Is The Internet Secure?

Hacker blogger Quinn Norton is getting a lot of coverage with her blog claiming that the Internet is broken. She argues that every computer and every piece of software we use is vulnerable to hackers because of terrible security flaws. Norton blames these flaws on the fact that developers who face immense pressure to ship software quickly.

Norton says that those bugs may have been there for years unnoticed, leaving systems susceptible to attacks. One of her hacker mates accidentally took control of more than 50,000 computers in four hours after finding a security vulnerability. Another one of her colleagues accidentally shut down a factory for a day after sending a “malformed ping.”

She said that the NSA wasn’t, and isn’t, the great predator of the internet, it’s just the biggest scavenger around. It isn’t doing so well because they are all powerful math wizards of doom. The other problem is software is too complicated and the emphasis placed on security too light.

“The number of people whose job it is to make software secure can practically fit in a large bar, and I’ve watched them drink. It’s not comforting. It isn’t a matter of if you get owned, only a matter of when,” Norton said.

Source

Cisco To Launch Smart City

Officials from networking giant Cisco Systems and Kansas City, Mo., have signed a letter of intent to build out a new network for smart city services.

Elements of the project call for designing mobile apps for citizen access, digital interactive kiosks, smart street lights and video surveillance in an area called the city’s innovation district.

The project is designed to complement the city’s build out of a two-mile downtown streetcar path, Cisco said in a statement.

Kansas City, Mo. and its neighbor, Kansas City, Kans., are already getting plenty of outside attention from tech giant Google, which picked the area for its first deployment of Google Fiber, an initiative to install fiber optic cable there and in other cities.

Google won’t say how many households are connected to Google Fiber in the area, but it has already installed 6,000 miles of fiber optic cable. Meanwhile, cable provider Time Warner has provisioned 11,000 Wi-Fi hotspots for its Internet customers to use from mobile devices in various Kansas City area locales, including the popular eight-block restaurant and bar district on the edge of downtown called the Power & Light District.

While some citizen groups have been concerned that Google Fiber isn’t reaching enough low-income families in the area with gigabit fiber, there’s a general recognition by city officials that people of all income levels use smartphones and other wireless devices fairly widely. That can only help the Cisco initiative with Kansas City for wireless services.

Kansas City, Mo. Mayor Sly James said the initiative with Cisco promises to connect city services and information with visitors and residents “like never before.”

Third-party app developers will also have an opportunity to build unique and innovative apps for public use.

Cisco will use its Smart+Connected Communities reference architectures to evaluate the initiative and will work with the city and a business consultancy called Think Big Partners to manage a “living lab” incubator for the tech startup community.

Wim Elfrink, Cisco’s executive vice president of industry solutions, credited city leaders with leading the “charge on innovation in the Midwest.”

Source

PoS Cyber Attacks Up In 2013

A third of data intrusion investigated by security firm Trustwave last year involved compromises of point-of-sale (POS) systems and over half of all intrusions targeted payment card data.

Even though POS systems remained a significant target for attackers, as suggested by several high-profile data breaches disclosed by large retailers over the past six months, the largest number of data theft incidents last year actually involved e-commerce sites, Trustwave said Wednesday in a report that compiled data from 691 data breach investigations conducted by the company around the world.

E-commerce intrusions accounted for 54 percent of investigated data breaches and POS system intrusions accounted for 33 percent, Trustwave said. A separate report published by Verizon in April also pointed to Web application and PoS attacks as leading causes of security incidents with confirmed data disclosure last year.

According to Trustwave, over half of intrusions targeted payment-card data, with such data being stolen from e-commerce transactions in 36 percent of incidents and from POS transactions in 19 percent of attacks.

In Western Europe in particular, where countries have rolled out EMV — chip-and-PIN payment card transactions — cybercriminals shifted their focus from POS devices to e-commerce platforms, said John Yeo, EMEA Director at Trustwave. “EMV has changed the pattern of compromises when it comes to payment-card-specific data.”

