Author: Nick Farrell

Microsoft soothsayers say “beware of zero day”

Posted on October 23, 2014 by - News

soothsayer-resized-600Software giant Microsoft is warning its users about a new zero-day vulnerability in Windows that is being actively exploited in the wild.

The vulnerability is a risk to users on servers and workstations that open documents with embedded OLE objects.

It is currently being exploited via PowerPoint files as some companies are still trying to use these in meetings to bore staff to death without actually helping the company develop.

Apparently these specially crafted files contain a malicious OLE (Object Linking and Embedding) object which can be exploited by cybercriminals. What makes this nasty is that the vulnerability affects the latest fully patched versions of Windows.

Microsoft points out that users have to be involved in the email attack scenario.

For this attack to be successful, the user must be convinced to open the specially crafted file containing the malicious OLE object. All Microsoft Office file types as well as many other third-party file types could contain a malicious OLE object.

The attacker would have to host a website that contains a specially crafted Microsoft Office file, such as a PowerPoint file, that is used in an attempt to exploit this vulnerability.

“In addition, compromised websites (and websites that accept or host user-provided content) could contain specially crafted content that could exploit this vulnerability. An attacker would have no method to force users to visit a malicious website. Instead, an attacker would have to persuade the targeted user to visit the website, typically by getting them to click a hyperlink that directs a web browser to the attacker-controlled website.”

A successful exploitation could lead to the attacker gaining same user rights as the current user, and if that means administrative user rights, the attacker can install programs; access, modify, or delete data; or create new accounts with full user rights.

The vulnerability affects all supported Windows versions, and there is currently no patch for it. Microsoft is still investigating the matter and deciding whether they will issue an out-of-band patch or wait for the next Patch Tuesday to plug the hole.

Otherwise, do not open Microsoft PowerPoint files, Office files, or any other files received or downloaded from untrusted sources.

 

Lufthansa sells IT infrastructure to Big Blue

Posted on October 23, 2014 by - News

lufthansa-history-1German airline Lufthansa is about to sell its IT infrastructure unit to IBM as part of an outsourcing agreement for the services.

Europe’s largest airline by revenue is undergoing restructuring and cost-cutting efforts to better position itself to compete with low-cost carriers and Arabic rivals

It earlier this year said it was seeking a buyer for the unit, which provides data centres, networks and telephony. Apparently, it is worried that it requires a high level of investment and economies of scale, which the airline could not afford.

Under the deal, Lufthansa will outsource all of its IT infrastructure services to IBM for seven years. The US firm will take over the airline’s IT infrastructure division, currently part of Lufthansa Systems.

The deal will result in a one-off pre-tax charge of 240 million euro for Lufthansa. It will allow Lufthansa to reduce its annual IT costs by around 70 million euro a year. It is not clear how much this will all cost in the end as this is still being ironed out.

Oracle, Microsoft and Ask.com accused of copying Apple’s cartel ways

Posted on October 23, 2014 by - News

1159_tnOracle, Microsoft and Ask.com have been accused of treating their staff in exactly the same way as the fruity cargo cult Apple.

The suit against Microsoft filed by former employees Deserae Ryan and Trent Rau charges, among other things, that Microsoft and other companies entered into anti-solicitation and restricted hiring agreements without the consent or knowledge of its workers.

Oracle, Microsoft and Ask.com are facing suits alleging that they conspired to restrict hiring of staff. The suits are connected to a memo which names a large number of companies that allegedly had special arrangements with Google to prevent poaching of staff.

The document was filed as an exhibit in another class action suit in the US District Court for the Northern District of California, San Jose division over hiring practices. The tech workers who filed that suit alleged that Google, Apple, Intel, Adobe, Intuit, Lucasfilm and Pixar put each other’s employees off-limits to other companies by introducing measures such as “do-not-cold-call” lists.

Those seven tech companies had earlier settled similar charges in 2010 with the U.S. Department of Justice while admitting no wrongdoing, but agreed not to ban cold calling and enter into any agreements that prevent competition for employees.

Google, Apple, Adobe and Intel appealed in September District Judge Lucy Koh’s rejection of a proposed settlement of US$324.5 million with the tech workers, which she found was too low. Intuit, Lucasfilm and Pixar had previously settled for about $20 million.

Now it seems that former employees filing lawsuits against Microsoft, Ask.com and Oracle have asked that the cases be assigned to Judge Koh as there were similarities with the case against Google, Apple and others.

The companies might try to say that since the DOJ did not see it fit to prosecute them before 2010 they must have been legal.

