Google Encrypts Data

Google officially announced it will by default encrypt data warehoused in its Cloud Storage service.

The server-side encryption is now active for all new data written to Cloud Storage, and older data will be encrypted in the coming months, wrote Dave Barth, a Google product manager, in a blog post.

“If you require encryption for your data, this functionality frees you from the hassle and risk of managing your own encryption and decryption keys,” Barth wrote. “We manage the cryptographic keys on your behalf using the same hardened key management systems that Google uses for our own encrypted data, including strict key access controls and auditing.”

The data and metadata around an object stored in Cloud Storage is encrypted with a unique key using 128-bit Advanced Encryption Standard algorithm, and the “per-object key itself is encrypted with a unique key associated with the object owner,” Barth wrote.

“These keys are additionally encrypted by one of a regularly rotated set of master keys,” he wrote. “Of course, if you prefer to manage your own keys then you can still encrypt data yourself prior to writing it to Cloud Storage.”

Data collection programs revealed by former U.S. National Security Agency contractor Edward Snowden have raised questions about U.S. government data requests made to Internet companies such as Google for national security investigations.

A Google spokeswoman said via email the company does not provide encryption keys to any government and provides user data only in accordance with the law.

“Our legal team reviews each and every request, and we frequently push back when the requests appear to be fishing expeditions or don’t follow the correct process,” she wrote. “When we are required to comply with these requests, we deliver it to the authorities. No government has the ability to pull data directly from our servers or network.”

Source

Chinese Hackers Go After Dissidents

The “Comment Crew,” a group of China-based hackers whose outing earlier this year in major media outlets caused a conflict with the U.S., have resumed their attacks against dissidents.

FireEye, a security vendor that specializes in trying to stop sophisticated attacks, has noticed attackers using a fresh set of tools and evasion techniques against some of its newer clients, which it can’t name. But Rob Rachwald, director of market research for FireEye, said in an interview Monday that those clients include an organization in Taiwan and others involved in dissident activity.

The Comment Crew was known for many years by security analysts, but its attacks on The New York Times, described in an extensive report in February from vendor Mandiant, thrust them into an uncomfortable spotlight, causing tense relations between the U.S. and China.

Rachwald said it is difficult to determine if the organizations being targeted now were targeted by the Comment Crew previously, but FireEye said last month that the group didn’t appear to be hitting organizations they had compromised before.

Organizations opposing Chinese government policies have frequently been targeted by hackers in what are believed to be politically motivated surveillance operations.

The Comment Crew laid low for about four months following the report, but emerging clues indicate they haven’t gone away and in fact have undertaken a major re-engineering effort to continue spying. The media attention “didn’t stop them, but it clearly did something to dramatically alter their operations,” Rachwald said in an interview.

“If you look at it from a chronological perspective, this malware hasn’t been touched for about 18 months or so,” he said. “Suddenly, they took it off the market and started overhauling it fairly dramatically.”

FireEye researchers Ned Moran and Nart Villeneuve described the new techniques on Monday on FireEye’s blog.

Two malware samples, called Aumlib and Ixeshe, had been used by the Comment Crew but not updated since 2011. Both malware programs have now been altered to change the appearance of their network traffic, Rachwald said.

Many vendors use intrusion detection systems to spot how malware sends data back to an attacker, which helps determine if a network has been compromised. Altering the method and format for how the data is sent can trick those systems into thinking everything is fine.

In another improvement, encryption is now employed to mask certain components of the programs’ networking communication, Rachwald said. The malware programs themselves, which are designed to steal data and log keystrokes, are basically the same.

Mandiant’s report traced the hacking activity to a specific Chinese military unit called “61398.” The company alleged that it waged a seven-year hacking spree that compromised 141 organizations.

Rachwald said it is strongly believed the Comment Crew is behind the new attacks given its previous use of Aumlib and Ixeshe. But the group has also re-engineered its attack infrastructure so much over the last few months that it is difficult to say for sure.

Source

NOAA Super Computer Goes Live

The National Oceanic and Atmospheric Administration has rolled out two new supercomputers that are expected to improve weather forecasts and perhaps help better prepare us for hurricanes.

The two IBM systems, which are identical clones, will be used by NOAA’s National Weather Service to produce forecast data that’s used in the U.S. and around the world.

One of the supercomputers is in Reston, Va.; the other is in Orlando. The NWS can switch between the two in about six minutes.

Each is a 213-teraflop system running a Linux operating system on Intel processors. The federal government is paying about $20 million a year to operate the leased systems.

“These are the systems that are the origin of all the weather forecasts you see,” said Ben Kyger, director of central operations at the National Centers for Environmental Prediction.

NOAA had previously used identical four-year-old 74-teraflop IBM supercomputers that ran on IBM’s AIX operating system and Power 6 chips.

