Techies Demand More Money

Employers may need to loosen their purse strings to retain their IT staffers in 2014, according to a salary survey from IT career websiteDice.com.

Among the tech workers who anticipate changing employers in 2014, 68 percent listed more compensation as their reason for leaving. Other factors include improved working conditions (48 percent), more responsibility (35 percent) and the possibility of losing their job (20 percent). The poll, conducted online between Oct. 14 and Nov. 29 last year, surveyed 17,236 tech professionals.

Fifty-four percent of the workers polled weren’t content with their compensation. This figure is down from 2012′s survey, when 57 percent of respondents were displeased with their pay.

The decrease in salary satisfaction could mean companies will face IT staff retention challenges this year, since 65 percent of respondents said they’re confident they can find a new, better position in 2014.

This dissatisfaction over pay comes even though the survey, released Wednesday, showed that the average tech salary rose 2.6 percent in 2013 to US$87,811 and that more companies gave merit raises. The main reason for last year’s bump in pay, according to 45 percent of respondents, was a merit raise. In comparison, the average tech salary was $85,619 in 2012 and 40 percent of those polled said they received a merit raise.

Meanwhile, 26 percent of respondents attributed their 2013 salary increase to taking a higher-paying job at another company.

Employers realize tech talent is coveted and are attempting to keep workers satisfied by offering them a variety of incentives, the survey found. In 2013, 66 percent of employers provided incentives to retain workers. The two most popular incentives were increased compensation and more interesting work. Incentives that allow employees to better balance their work and personal lives were also offered, such as telecommuting and a flexible work schedule.

Skills that commanded six-figure jobs in 2013 came from some of the hottest areas of IT. Data science led the way with big data backgrounds yielding some of the highest salaries. People skilled in Knowing R, the popular statistical computing language, can expect to make $115,531 on average, while those with NoSQL database development skills command an average salary of $114,796. IT pros skilled in MapReduce to process large data sets make $114,396 on average.

Source

Amazon, Microsoft Cut Cloud Storage Prices

Last April, Microsoft agreed that it would match Amazon’s Web Services’ (AWS’) prices for compute, storage and bandwidth.

So when Amazon announced last Thursday  that it would cut its S3 (Simple Storage Service) and Elastic Block Store (EBS) prices by up to 22%, Microsoft followed suit the very next day.

“We are matching AWS’ lowest prices (US East Region) for S3 and EBS, reducing prices by up to 20% and making the lower prices available in all regions worldwide,” Microsoft posted in its official blog.

For Microsoft’s “Locally Redundant Disks/Page Blobs Storage,” the company is reducing prices by up to 28%. It is also reducing the price of Azure Storage service by 50%.

Amazon’s new prices take effect Feb. 1. Microsoft’s price cuts begin March 13.

“We’re also making the new prices effective worldwide, which means that Azure storage will be less expensive than AWS in many regions,” Microsoft said.

Amazon said it dropped its prices for its S3 storage by 22% and its EBS standard volume storage and I/O operations by up to 50%.

Source

Can Android Fight Cyber Threats With A.I.?

A security firm called Zimperium has launched mobile software that learns from smartphones to fend off malicious cyber attacks.

Claiming to be the first security software to be powered by artificial intelligence (AI), the app is called zIPS, with the “IPS” standing for “intrusion prevention system”. The aim of the AI is to better spot malware before it causes harm or spreads to other devices.

The zIPS software works whether the smartphone is offline or online and can protect against malicious apps, such as those that can self-modify, and network attacks like a “man in the middle” attack where a hacker intercepts data being sent between one user and another.

“With zIPS, corporations will now have the opportunity to use [bring your own device] as an advantage to their security. zIPS is the first security solution that can combat modern cyber-attacks on mobile,” said Zimperium’s founder and CEO Zuk Avraham. “There is already evidence of attacks that are happening to infiltrate organisations, which only zIPS can prevent.”

Prior to working on the Android app, Avraham worked as a security researcher for the Israeli Defense Forces and Samsung electronics before setting up Zimperium in response to what he thinks is a poor selection of good mobile security software.