Oracle said that it was excluded from all prior litigation filed in this matter because all the parties investigating the issue concluded there was absolutely no evidence that Oracle was involved.

Microsoft said the employees omit the fact that the DOJ looked into the same claims in 2009 and decided there was no reason to pursue a case against the company.

 

American gamers tell Aussie women to get back to the kitchen

Posted on October 23, 2014 by - News

aussie minersCorrection: Sarkeesian cancelled a planned speech at Utah State University (USU), which is in Logan, Utah and is a different university than the University of Utah in Salt Lake City. Apologies.

Women video game developers and critics in Australia are being threatened with rape and murder by American and Canadian gamers as the dispute that has gripped the global gaming community  goes global.

Sydney-based independent video game developer and critic ‘Sarah’ said she had received threats as a part of the movement after she voiced her opinion on an online gaming forum.  They were pretty blunt about what they were going to do to her for daring to make games that did not depict women as whores or sex objects.

“They were saying that they were going to rape me, they were going to kill me… They ran to friends of theirs, got them together … and started tweeting threats at me,” he said.

Sarah believed the perpetrators had set up a system that sent multiple threats to her account automatically.

Fortunately, they were not that clever. One posted a picture that allowed Sarah to figure out their name because they would screen capped it with their Facebook account in the background so I was able to find out the attackers name, and get a sense of who the other guys were.

They are all young, and they are all from the US and Canada and are all keen to spread their backward brand of misogyny to countries where women are treated a little more equally.

“That was almost a bit more terrifying – that they were this loose group of people that one of them could call up the others and they would attack.”

Unfortunately, because they were not Aussie misogynists they could not be arrested and charged with threatening behaviour.

The movement originated from a debate about whether video game journalists were too close to the industry, but then took a more threatening turn.

Earlier this month American feminist critic Anita Sarkeesian was attacked by people claiming to be from the gamergate movement shortly after posting an online video about the portrayal of women in games.

She was forced to cancel a speech at the University of Utah, after an anonymous threat from somebody who said they were planning to carry out a mass shooting at the event.

Medical gear hacked

Posted on October 22, 2014 by - News

hacking-medical-devicesThe US Department of Homeland Security is investigating two dozen cases of suspected cybersecurity flaws in medical devices and hospital equipment.

Under investigation is an infusion pump from Hospira , implantable heart devices from Medtronic and St Jude Medica.

There is no indication that hackers have been attacking patients through these devices, but the agency is concerned that malicious people may try to gain control of the devices remotely and create problems, such as instructing an infusion pump to overdose a patient with drugs, or forcing a heart implant to deliver a deadly jolt of electricity.

The senior DHS official said the agency is working with manufacturers to identify and repair software coding bugs and other vulnerabilities that hackers can potentially use to expose confidential data or attack hospital equipment.

Hospira, Medtronic and St Jude Medical declined to comment on the DHS investigations. All three companies said they take cybersecurity seriously and have made changes to improve product safety, but declined to give details.

The agency started examining healthcare equipment about two years ago, when cybersecurity researchers were becoming more interested in medical devices that increasingly contained computer chips, software, wireless technology and Internet connectivity, making them more susceptible to hacking.

The US Food and Drug Administration, which regulates the sale of medical devices, recently issued  guidelines for manufacturers and healthcare providers telling them to better secure medical gear.

The DHS review does not imply the government thinks a company has done anything wrong – it means the agency is looking into a suspected vulnerability to fix it.

This is not the first time that medical gear has fallen under the security microscope. In 2007, then US Vice President Dick Cheney ordered some of the wireless features to be disabled on his defibrillator due to security concerns. Unfortunately, this was done and Cheney was not bumped off by hackers sabotaging his defibrillator.

Xerox Alto source code made public

Posted on October 22, 2014 by - News

altoThe code that inspired generations of computer nerds has been made public by the Computer History Museum in Mountain View.

The Xerox Alto computer was important because it was the first attempt and a making a machine that was visual rather than text based. It used a mouse and a WYSIWYG word processor. It was this beastie which was ripped off by Steve Jobs

Conservationists behind making the code available to the public had to archive it to nine-inch tape, before being transferred to eight-millimetre cartridges and then put on CDs.  Then they had to get permission to release the code.

The file includes the Bravo word processor, Markup, Draw and Sil drawing programs, and the Laurel e-mail program. There’s also the BCPL, Mesa, Smalltalk, and Lisp programming environments along with various utilities and the Alto’s Ethernet implementation.