Before it could activate the new systems, the NWS had to ensure that they produced scientifically accurate results. It had been running the old and new systems in parallel for months, comparing their output.

The NWS has a new hurricane model, which is 15% more accurate in day five of a forecast for a storm’s track and intensity. That model is now operational and running on the new systems. That’s important, because the U.S. is expecting a busy hurricane season.

Source

Is The FBI Snooping TOR?

The Federal Bureau of Investigation (FBI) has been accused of gathering data from the anonymous network known as TOR.

The FBI might be behind a security assault on the TOR network that grabs users’ information.

Security researcher Vlad Tsyrklevich said that the attack is a strange one and is most likely the work of the authorities.

“[It] doesn’t download a backdoor or execute any other commands, this is definitely law enforcement,” he said in a tweet about the discovery.

He went a bit further in a blog post, explaining that the Firefox vulnerability is being used to send data in one direction.

“Briefly, this payload connects to 65.222.202.54:80 and sends it an HTTP request that includes the host name (via gethostname()) and the MAC address of the local host (via calling SendARP on gethostbyname()->h_addr_list). After that it cleans up the state and appears to deliberately crash,” he added.

“Because this payload does not download or execute any secondary backdoor or commands it’s very likely that this is being operated by an LEA and not by blackhats.”

The bug is listed at Mozilla, and the firm has a blog post saying that it is looking into it.

Over the weekend a blog post appeared on the TOR website that sought to distant it from a number of closed down properties or hidden websites. It is thought that the shuttered websites, which were hosted by an outfit called Freedom Hosting, were home to the worst kind of abuses.

A report at the Irish Examiner said that a chap called Eric Eoin Marques is the subject of a US extradition request. He is accused of being in charge of Freedom Hosting.

“Around midnight on August 4th we were notified by a few people that a large number of hidden service addresses have disappeared from the TOR Network,” the TOR project said.

“There are a variety of [rumors] about a hosting company for hidden services: that it is suddenly offline, has been breached, or attackers have placed a javascript exploit on their web site,” it said.

“The person, or persons, who run Freedom Hosting are in no way affiliated or connected to The TOR Project, Inc., the organization coordinating the development of the TOR software and research.”

Source

Microsoft Slashes Surface Pro

Microsoft on slashed the price of its Surface Pro tablet by $100, or between 10% and 11%, dropping the 64GB model to $799 and the 128GB to $899.

The cuts came three weeks after much more dramatic discounts to Microsoft’s Surface RT, which was reduced by up to 30% to prices starting at $349.

Microsoft said that the price cuts would be valid in the U.S. and Canada until August 30, or while supplies last. Discounts were also offered to customers in China, Hong Kong and Taiwan.

U.S. electronics retailer Best Buy — a key Microsoft partner — also was selling the Surface Pro tablets at the lower prices Sunday, as was Staples.

The Surface Pro tablets rely on Windows 8 Pro and Intel processors, rather than the stripped-down Windows RT and lower-powered ARM processors of the Surface RT devices. Surface Pro tablets can run traditional Windows software like the full-featured Office 2013 productivity suite.

While the price cuts were reminiscent of the more aggressive Surface RT discounts, their much smaller size could simply be part of Microsoft’s back-to-school marketing: August is the biggest month for that selling season, which is second only to the end-of-the-year holidays for retailers pushing consumer electronics, personal computers and tablets.

Microsoft is expected to refresh its Surface tablet lines this fall, a notion reinforced by company executives, who have repeatedly pledged that the company is in the tablet business for the long haul. The Surface Pro discounts could be part of the usual push to empty inventory prior to the launch of new models.

The 10% to 11% price cuts were also in line with other hardware makers’ recent discounting. Last month, Best Buy ran a short-term deal that chopped prices of the MacBook Pro by as much as 17%, and for college students, up to 25%.

Source

Will 3D Printing Take Off?

The use of cheaper 3D printing is set to take off when a batch of patents expires in 2014.

Duann Scott, design evangelist at 3D printing company Shapeways said that in February 2014, key patents that currently prevent competition in the market for the most advanced and functional 3D printers will expire. The important patent is one which covers “laser sintering” which is the lowest-cost 3D printing technology. Because of its high resolution in all three dimensions, laser sintering can produce goods that can be sold as finished products.

At the moment it is only possible to buy expensive 3D laser sintering printers, which can cost tens of thousands of dollars each. But once the key patents on 3D printing via laser sintering expire, we could see huge drop in the price of these devices, says Scott.

Key patents expired on a more primitive form of 3D printing, known as fused deposition modelling resulted in an explosion of open-source FDM printers that eventually led to iconic home and hobbyist 3D printer manufacturer Makerbot. When the patents on FDM expired the cost of such printers fell as little as $300. Scott thinks that the same thing will happen with laser deposition 3D printers.

Source

Will Lenovo Release A Phablet?