However, a significant increase in the theft of sensitive, non-payment-card data, was also observed last year. This data includes financial credentials, personally identifiable information, merchant ID numbers and internal company communications, and was stolen in 45 percent of incidents, Trustwave said in the report.

Customer records containing personally identifiable information can possibly be used to perpetrate identity fraud and are sought after on the black market, so that’s why there’s been an uptick in attacks focusing on such data, Yeo said.

Only about a third of victim companies were able to self-detect data breaches, Trustwave found. In 58 percent of cases, breaches were identified by regulatory bodies, the credit card companies or merchant banks.

Source

Is IBM Going After HP?

IBM has announced a unified branding for its commerce cloud based enterprise products and services with a presentation at the Smarter Commerce Global Summit in Tampa, Florida.

Hot on the heels of HP, which unified its cloud offerings under the Helion brand last week, IBM Experienceone is designed to allow companies to improve engagement with their customers by leveraging big data through the cloud.

Deployment comes from a unified offer of consulting services, software and infrastructure from IBM subsidary Softlayer, which can be used to gather data, mine analytics and improve customer commerce via a mixture of traditional and cloud services.

IBM has already committed 1,000 new employees for its IBM Interactive Experience who will staff 10 “IBM Interactive Experience Labs” that are being set up to help customers understand the rules of engagement and hopefully increase their level of customer engagement.

IBM GM of Industry Cloud Solution Craig Hayman said, “IBM Experienceone provides a secure and simplified portfolio – including innovation from more than 1,200 partners – to help clients design and deliver more valuable customer engagements. With cloud, on premise and hybrid options, IBM Experienceone quickly scales to engage every customer in the moment while protecting their privacy.”

The IBM Experienceone brand is a coming together of many acquisitions that IBM has made in the field over recent years, including Sterling Commerce, Tealeaf, Coremetrics, Unica, Demandtec, Xtify and Silverpop. The only obvious omission from the top to tail offer is a specific CRM database, however IBM Experienceone is compatible with most of the leading solutions, including those of its arch rivals. This leads to the question, could a CRM be next on the company’s shopping list?

As well as on desktop and server equipment, Experienceone analytics will also be available through apps for iOS and Android.

Source

Will IBM Realize Growth In 2015?

International Business Machines Corp said it is projecting growth in its hardware sector next year as the company invests in research and development and abandons low-performing ventures.

The comments come less than one month after the world’s largest technology service company reported its lowest quarterly revenue in five years, weighed by sluggish global demand for its hardware, which plunged 23 percent in the first quarter of 2014.

The company added that growth in Latin America, the Middle East and Africa remain strong, and blamed falling revenue in China on government reforms affecting state-owned clients, and on the country’s hardware-heavy portfolio.

“We move on and we spread ourselves out, more industries, more clients, cloud, data, et cetera, around there,” said IBM Chief Executive Ginni Rometty at an investor briefing on Wednesday.

Chief Financial Officer Martin Schroeter said to stabilize the hardware sector IBM would continue to “refresh” hardware and further invest in research and development.

“Quite frankly, we are seeing very good growth out of software, good growth out of services, but challenges in hardware,” said Schroeter. “We will stabilize that hardware base and I am comfortable we will make that happen in 2014,” he said.

He reiterated the company’s EPS target for 2015 of at least $20. He expects a shift to higher-value business to bring in $3.25 and share repurchases to add $2 in earnings per share by 2015.

Source

HP’s Z-station Goes Nvidia

HP has added its Z Workstation family with a solution that delivers access via a virtual desktop route to workstation applications hosted in the data center.

Set to be available from next month, the HP DL380z Virtual Workstation enables organisations to provide remote access to workstation-class applications, even those calling for heavy-duty graphics, which allows them to keep data stored securely in the data centre wherever employees might be based.

As its name suggests, the HP DL380z is based on the same hardware as HP’s ProLiant DL380p server, a 2U rack-mount two-socket system based on Intel’s Xeon E5-2600 processors, which allows it to slot right into existing data centre infrastructure.

