Sign up for our Technology Newsletter 
BlackBerry To Patch For Heartbleed
BlackBerry Ltd said it will release security updates for messaging software for Android and iOS devices by Friday to address vulnerabilities in programs related to the “Heartbleed” security threat.
Researchers last week warned they uncovered Heartbleed, a bug that targets the OpenSSL software commonly used to keep data secure, potentially allowing hackers to steal massive troves of information without leaving a trace.
Security experts initially told companies to focus on securing vulnerable websites, but have since warned about threats to technology used in data centers and on mobile devices running Google Inc’s Android software and Apple Inc’s iOS software.
Scott Totzke, BlackBerry senior vice president, told Reuters on Sunday that while the bulk of BlackBerry products do not use the vulnerable software, the company does need to update two widely used products: Secure Work Space corporate email and BBM messaging program for Android and iOS.
He said they are vulnerable to attacks by hackers if they gain access to those apps through either WiFi connections or carrier networks.
Still, he said, “The level of risk here is extremely small,” because BlackBerry’s security technology would make it difficult for a hacker to succeed in gaining data through an attack.
“It’s a very complex attack that has to be timed in a very small window,” he said, adding that it was safe to continue using those apps before an update is issued.
Google spokesman Christopher Katsaros declined comment. Officials with Apple could not be reached.
Security experts say that other mobile apps are also likely vulnerable because they use OpenSSL code.
Michael Shaulov, chief executive of Lacoon Mobile Security, said he suspects that apps that compete with BlackBerry in an area known as mobile device management are also susceptible to attack because they, too, typically use OpenSSL code.
He said mobile app developers have time to figure out which products are vulnerable and fix them.
“It will take the hackers a couple of weeks or even a month to move from ‘proof of concept’ to being able to exploit devices,” said Shaulov.
Technology firms and the U.S. government are taking the threat extremely seriously. Federal officials warned banks and other businesses on Friday to be on alert for hackers seeking to steal data exposed by the Heartbleed bug.
Companies including Cisco Systems Inc, Hewlett-Packard Co, International Business Machines Corp, Intel Corp, Juniper Networks Inc, Oracle Corp Red Hat Inc have warned customers they may be at risk. Some updates are out, while others, like BlackBerry, are rushing to get them ready.
Oracle Updates NoSQL
Oracle has announced the availability of the latest edition of its NoSQL datatabase.
NoSQL is Oracle’s distributed key-value database. Now in it’s third version, the enhancements this time are heavily centred around security and business continuity.
Oracle NoSQL 3.0 features improvements in security with cluster-wide password based user authentication and integration with Oracle Wallet. Session level Secure Socket Layer (SSL) encryption and network port restriction are also included.
For disaster recovery and prevention, there’s automatic fail-over to metro-area secondary data centres, while secondary server zones can be used to offload read-only workloads to take the pressure off primary servers under stress.
For developers, there is added support for tabular data models that Oracle claims will simplify application design and improve integration with SQL based applications, while secondary indexing improves query performance.
“Oracle NoSQL 3.0 helps organisations fill the gap in skills, security and performance by delivering […] enterprise-class NoSQL database that empowers database developers and DBAs to easily, intuitively and securely build and deploy next generation applications,” said Oracle’s EVP of Database Server Technologies, Andrew Mendelsohn.
It’s already been a big week for the SQL community with NoSQL arriving on MariaDB for the first time, courtesy of a tie-up between SkySQL, Google and IBM on Tuesday, while yesterday Fusion-IO announced the use of Non-volatile memory (NVM) compression in MySQL to increase the capacity of SSD storage.
Both the community and enterprise versions of Oracle NoSQL Database 3.0 are available for download now from the Oracle Technology Network.
nVidia Goes For Raspberry Pi
nVidia has unveiled what it claims is “the world’s first mobile supercomputer”, a development kit powered by a Tegra K1 chip.
Dubbed the Jetson TK1, the kit is built for embedded systems to aid the development of computers attempting to simulate human recognition of physical objects, such as robots and self-driving cars.
Speaking at the GPU Technology Conference (GTC) on Tuesday, Nvidia co-founder and CEO Jen Hsun Huang described it as “the world’s tiniest little supercomputer”, noting that it’s capable of running anything the Geforce GTX Titan Z graphics card can run, but at a slower pace.