Ethernet was developed for the Alto system using networking software, called Pup (for PARC Universal Packet).  This anticipated the Internet by allowing multiple Ethernet local area networks to be interconnected by leased phone lines, radio links, and the ARPANET (which at this time connected a handful of computers at ARPA research centres).

You can look at the software here 

 

Eat your heart out Dan Brown! Vatican puts archive online

Posted on October 22, 2014 by - News

vatican_library3The Vatican Apostolic Library has announced that more than 4,000 ancient manuscripts will now be available online as part of a digital archive.

Global IT service provider NTT DATA has developed the service, which displays high definition digital reproductions of the texts at the library’s website.

A special viewer built by the firm’s digital archive solution technology, AMLAD, enables manuscripts to be examined across a variety of devices, including tablets.

The release is part of a four-year project launched in March. NTT DATA had to establish the infrastructure for the long-term storage, safekeeping and viewing of digital specimens. The company also hopes to provide an efficient search function for the library’s digital artefacts by the end of the year.

Toshio Iwamoto, president and CEO of NTT, said that the firm was extremely excited to bring the collection to a wider audience.

Prefect of the Vatican Apostolic Library, Monsignor Cesare Pasini added that the Vatican gladly adopts the use of innovative technologies in order to make “these treasures of humankind more widely known, in a profound spirit of universality”.

The digital archives can also be accessed via a portal site managed by Digita Vaticana, a foundation raising funds for the library’s preservation projects.

The Vatican Library is one of the oldest in the world and currently contains 75,000 codices, 1.1 million printed books and an estimated 8,500 incunabula. It was formally established in 1475,

In the 17th century, the Vatican Secret Archives were separated from the library at the start of the 17th century and are believed to contain an additional 150,000 items and it was these that Dan Brown made a big thing about in his books. Unfortunately, for conspiracy theorists, the “secret archives” is a mistranslation – it is actually a private library for private papers and it is allowed to be viewed by more than 1000 scholars.  No word as to when these will be made public.

Women were pushed out of coding in the 1980s

Posted on October 22, 2014 by - News

MSDWARG EC001While software development is seen as a “male only” industry, apparently it was not always like that.

Historically, a lot of computing pioneers, including those who programmed the first digital computers were women and for decades, the number of women studying computer science was growing faster than the number of men.

But something strange happened in 1984 which changed all that and the percentage of women in computer science flattened, and then plunged.

According to NPR,this is exactly the same time when personal computers started showing up in US homes in significant numbers. And the problem was that they were only marketed to men and boys.

Movies like Weird Science, Revenge of the Nerds, and War Games all came out in the ’80s and they were all about awkward geek boy geniuses.

By the 1990s families were much more likely to buy computers for boys than for girls — even when girls were really interested in computers.  This meant that girls grew up not playing with computers at home, which was how the next generation of programmers developed.

The paper cites Patricia Ordóñez who didn’t have a computer at home, but was a math wiz.  When she got to Johns Hopkins in the ’80s, she found that most of her male classmates were way ahead of her because they had grown up playing with computers.

In the ’70s, that never would have happened because Professors in intro classes assumed their students came in with no experience. But by the ’80s, that had changed.

 

Apple seems to hold little hope for its iWatch

Posted on October 22, 2014 by - News

fobwatchIt seems that the fruity cargo cult, Apple does not have the same hope for its iWatch as many commentators in the Tame Apple Press.

Yesterday Apple made changes to its reporting process which aims to obscure sales results. For example the fading iPod will not be identified on the balance sheet, nor will sales from retail. Instead, store results will be distributed among the various regions (such as Americas and Greater China), and iPod will be lumped in with “other products” along with along with Beats headphones, Apple TV, and accessories.

However, this “other products” category will also include Apple’s much touted, rarely seen iWatch. Which means that Apple does not want to tell anyone how sales of the product are doing. Hacks would have to look at this year’s figures, and guess how much of the category related to the watch.

This is telling – it means that Apple, quite rightly, does not really believe that the iWatch will sell significant amounts.

Analysts tried to corner Apple CEO Tim Cook on the matter during an earnings call who tried to reassure them that the move “says nothing about our expectations” for the Apple Watch.”

Cook added he also does not want to detail Apple Watch numbers to give competitors any data.

As an excuse that does not work very well. Apple has largely depended on creating an image where its shiny toys were popular. To do that it needs to tell the world how many millions of a product type it has sold. This creates the impression of a company doing well, rather than peddling anything that failed to work.