Where the HP DL380z differs is that it can be configured with up to two Nvidia Grid K2 graphics cards supporting the graphics firm’s Grid GPU virtualisation technology. This enables up to eight users to be hosted on each system, each with access to a virtual machine with GPU acceleration capabilities.

Jeff Groudan, worldwide director for HP Thin Client and Virtual Workstations, said, “For employees who work from A to B and everywhere in between, the HP DL380z allows them to access data that is securely stored in the data centre. Furthermore, the powerful HP DL380z is an always-on workhorse that can be used by businesses when not in use for virtual workstation sessions.

Remote access is delivered either by operating Citrix’s XenServer with its HDX 3D Pro technology, which the HP DL380z is certified for, or by utilising HP’s own Remote Graphics Software (RGS). The latest HP RGS release 7 adds the ability to have true workstation productivity from a tablet while bringing intuitive touch controls to non-touch applications, according to HP.

Either way, customers can provide engineers or other professional users with access to workstation-class applications from a variety of devices, including thin clients, laptops or tablets.

Pricing for the HP DL380z has yet to be confirmed.

Source

Samsung Makes Changes In Mobile

Samsung Electronics Co Ltd, the world’s biggest mobile phone manufacturer, has replaced the head of its mobile design team amid criticism of the latest Galaxy S smartphone.

Chang Dong-hoon offered to resign last week and will be replaced by Lee Min-hyouk, vice president for mobile design, a Samsung spokeswoman said on Thursday.

“The realignment will enable Chang to focus more on his role as head of the Design Strategy Team, the company’s corporate design center which is responsible for long-term design strategy across all of Samsung’s businesses, including Mobile Communications,” Samsung said in a statement.

Lee, 42, became Samsung’s youngest senior executive in 2010 for his role in designing the Galaxy series, a roaring success which unseated Apple Inc’s iPhone as king of the global smartphone market.

Samsung now sells two times more smartphones than Apple, largely thanks to the success of Galaxy range.

But the South Korean firm has also been battling patent litigation the world over, with Apple claiming Samsung copied the look and feel of the U.S. firm’s mobile products.

The Galaxy S5, which debuted globally last month, has received a lukewarm response from consumers due to its lack of eye-popping hardware innovations, while its plastic case design has been panned by some critics for looking cheap and made out of a conveyor belt. The Wall Street Journal said the gold-colored back cover on the S5 looked like a band-aid.

Chang, a former professor who studied at the School of the Art Institute of Chicago, will continue to lead Samsung’s design center which overseas its overall design strategy.

Lee, who acquired the moniker of “Midas” for his golden touch with the Galaxy series, started out designing cars for Samsung’s failed auto joint venture with Renault in the 1990s.

Source

HP & Foxcomm Head To The Cloud

HP and Foxcomm have announced a joint venture to create a line of cloud optimized servers for service providers.

The venture involving a non-equity, strategic commercial alliance will see the pair offering a range of products. Particulars and specifications are yet to be announced but the companies are aiming to target low total cost of ownership (TCO), scale and service.

This announcement is separate to the existing HP Proliant server portfolio, which includes the software defined server codenamed Moonshot.

HP CEO Meg Whitman said, “With the relentless demands for compute capabilities, customers and partners are rapidly moving to a New Style of IT that requires focused, scalable and high-volume system designs. [The partnership] will enable us to deliver a game-changing offering in infrastructure economics.”

News of the alliance will raise eyebrows at Apple, which reportedly returned an eight million unit shipment of iPhones to Foxconn last year, describing them as “dysfunctional” and “non-compliant”.

HP has had its own troubles recently, after settling two lawsuits this month, one to the former shareholders of Palm over its handling of WebOS, and another that revealed that HP executives were guilty of corruption in negotiations for lucrative contracts. Total payouts across the two settlements totaled $165m.

The HP joint venture with Foxconn will take effect from 1 May, when we hope to find out more details about what it will entail.