Windows Phone may not be taking the world by storm, but it is a very interesting alternative for anyone who’s not in love with iOS or Android.

Now it seems Redmond’s fledgling platform is about to get its first phablet, courtesy of Lenovo. The device reportedly features a quad-core application processor and a 1080p screen. The screen size is estimated at 4.7 to 5 inches.

This would make it the biggest Windows Phone device to date, although it doesn’t sound very big or “phabletish” by Android standards. The biggest currently available WP8 phone is Samsung’s Ativ Si8750, with 4.8-inch 720p screen.

Nokia is Microsoft’s top hardware partner and it has been rumored to be working on a Windows phablet of its own. However, the persistent rumors have not panned out, at least not yet.

Source

DDoS Attacks Rising

One in five UK businesses experienced a DDoS attack last year according to a new survey.

Analytics firm Neustar said that while the percentage is significantly lower than that experienced by their US equivalents it is still fairly high. More than 22 percent of the 381 organisations participating in the annual trends study reported DDoS attacks, compared to 35 percent experiencing the same in a separate study carried out among US firms in 2012.

Neustar set out to measure revenue ‘risk per hour’ which is a measure of what it might cost a business in a particular sector to experience DdoS downtime. They found that the majority of organisations reckoned this at less than $1,500 per hour.

Most of the rest put it somewhere between $1,500 and $15,000 although one in four financial services firms put the number at $250,000 per hour. This cost included brand damage and unexpected customer service calls.

Source

WiLan Loses In Court

Wi-Lan has suffered defeat in its patents trial against Alcatel Lucent, Ericsson, HTC and Sony, as a Texas court decided that the firms did not infringe its patents.

Wi-Lan filed a lawsuit against Alcatel Lucent, Ericsson, HTC and Sony in 2010 claiming the firms infringed patents that relate to data transmission over wireless networks. However a Texas court ruled that the four firms did not infringe Wi-Lan’s patents and found one patent Wi-Lan asserted against HTC and two it asserted against Alcatel Lucent invalid.

Wi-Lan had asserted that Alcatel Lucent and Ericsson infringed three patents, none of which claims were upheld by the court. The firm also asserted that HTC and Sony infringed another patent, and there the court not only judged against infringement but invalidated the patent.

Alcatel Lucent and HTC both said that Wi-Lan was trying to stretch its patents to cover technology in their devices.

Sally Julien, a spokeswoman for HTC said, “HTC believes that Wi-Lan has exaggerated the scope of its patent in order to extract unwarranted licensing royalties from entities who have been focused on bringing innovation forward in their own products.”

Kurt Steinert, an Alcatel Lucent spokesman said, “We think this validates our belief that Wi-Lan was stretching the boundaries of its patents, and the jury confirmed that belief.”

Wi-Lan has managed to get several companies to license its technology including Dell and Panasonic, and in May it initiated legal proceedings against Blackberry over a patent relating to Long Term Evolution network technology. However in this case the firm did not prevail against two large telecom equipment companies and two big smartphone makers.

Source

Tech Hiring Up This Year

Hiring of technology professionals has been increasing since the first half of this year, with new IT hires accounting for about 10% of all the job growth in the U.S. in June, according to two independent assessments.

Total tech employment reached 4.47 million in June, an increase of 22,600 jobs from the prior month, or a .51% gain, according to TechServe Alliance, an IT services industry group which tracks employment data month-to-month. The total excludes tech manufacturing employment.

Similarly, Foote Partners, which researches IT employment trends, reported a gain of 18,200 new tech jobs last month.

These gains are coming at the same time that some tech employers are cutting jobs.

IBM has cut more than 3,000 workers over the past few weeks, struggling Hewlett-Packard is still eliminating jobs, and Symantec is seeing layoffs as well.

The U.S. economy added 195,000 jobs overall in June, according to the Labor Dept.

Foote said that IT employment in the first half of this year is averaging 13,500 new jobs per month.

“While the pace of job creation in the national labor force appears stuck at 7.6% unemployment and new jobs are heavily in part-time positions and low wage full-time segments, IT jobs have been on a sustained growth upswing and wages are holding steady if not growing slightly,” said David Foote, chief analyst, in a statement.

Reports on IT employment figures from analyst can differ widely depending on what U.S. labor department categories are use in the calculations.

Another firm that analyzes the labor market, Janco Associates, reported a gain of 9,900 jobs in June based on the categories it tracks.

Despite the increase in hiring, IT salaries remain flat, said Janco.

“Based on our interviews with over 96 CIOs in the last 30 days, we concluded that CIOs are not in a great hurry to hire new staff except to meet short term needs until they see a clear trend as to what is happening with the economy,” said Janco CEO Victor Janulaitis in a statement.

Janulaitis said that “67% of the CIOs we interviewed do not see any real push to expand staffing over the next 12 months.”

Source

« Previous Page — Next Page »