way to curb phone theft.
The joint work had early success with Apple but other carriers and phone makers dragged their feet. However, resistance to the idea appears to be dropping as several bills that mandate kill switches make their way through state legislatures and the U.S. Congress.
The bills demand a function that would enable a phone owner to remotely delete and disable a phone if stolen. The function could be disabled by consumers before a theft takes place if desired, but crucially new handsets would be supplied with it switched on by default.