According to MIT Technology Review, Zimperium said that there have as yet been no programs that can detect, notify and protect against cyber attacks deployed through mobile devices.

The zIPS Android app has arrived in the Google Play store for all Android devices at a time when malware on Android is at an all time high.

Last year, Trend Micro warned that Google’s Android mobile operating system is so beset by cyber criminals creating malicious apps that the malware was on track to hit the million mark before the end of 2013.

The firm said that this was attributable to hackers seeking to exploit Android’s growing global user base.

Source

Was Dropbox Really Hacked?

Dropbox suffered a major outage over the weekend.

In one of the more bizarre recent incidents, after the service went down on Friday evening a group of hackers claimed to have infiltrated the service and compromised its servers.

However, on the Dropbox blog, Dropbox VP of engineering Ardita Ardwarl told users that hackers were not to blame.

Ardwari said, “On Friday evening we began a routine server upgrade. Unfortunately, a bug installed this upgrade on several active servers, which brought down the entire service. Your files were always safe, and despite some reports, no hacking or DDOS attack was involved.”

The fault occurred when a bug in an upgrade script caused an operating system upgrade to be triggered on several live machines, rendering them inoperative. Although the fault was rectified in three hours, the knock-on effects led to problems that lasted through the weekend for some users.

Dropbox has assured users that there are no further problems and that all users should now be back online. It said that at no point were files in danger, adding that the affected machines didn’t host any user data. In other words, the “hackers” weren’t hackers at all, but attention seeking trolls.

Dropbox claims to have over 200 million users, many of which it has acquired through strategic partnerships with device manufacturers offering free storage with purchases.

Source

The company is looking forward to an initial public offering (IPO) on the stock market, so the timing of such a major outage could not be worse. Dropbox, which includes Bono and The Edge from U2 amongst its investors, has recently enhanced its business offering to appeal to enterprise clients, and such a loss of uptime could affect its ability to attract customers.

Did A Hacker OD?

Top hacker Barnaby Jack died from mixing too many drugs in one session, a coroner’s report shows. Kiwi-born Jack was supposed to give a talk at a security conference when he was found dead in his bed.

Conspiracy nuts raised an eyebrow or two when it was revealed that Jack’s death occurred shortly before he was due to demonstrate how heart implants could be hacked at the Black Hat security conference in Las Vegas. He did not have a mark on him and showed no signs of trauma. However, now a coroner’s report has shown that Jack had a mix of heroin, cocaine and prescription drugs in his system. And he died of “acute mixed drug intoxication.”

Jack rose to fame after a 2010 demonstration, in which he hacked a cash machine, making it give out money. Jack’s girlfriend had found him lying in bed unresponsive, with “multiple bottles of beer and champagne” in the rubbish bin, so it must have been a hell of a night.

Source

NSA Developing System To Crack Encryption

The U.S. National Security Agency is working to develop a computer that could ultimately break most encryption programs, whether they are used to protect other nations’ spying programs or consumers’ bank accounts, according to a report by the Washington Post.

The report, which the newspaper said was based on documents leaked by former NSA contractor Edward Snowden, comes amid continuing controversy over the spy agency’s program to collect the phone records Internet communications of private citizens.

In its report, The Washington Post said that the NSA is trying to develop a so-called “quantum computer” that could be used to break encryption codes used to cloak sensitive information.

Such a computer, which would be able to perform several calculations at once instead of in a single stream, could take years to develop, the newspaper said. In addition to being able to break through the cloaks meant to protect private data, such a computer would have implications for such fields as medicine, the newspaper reported.

The research is part of a $79.7 million research program called “Penetrating Hard Targets,” the newspaper said. Other, non-governmental researchers are also trying to develop quantum computers, and it is not clear whether the NSA program lags the private efforts or is ahead of them.

Snowden, living in Russia with temporary asylum, last year leaked documents he collected while working for the NSA. The United States has charged him with espionage, and more charges could follow.