With a total performance of 326 GFLOPS, the Jetson TK1 should be more powerful than the Raspberry Pi board, which delivers just 24 GFLOPS, but will retail for much more, costing $192 in the US – a number that matches the number of cores in the Tegra K1 processor that Nvidia launched at CES in Las Vegas in January.
Described by the company as a “super chip” that can bridge the gap between mobile computing and supercomputing, the Nvidia Tegra K1, which replaces the Tegra 4, is based on the firm’s Kepler GPU architecture.
The firm boasted at CES that the chip will be capable of bringing next-generation PC gaming to mobile devices, and Nvidia claimed that it will be able to match the PS4 and Xbox One consoles’ graphics performance.
Designed from the ground up for CUDA, which now has more than 100,000 developers, the Jetson TK1 Developer Kit includes the programming tools required by software developers to develop and deploy compute-intensive systems quickly, Nvidia claimed.
“The Jetson TK1 also comes with this new SDK called Vision Works. Stacked onto CUDA, it comes with a whole bunch of primitives whether it’s recognising corners or detecting edges, or it could be classifying objects. Parameters are loaded into this Vision Works primitives system and all of a sudden it recognises objects,” Huang said.
“On top of it, there’s simple pipe lines we’ve created for you in sample code so that it helps you get started on what a structure for motion algorithm, object detection, object tracking algorithms would look like and on top of that you could develop your own application.”
Nvidia also expects the Jetson TK1 to be able to operate in the sub-10 Watt market for applications that previously consumed 100 Watts or more.
IT Dissatisfaction Growing
Companies want to reduce spending on IT operations and infrastructure and shift resources to revenue-producing areas, according to two new studies. But businesses leaders and IT executives are also registering higher levels of dissatisfaction with IT as more demands are placed on technology.
The reports, by the Hackett Group and McKinsey & Co., both agree that business executives want IT to do more to improve the bottom line while companies spend less on infrastructure in the process.
The bad news for people who work in IT operations is that large businesses expect to cut IT staff positions by about 2% this year, thanks to automation and outsourcing, according the Hackett’s survey of 160 businesses with revenues above $1 billion.
One path to improved automation will likely be through adoption of software-defined infrastructures, something Bank of America plans to do.
IT budgets will grow by 1.7% this year as IT pivots, increasingly, from a service-providing operation to a revenue-generating one, the Hackett Group said in its study.
IT managers are being told that “you’ve got to grow the business, not just run the business,” said Mark Peacock, an IT transformation practice leader and principal at Hackett.
McKinsey & Co., in its online survey of more than 800 executives — with 345 having a technology focus — also found that executives want less of their budgets to go to infrastructure so more resources can be shifted to analytics and innovation.
The McKinsey survey found that business executives are less likely to say now that IT performs effectively, compared to their views two years ago.
“The IT executives are even more negative,” wrote McKinsey, with only 13% of them saying their IT organizations “are completely or very effective at introducing new technologies faster or more effectively than competitors.” That percentage was down from 22% in 2012.
The negative results “likely reflect the overall rising expectations for corporate IT,” wrote McKinsey.
When asked how to fix IT shortcomings, respondents cited improved business accountability, more funds for priority projects and a higher the level of IT talent, the report said.
The Hackett Group survey didn’t report on dissatisfaction, but it did find that the top goal for IT organizations this year is “to strengthen partnership and goal alignment between IT and the business.”
Scientist Develop Anti-Faking PC
Scientists have developed a computer system with sophisticated pattern recognition abilities that performed more impressively than humans in differentiating between people experiencing genuine pain and people who were just pretending.
In a study published in the journal Current Biology, human subjects did no better than chance – about 50 percent – in correctly judging if a person was feigning pain after seeing videos in which some people were and some were not.
The computer was right 85 percent of the time. Why? The researchers say its pattern-recognition abilities successfully spotted distinctive aspects of facial expressions, particularly involving mouth movements, that people generally missed.
“We all know that computers are good at logic processes and they’ve long out-performed humans on things like playing chess,” said Marian Bartlett of the Institute for Neural Computation at the University of California-San Diego, one of the researchers.