Source

IBM Goes BlueMix

IBM has put together a vast array of hosted cloud services, and now it has a single location to offer them for sale.

At IBM Cloud online marketplace, that went live on Monday, enterprises can find the full range of IBM’s offerings behind a single gateway.

“So many of our customers want to build new cloud-based, front-end systems, but they want to tie them into their back-end infrastructure. We’re delivering a whole set of integration components and control services to do the connection, and monitor and control what is taking place,” said Steve Mills, IBM senior vice president and group executive for software and systems.

The marketplace has more than 100 hosted IBM applications, as well as middleware components from IBM’s Bluemix platform as a service (PaaS). It also serves as a portal to IBM’s SoftLayer infrastructure as a service (IaaS) and houses a collection of services from IBM partners.

“It’s an open platform. It supports all the popular application development tools and structures. So it’s not uniquely IBM. There’s a lot of open source and partners,” Mills said. In addition to IBM’s own offerings, other services will be offered on the site by SendGrid, Zend, Redis Labs and other IBM partners.

IBM is banking heavily on the cloud. The company’s revenue has been declining lately, due in part to sagging hardware sales. The cloud is likely to be a good place to look for more money: Gartner expects 80 percent of organizations to use cloud services in some form by the end of 2014.

Although IBM got a late start in the cloud, at least compared with rivals Amazon and Microsoft, it’s aggressively repositioning itself as a one-stop cloud services company. It generated $4.4 billion in cloud-related revenue in 2013 and has made a number of additional investments in the area as well.

In January, the company announced it would invest $1.2 billion into expanding its SoftLayer cloud service, which it acquired last year for $2 billion.

It is also investing $1 billion in the effort to adapt its middleware software as cloud services, part of the Bluemix offering.

The new online marketplace ties together a number of these initiatives from IBM within a single portal. It can be accessed from desktops, laptops, tablets and smartphones, and it can customize the service offerings based on the user’s needs.

Source

Heartbleed Hits Oracle

Oracle issued a comprehensive list of its software that may or may not be impacted by the OpenSSL (secure sockets layer) vulnerability known as Heartbleed, while warning that no fixes are yet available for some likely affected products.

The list includes well over 100 products that appear to be in the clear, either because they never used the version of OpenSSL reported to be vulnerable to Heartbleed, or because they don’t use OpenSSL at all.

However, Oracle is still investigating whether another roughly 20 products, including MySQL Connector/C++, Oracle SOA Suite and Nimbula Director, are vulnerable.

Oracle determined that seven products are vulnerable and is offering fixes. These include Communications Operation Monitor, MySQL Enterprise Monitor, MySQL Enterprise Server 5.6, Oracle Communications Session Monitor, Oracle Linux 6, Oracle Mobile Security Suite and some Solaris 11.2 implementations.

Another 14 products are likely to be vulnerable, but Oracle doesn’t have fixes for them yet, according to the post. These include BlueKai, Java ME and MySQL Workbench.

Users of Oracle’s growing family of cloud services may also be able to breath easy. “It appears that both externally and internally (private) accessible applications hosted in Oracle Cloud Data Centers are currently not at risk from this vulnerability,” although Oracle continues to investigate, according to the post.

Heartbleed, which was revealed by researchers last week, can allow attackers who exploit it to steal information on systems thought to be protected by OpenSSL encryption. A fix for the vulnerable version of OpenSSL has been released and vendors and IT organizations are scrambling to patch their products and systems.

Observers consider Heartbleed one of the most serious Internet security vulnerabilities in recent times.

Meanwhile, this week Oracle also shipped 104 patches as part of its regular quarterly release.

The patch batch includes security fixes for Oracle database 11g and 12c, Fusion Middleware 11g and 12c, Fusion Applications, WebLogic Server and dozens of other products. Some 37 patches target Java SE alone.

A detailed rundown of the vulnerabilities’ relative severity has been posted to an official Oracle blog.

Source

« Previous Page — Next Page »