His disclosures have sparked a debate over how much leeway to give the U.S. government in gathering information to protect Americans from terrorism, and have prompted numerous lawsuits.

Last week, a federal judge ruled that the NSA’s collection of phone call records is lawful, while another judge earlier in December questioned the program’s constitutionality. The issue is now more likely to move before the U.S. Supreme Court.

On Thursday, the editorial board of the New York Times said that the U.S. government should grant Snowden clemency or a plea bargain, given the public value of revelations over the National Security Agency’s vast spying programs.

Source

Some ATMs Still On XP

Cyber-criminals have been cutting holes into European cash machines in order to infect them with malware.

The holes were cut so that the hackers could plug in USB drives that installed their code onto the ATMs. Details of the attacks on an unnamed European bank’s cash dispensers were presented at the hacker-themed Chaos Computing Congress in Hamburg, Germany.

The thefts came to light in July after the lender involved noticed several its ATMs were being emptied. The bank discovered the criminals were vandalising the machines to use the infected USB sticks. Once the malware had been transferred, they patched the holes up. This allowed the same machines to be targeted several times without the hack being discovered.

The attackers could take the highest value banknotes in order to minimise the amount of time they were exposed. Interestingly the software required the thief to enter a second code in response to numbers shown on the ATM’s screen before they could release the money and the thief could only obtain the right code by phoning another gang member and telling them the numbers displayed. This stopped the criminals going alone.

Source

Will Businesses Accept The Chromebook?

Sales of Chromebooks enjoyed rapid growth,going from basically nothing in 2012 to more than 20 percent of the U.S. commercial PC market, analyst firm NPD reported, while Windows PCs and Macs remained flat at best.

NPD estimated that, throughout all of 2013, 14.4 million desktops, notebooks, and tablets were sold through U.S. commercial channels, typically resellers. That compares to 16.4 million PCs, overall, sold in the U.S. during the third quarter alone–excluding tablets, according to IDC. All told, about 46.2 million PCs have been sold in the U.S. during 2013, IDC found.

Within that segment, however, NPD reported some intriguing findings. Chromebooks, once largely the province of Acer and Samsung, have been embraced by Dell, HP, and others–not the least of which are paying customers. In 2012, Chromebook sales were “negligible,” NPD reported. But in the space of a single year, they climbed to 21 percent, NPD found, helping push overall notebook PC growth up by 28.9 percent.

Windows notebooks, however, contributed nothing to that, as NPD found that growth was flat. Worse still, Macs actually declined, with combined sales of desktops and notebooks falling by 7 percent. Windows tablet sales tripled, albeit off what NPD called “a very small base”.

The message? Businesses are turning to the Web, which Chromebooks almost exclusively run. And those low-cost, Net-focused devices are becoming engines of productivity. As a result, they’re receiving validation from traditional PC vendors including Acer, Asus, Dell, and Hewlett-Packard, plus Google’s own Pixel.

“The market for personal computing devices in commercial markets continues to shift and change,” saidA Stephen Baker, vice president of industry analysis at NPD, in a statement.A “New products like Chromebooks, and reimagined items like Windows tablets, are now supplementing the revitalization that iPads started in personal computing devices. It is no accident that we are seeing the fruits of this change in the commercial markets as business and institutional buyers exploit the flexibility inherent in the new range of choices now open to them.”

Naturally, tablet sales continued to explode, capturing 22 percent(or about 3.16 million units) of all the computing device sales sold through the U.S. channel. Of all tablets sold commercially, iPads dominated with 59 percent of all unit sales, leaving the rest to Android (which grew more than 160 percent) and Windows.

Baker said that diversity will be key to the future success of hardware makers, a signpost for what vendors might release at 2014 and the weeks and months following.

Source

Is The Tech Industry Going Independent?

The tech industry is undergoing a shift toward a more independent, contingent IT workforce. And while that trend might not be cause for alarm for retiring baby boomer IT professionals, it could mean younger and mid-career workers need to prepare to make a living solo.