“But in perceptual processes, computers lag far behind humans and have a lot of trouble with perceptual processes that humans tend to find easy, including speech recognition and visual recognition. Here’s an example of a perceptual process that the computer is able to do better than human observers,” Bartlett said in a telephone interview.
For the experiment, 25 volunteers each recorded two videos.
In the first, each of the volunteers immersed an arm in lukewarm water for a minute and were told to try to fool an expert into thinking they were in pain. In the second, the volunteers immersed an arm in a bucket of frigid ice water for a minute, a genuinely painful experience, and were given no instructions on what to do with their facial expressions.
The researchers asked 170 other volunteers to assess which people were in real discomfort and which were faking it.
After they registered a 50 percent accuracy rate, which is no better than a coin flip, the researchers gave the volunteers training in recognizing when someone was faking pain. Even after this, the volunteers managed an accuracy rate of only 55 percent.
The computer’s vision system included a video camera that took images of a person’s facial expressions and decoded them. The computer had been programmed to recognize that one kind of facial movement combinations suggested true pain and another kind suggested faked pain.
HP Unveils 3D Plan
March 31, 2014 by admin
Filed under Consumer Electronics
Comments Off on HP Unveils 3D Plan
Hewlett-Packard Co will unveil plans to enter the commercial 3D-printing arena in June, saying it has resolved a number of technical issues that have hindered broader adoption of the high-tech manufacturing process.
Chief Executive Meg Whitman told shareholders the company will make a “big technology announcement” that month around how it will approach a market that has excited the imagination of investors and consumers.
Critics have accused the sci-fi-like technology of being over-hyped and still too immature for widespread consumer adoption.
Industry observers have long expected HP, the largest of several printer-making companies from Canon to Xerox, to eventually get into the business. Whitman said HP’s inhouse researchers have resolved limitations involved with the quality of substrates used in the process, which affects the durability of finished products.
“We actually think we’ve solved these problems,” Whitman told an annual shareholders meeting. “The bigger market is going to be in the enterprise space,” manufacturing parts and prototypes in ways that were not possible before.
“We’re on the case,” she said without elaborating.
HP executives have estimated that worldwide sales of 3D printers and related software and services will grow to almost $11 billion by 2021 from a mere $2.2 billion in 2012.
The nascent 3D-printing market is now dominated by a number of smaller players like MakerBot, a unit of Stratasys that is concentrating on selling more affordable devices to consumers.
Contract manufacturers like Flextronics however already use the technology to help craft prototype parts or devices for corporate clients.
“HP is currently exploring the many possibilities of 3D printing and the company will play an important role in its development,” CTO and HP Labs director Martin Fink said in a February blogpost on HP’s website.
“The fact is that 3D printing is really still an immature technology, but it has a magical aura. The sci-fi movie idea that you can magically create things on command makes the idea of 3D printing really compelling for people.”
Zeus Attached To Cancer Email Scam
March 28, 2014 by admin
Filed under Around The Net
Comments Off on Zeus Attached To Cancer Email Scam
Thousands of email users have been hit by a sick cancer email hoax that aims to infect the recipients’ computers with Zeus malware.
The email has already hit thousands of inboxes across the UK, and looks like it was sent by the National Institute for Health and Care Excellence (NICE). It features the subject line “Important blood analysis result”.
However, NICE has warned that it did not send the malicious emails, and is urging users not to open them.
NICE chief executive Sir Andrew Dillon said, “A spam email purporting to come from NICE is being sent to members of the public regarding cancer test results.
“This email is likely to cause distress to recipients since it advises that ‘test results’ indicate they may have cancer. This malicious email is not from NICE and we are currently investigating its origin. We take this matter very seriously and have reported it to the police.”
The hoax message requests that users download an attachment that purportedly contains the results of the faux blood analysis.
Security analysis firm Appriver has since claimed that the scam email is carrying Zeus malware that if installed will attempt to steal users’ credentials and take over their PCs.
Appriver senior security specialist Fred Touchette warned, “If the attachment is unzipped and executed the user may see a quick error window pop up and then disappear on their screen.