Burying iWatch sales can only mean that Jobs’ Mob does not want the fact that it will only sell a million of them to the sort of people who would buy anything with an Apple logo to get out to the rest of the world.

Nadella gets loads of bad karma

Posted on October 21, 2014 by - News

Scrooge-PorpoiseThe CEO who told women that they could gain good karma by not asking for pay rises, Microsoft new Chief Executive Satya Nadella, apparently is planning to come back as a slug in a future life.

Nadella has become one the technology industry’s biggest earners, with a total compensation package worth $84.3 million this year.

According to a document filed with securities regulators, Nadella has no chance of being released from the wheel of birth and death any time soon – unlike many Microsoft female employees.

The huge number is mostly made up of the estimated value of certain one-time stock awards given to Nadella, who became the company’s third CEO in February. He cannot actually receive the shares until 2019.

The massive stock awards, valued at $79.8 million overall, were designed to keep Nadella at Microsoft while the company was hunting for a new CEO, and to give him long-term incentives as CEO.

Large stock awards have not been necessary for Microsoft’s previous two CEOs, Bill Gates and Steve Ballmer, as both had multi-billion dollar holdings in the company.

Nadella’s compensation is set to be more modest, with “total target compensation” for fiscal 2015 set at $18 million, according to the company’s proxy filing.

Big Blue slows down

Posted on October 21, 2014 by - News

sn_blu_mysIBM shocked the cocaine nose jobs of Wall Street by giving up its 2015 operating earnings target and moaning that it was suffering from a bad dose of weak client spending and a slumping software sector.

IBM shares fell nearly seven percent to a three year low, which must really hack off Warren Buffett whose Berkshire Hathaway owns seven percent of IBM shares. The decline shaved more than $13 billion off Big Blue’s market cap, which stood at $182 billion at the stock market close on Friday.

Ginni Rometty, IBM chairman, president and chief executive officer said that the result was disappointing and that the company saw a marked slowdown in September in client buying behavior, and our results also point to the unprecedented pace of change in our industry.

In a move to rid itself of one underperforming business, IBM also said on Monday it will hive off its loss-making semiconductor unit to contract chipmaker Globalfoundries.

“Some of these fundamental shifts in the industry are happening faster than we planned,” Rometty said on a call with analysts. “We are continuing to remix to higher value.”

To be fair, IBM is hardly the only technology company having a hard time keeping up. German software maker SAP cut its 2014 operating profit forecast on Monday, citing a faster-than-expected move to cloud-based software. Oracle has similar problems.

Revenue from the company’s cloud service unit, which allows businesses to access software and data remotely, grew more than 50 percent in the quarter, while mobile revenue doubled.

Still, they were not enough to offset weakness in servers and other hardware, as well as some software business lines.

IBM is spending $600 million for “workforce restructuring,” but did not specify how many employees would be cleaning out their desks.

IBM, which said it would announce a new operating earning per share target for 2015 in January, reported a 4 percent drop in third-quarter revenues as clients held back on spending in September.

Revenue fell to $22.4 billion in the quarter from $23.34 billion a year earlier. Wall Street expected $23.37 billion.

Net profit from continuing operations dropped to $3.46 billion, or $3.46 per share, from $4.14 billion, or $3.77 per share in the same quarter last year.

 

iPads sinking to oblivion

Posted on October 21, 2014 by - News

quicksand1It looks like the world has given up on the novelty of the tablet and is more interested in bigger phones and PCs.

After years of posting stories about how Steve Jobs killed the PC by bringing in the tablet, the Tame Apple press has to face the fact that it was not quite, but completely, untrue.

Apple reported that it had its strongest growth in Mac computer shipments in years but tablet sales were slinking fast.

This seems to suggest that what we have been saying all along the so called shift to mobile was all marketing spin and that slow PC sales were due to economic rather than a shift in technology demands.

Jobs Mob saw a 16 percent jump in iPhone sales, with a stronger-than-expected revenue of $63.5 billion to $66.5 billion in the December quarter.

But sales of the iPad slid for the third straight quarter falling 7 percent from the previous quarter to 12.3 million units, and were down 13 percent from the year-ago period.

The Tame Apple Press is banking on Apple’s alliance with IBM to drive tablet and phone sales to corporate customers, however saner heads do not think that likely.

Biggish Blue Chief Financial Officer Luca Maestri said that the scheme had more than 50 clients, and Apple and IBM intend to introduce their first jointly designed software apps next month.

The lack of interest in the Tablets place Apple in a dodgy position. It means that the company still depends on the iPhone, and it is a market which is fast drying up.