About 18% of all IT workers today are self-employed, according to an analysis by Emergent Research, a firm focused on small businesses trends. This independent IT workforce is growing at the rate of about 7% per year, which is faster than the overall growth rate for independent workers generally, at 5.5%.

The definition of independent workers covers people who work at least 15 hours a week.

Steve King, a partner at Emergent, said the growth in independent workers is being driven by companies that want to stay ahead of change, and can bring in workers with the right skills. “In today’s world, change is happening so quickly that everyone is trying to figure out how to be more flexible and agile, cut fixed costs and move to variable costs,” said King. “Unfortunately, people are viewed as a fixed cost.”

King worked with MBO Partners to produce a recent study that estimated the entire independent worker headcount in the U.S., for all occupations, at 17.7 million. They also estimate that around one million of them are IT professionals.

A separate analysis by research firm Computer Economics finds a similar trend. Over the last two years, there has been a spike in the use of contract labor among large IT organizations — firms with IT operational budgets of more than $20 million, according to John Longwell, vice president of research at Computer Economics.

This year, contract workers make up 15% of a typical large organization’s IT staff at the median. This is up from a median of just 6% in 2011, said Longwell. The last time there was a similar increase in contract workers was in 1998, during the dot.com boom and the run-up to Y2K remediation efforts. Computer Economics recently published a research brief on the topic.

“The difference now is that use of contract or temporary workers is not being driven by a boom, but rather by a reluctance to hire permanent workers as the economy improves,” Longwell said.

Computer Economics expects large IT organizations to step up hiring in 2014, which may cause the percentage of contract workers to decline back to a more normal 10% level. But, Longwell cautioned, it’s not clear whether that new hiring will be involve full-time employees or even more contract labor.

Source

Cryptolocker Infects 250K Systems

DELL’s security research team has revealed that a new form of ransomware, dubbed “Cryptolocker” has managed to infect up to 250,000 devices, stealing almost a million dollars in Bitcoins.

“Based on the presented evidence, researchers estimate that 200,000 to 250,000 systems were infected globally in the first 100 days of the CryptoLocker threat,” Dell announced in a Secureworks post.

The firm worked out that if the Cryptolocker ransomware threat actors had sold its 1,216 total Bitcoins (BTC) that they collected from September this year, immediately upon receiving them, they would have earned nearly $380,000.

“If they elected to hold these ransoms, they would be worth nearly $980,000 as of this publication based on the current weighted price of $804/BTC,” Dell said.

Cryptolocker is unique when compared against your average ransomware. Instead of using a custom cryptographic implementation like many other malware families, Cryptolocker uses third-party certified cryptography offered by Microsoft’s CryptoAPI.

“By using a sound implementation and following best practices, the malware authors have created a robust program that is difficult to circumvent,” Dell said.

Conventionally, ransomware prevents victims from using their computers normally and uses social engineering to convince them that failing to follow the malware authors’ instructions will lead to real-world consequences. These consequences, such as owing a fine or facing arrest and prosecution, are presented as being the result of a fabricated indiscretion such as pirating music or downloading illegal pornography.

“Victims of traditional forms of ransomware could ignore the demands and use security software to unlock the system and remove the offending malware,” Dell explained. “Cryptolocker changes this dynamic by aggressively encrypting files on the victim’s system and returning control of the files to the victim only after the ransom is paid.”

Dell said that the earliest samples of Cryptolocker appear to have been released on 5 September this year. However, details about its initial distribution phase are unclear.

“It appears the samples were downloaded from a compromised website located in the United States, either by a version of Cryptolocker that has not been analysed as of this publication, or by a custom downloader created by the same authors,” Dell added.

Dell seems to think that early versions of Cryptolocker were distributed through spam emails targeting business professionals as opposed to home internet users, with the lure often being a ‘consumer complaint’ against the email recipient or their organisation.

Attached to these emails would be a ZIP archive with a random alphabetical filename containing 13 to 17 characters, containing a single executable with the same filename as the ZIP archive but with an EXE extension, so keep your eye out for emails that fit this description.

Source

« Previous Page — Next Page »