“What they won’t see is the downloader then taking control of their PC. It immediately begins checking to see if it is being analysed, by making long sleep calls, and checking to see if it is running virtually or in a debugger.
“Next it begins to steal browser cookies and MS Outlook passwords from the system registry. The malware in turn posts this data to a server at 69.76.179.74 with the command /ppp/ta.php, and punches a hole in the firewall to listen for further commands on UDP ports 7263 and 4400.”
Do Chip Makers Have Cold Feet?
It is starting to look like chip makers are having cold feet about moving to the next technology for chipmaking. Fabricating chips on larger silicon wafers is the latest cycle in a transition, but according to the Wall Street Journal chipmakers are mothballing their plans.
Companies have to make massive upfront outlays for plants and equipment and they are refusing, because the latest change could boost the cost of a single high-volume factory to as much as $10 billion from around $4 billion. Some companies have been reining in their investments, raising fears the equipment needed to produce the new chips might be delayed for a year or more.
ASML, a maker of key machines used to define features on chips, recently said it had “paused” development of gear designed to work with the larger wafers. Intel said it has slowed some payments to the Netherlands-based company under a deal to help develop the technology.
Gary Dickerson, chief executive of Applied Materials said that the move to larger wafers “has definitely been pushed out from a timing standpoint”
Web Pioneer Calls For Bill of Rights
The inventor of the world wide web, Tim Berners-Lee, voiced his support for bill of rights to protect freedom of speech on the Internet and users’ rights after leaks about government surveillance of online activity.
25 years since the London-born computer scientist invented the web, Berners-Lee said there was a need for a charter like England’s historic Magna Carta to help guarantee fundamental principles online.
Web privacy and freedom have come under scrutiny since former U.S. National Security Agency contractor Edward Snowden last year leaked a raft of secret documents revealing a vast U.S. government system for monitoring phone and Internet data.
Accusations that NSA was mining personal data of users of Google, Facebook, Skype and other U.S. companies prompted President Barack Obama to announce reforms in January to scale back the NSA program and ban eavesdropping on the leaders of close friends and allies of the United States.
Berners-Lee said it was time for a communal decision as he warned that growing surveillance and censorship, in countries such as China, threatened the future of democracy.
“Are we going to continue on the road and just allow the governments to do more and more and more control – more and more surveillance?” he told BBC Radio on Wednesday.
“Or are we going to set up something like a Magna Carta for the world wide web and say, actually, now it’s so important, so much part of our lives, that it becomes on a level with human rights?” he said, referring to the 1215 English charter.
While acknowledging the state needed the power to tackle criminals using the Internet, he has called for greater oversight over spy agencies such Britain’s GCHQ and the NSA, and over any organizations collecting data on private individuals.
He has previously spoken in support of Snowden, saying his actions were “in the public interest”.
Berners-Lee and the World Wide Web Consortium, a global community with a mission to lead the web to its full potential, have launched a year of action for a campaign called the Web We Want, urging people to push for an Internet “bill of rights” for every country.
Did Sears Suffer A Data Breach?
Sears Holdings Corp acknowledged it has launched an investigation to determine whether it was the victim of a security breach, following Target Corp’s revelation at the end of last year that it had suffered an unprecedented cyber attack.
“There have been rumors and reports throughout the retail industry of security incidents at various retailers and we are actively reviewing our systems to determine if we have been a victim of a breach,” Sears spokesman Howard Riefs said in a statement on Friday.
“We have found no information based on our review of our systems to date indicating a breach,” he added.
He did not say when the operator of Sears department stores and Kmart discount stores had begun the investigation or provide other information about the probe.
Sears Holdings Corp operates nearly 2,500 retail stores in the United States and Canada.
Bloomberg News reported on Friday that the U.S. Secret Service was investigating a possible secret breach at Sears, citing a person familiar with the investigation. The report did not identify that source by name.
The Bloomberg report said that its source did not disclose details about the scope or timing of the suspected breach.
A spokesman for the U.S. Secret Service declined comment when Reuters asked if the agency was investigating a possible breach at Sears.
The Secret Service is leading the U.S. government’s investigation into last year’s attack on Target, which the company has said led to the theft of some 40 million payment card numbers as well as another 70 million pieces of personal data.