Orders for the iPhone 6 and 6 Plus began in September, helping Apple chalk up a 12.2 percent jump in revenue last quarter to $42.12 billion. That exceeded the roughly $39.9 billion that Wall Street analysts had predicted, on average.

The return of the Mac was a surprise. There was talk once of Apple leaving its Mac business behind as it moved into the gadget business. But it appears that there are people who are prepared to pay over the odds for a PC with an Apple logo on it.

 

Great Firewall of China attacks Apple

Posted on October 21, 2014 by - News

great wallChinese authorities are staging a man-in-the-middle (MITM) attack on Apple’s iCloud after previous attacks on Github, Google, Yahoo and Microsoft.

The man-in-the-middle attack is a form of spying in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking to each other.

According to Great Fire  the Chinese are using their Great Firewall security system to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc.

Unlike the recent attack on Google, this attack is nationwide and appears to be after personal data. This may also related to images and videos of the Hong Kong protests being shared on the mainland.

 

 

Internet users in China should first use a trusted browser on their desktops and mobile devices.  Firefox and Chrome will both prevent users from accessing iCloud.com when they are trying to access a site that is suffering from a MITM attack. Qihoo’s popular Chinese 360 secure browser loads the page without question.

Apple does provide security warnings, but users often ignore these – after all, they believe they are connecting to the Jobs’ Mob site itself and have been told that their software and system is totally secure.

In fact the Tame Apple Press claims that Apple is being targeted because it now offers encryption on the phone, which would keep the spooks out.  It is better for the Chinese to steal users’ passwords so they do not have to worry about having to decode the hard-drive.

Lenovo in talks to buy Blackberry

Posted on October 21, 2014 by - News

ripeunripeChinese telecom gear maker Lenovo is in talks to buy Lenovo and is expected to offer the company $15 a share later this week.

Lenovo and BlackBerry refused to comment and this is not the first time that the two have been rumoured to be involved in a tie up.

Senior Lenovo executives have indicated an interest in BlackBerry as a means to strengthen their own handset business. Last year, when BlackBerry said was exploring strategic alternatives, Lenovo was named as an obvious buyer.

The Canadian government put the brakes on any deal when it announced that any sale to Lenovo would not win the necessary regulatory approvals due to security concerns. At the time, the Canadian government had swallowed the US Cool aid which stated that Chinese companies were turning over data to their government through secret spyware. In fact, US companies were turning over data to their government.

BlackBerry’s secure networks manage the email traffic of thousands of large corporate customers, along with government and military agencies across the globe. Under Canadian law, any foreign takeover of BlackBerry would require government approval under the Industry Canada Act.

Analysts also say any sale to Lenovo would face regulatory obstacles, but they have suggested that a sale of just BlackBerry’s handset business and not its core network infrastructure might just sneak past the regulators.

BlackBerry was believed to want to off-load its handset business, even as the arm turned a profit before special items in the last quarter.

BlackBerry chief executive officer John Chen has said in the past he sees the handset business as core to the company for now, as it will foster sales growth over the next few quarters until the software and services business begins to generate new revenue streams in the first half of 2015.

Apple says that it is the Bose

Posted on October 20, 2014 by - News

J.C.BoseIt seems that the Fruity Cargo cult Apple is being a little childish with its old chum Bose.

For years, Apple sold Bose gear in its cathedrals of delight for the terminally shallow until the outfit decided to buy Beats. Bose had a few problems with Beats which it thought had nicked its noise cancelling technology and sued the company.

Apple responded by removing all Bose gear from its shops.

Bose and Beats then buried the hatchet but it seems that Apple is still deeply annoyed that Bose dared to sue it. The ban on Bose gear is still on.

According to 9to5 Mac all Bose speakers and headphones have been purged from sale through the Apple Online Store and several Apple Retail Store locations they contacted confirmed Bose stuff is no longer available.

 

 

t’s possible, though, that Apple is simply removing a similarly priced competitor from its retail channels to focus on promoting Beats now that it owns the brand, but then it also still sells competing headphone brands including Bowers & Wilkins, Urbanears, RHA, and Sennheiser. We guess they never accused an Apple subsidiary of stealing its ideas.

Apple falsely believes it invented most technology ideas, including the mouse, the PC, the MP3 player, the tablet, the smartphone and the rounded rectangle.

Apple is also about to remove products from the company Fitbit, which was a little slow at endorsing Apple’s HealthKit platform and might find itself in competition from the mythical Apple Watch.