Category: News

IBM intros nextgen flash storage

Posted on February 19, 2015 by - News

IBM logoBig Blue said that it today introduced two flash enterprise storage products that give high performance and better reliability.

The products, called IBM Flash System storage come in two types, the V9000 and the 900.

The first of these allows enterprises to consolidate existing storage systems under a single management domain.

The 900 gives high performance, enterprise reliability and can be deployed in two hours, compared to days for conventional products.

IBM said it is committed developing flash based storage products to enterprises and industries of whatever size.

In April 2013, IBM invested a billion dollars in flash storage research, as well as making partnerships and product development.

It’s the larger amount of data that makes enterprises move to flash systems, according to Jamie Thomas, general manager of storage at IB.

The systems use Micron semiconductors but IBM has hand tweaked the flash memory chips to deliver what it claims is a better sort of flash storage.

 

HP intros open network switches

Posted on February 19, 2015 by - News

HPHewlett Packard said it has launched a line of open network switches for the data centre that gives service providers and Web scale organisations more flexibility for coping with cloud, mobile, social media and big data workloads.

The network switches include options such as choice of hardware and software and branded switches giving access to worldwide local support and services through HP Technology Services.

HP said the products are amongst the first in the category of branded white box switches.

The network switches will be sold to Web scale data centre customers through its partners Acton and Cumulus.

HP’s deal with Cumulus means it will provide Linux OS to cloud based data centres using tools and management from open source and commercial Linux communities.

The first in HP’s line with be two open network switches supporting 10G/40G spine and 10G leaf data centre deployments. The switches come with Cumulus Linux OS.

In the second half of this year, HP will expand the line, hardware and OS software options.

Lenovo installed malware on laptops

Posted on February 19, 2015 by - News

lenovo_hqA security firm made the alarming assertion that Lenovo had pre-installed software on notebooks it sells that makes them more likely to be hacked.

The program called Superfish, which Lenovo installed on computers intended for home use was software that auto-displays adverts.

And according to Reuters, Errata Security, an American company, said Superfish opens up encrypted connections, so letting hackers take over PCs.

Lenovo officials are on holiday for the Chinese New Year and so far have not responded to the allegations.

However, Ken Westin, a senior security analyst at Tripwire had plenty to say on the matter.

“With increasingly security and privacy conscious buyers, laptop and mobile phone manufacturers may well be doing themselves a disservice by seeking outdated advertising based monetisation strategies,” he said.

“If the findings are true and Lenovo is installing their own self-signed certificates, they have not only betrayed their customers’ trust, but also put them at increased risk,” he added.

 

US banks finally adopt mark of the beast

Posted on February 19, 2015 by - News

Card-fraudUS banks have finally twigged that the reason they keep losing money to credit card theft is because they insist on being the last bastion of low tech cards.

Given the fact that the free market is supposed to decide the best form of technology to defend its transactions, the US banks have been dragging their collective trotters adopting the EMV standard.

Meanwhile in Europe, the birthplace of Europay, MasterCard and Visa (EMV) standard there is a low amount of credit card fraud while in the US it is incredibly high.

Now the US is finally making the transition to secure cards based on the European EMV standard, mostly because the liability shift imposed by the three big credit card brands — Visa, MasterCard and American Express — will start on October.

If the merchant is EMV compliant and has a POS system equipped to read EMV cards, and the card is not, because the financial institution has not started issuing them yet — effectively forcing the merchant to run your card on the magnetic stripe reader — then the bank or credit card issuer has to pay for the misuse of the card.

If the issuer has upgraded to EMV by sending chip cards to its cardholders, but the merchant has not upgraded their point of sale to accept them, the retailer bears the cost for counterfeit fraud.

While all this is a pain for the banks and retailers, it is widely accepted in the US that something has to be done. A wave of data breaches that has hit major retailers such as Target and Home Depot, among others, has convinced many card issuers that the expense of sending new cards fades in comparison to the consequences of new data breaches. It will probably take another three years for full adoption.

Some analysts expect fraud to increase this year, as thieves will step up their efforts to capture more credit card details before the EMV conversion starts to take a grip on their bottom line.

It is unclear why the US has been so slow in adopting the chips, one reason might be the fact that their parts of the US which may refuse to use them because of religious reasons.  Parts of the bible belt believe that the move to such technology is a sign of the “end times” and that any electronic transactions are the same as the “mark of the beast” of revelation.

French spooks behind latest malware

Posted on February 19, 2015 by - News

peter_sellers_3918It seems that the French are not going to stand idly by while other nations spies get all the attention for creating spyware.

Cyphort Labs found a cyber-espionage tool of the kind a nation state would be behind which invades Windows desktop machines and aims at extracting almost anything of value: it steals data from instant messengers, softphones, browsers and office applications.

Dubbed ‘Babar64’  the malware is believed to have been written by French intelligence.

It is a natty bit of code. It logs keystrokes, taking screenshots, steams audio from softphone applications, nicks clipboard data and can steal the names of desktop windows.

The malware creates an invisible window, with no other purpose than to receive window messages. By processing the window message queue it filters out input events and dispatches them to a raw input device object. Said object is configured to grab keyboard events through GetRawInputData.

Babar has two hard coded C&C server addresses included in its configuration data — http://www.horizons-tourisme.com/_vti_bin/_vti_msc/bb/index.php and http://www.gezelimmi.com/wp-includes/misc/bb/index.php

The domain horizons-tourisme.com is a legitimate website, operated by an Algerian travel agency, located in Algiers. The website is in French and still online today. Gezelimmi.com is a Turkish domain, currently responding with an HTTP error message 403, access not permitted. Both domains appear to be of legitimate use, but compromised and abused to host Babar’s server side infrastructure.

Apple poaches staff to get new tech

Posted on February 19, 2015 by - News

How-to-Poach-Eggs_725x408After years of enforcing an illegal cartel which forced staff to stay with it, Apple is now going the other way and poaching staff in a way to get new technology, a court was told.

Electric-car battery maker A123 Systems has sued Apple for poaching top engineers to build a large-scale battery division.

The Tame Apple Press does not question the legality of the move, but just has become all moist about the fact that the iPhone maker may be developing a car.

The court heart how around June 2014, Apple began aggressively poaching A123 engineers tasked with leading some of the company’s most critical projects, the lawsuit said. The engineers jumped ship to pursue similar programs at Apple, in violation of their employment agreements.

These agreements are in place to stop big companies like Apple from gaining access to technology they have not developed.

“Apple is currently developing a large-scale battery division to compete in the very same field as A123,” the lawsuit read.

A123 Systems has not been doing very well. It filed for bankruptcy in 2012 and has been selling off assets.

The engineers who left were of such calibre that the projects they had been working on had to be abandoned. One of the five defendants, Mujeeb Ijaz, of helping Apple recruit among its ranks.

“It appears that Apple, with the assistance of defendant Ijaz, is systematically hiring away A123’s high-tech PhD and engineering employees, thereby effectively shutting down various projects/programs at A123,” according to the lawsuit.

They are doing so in an effort to support Apple’s apparent plans to establish a battery division that is similar if not identical to A123’s, in competition with A123.”

Apple has been carrying out similar programmes at LG Chem, Samsung SDI, Panasonic, Toshiba  and Johnson Controls Inc.

A123 presented evidence from one of its partners SiNode Systems that “confirms that his work on behalf of Apple is at least substantially similar (if not identical) to his work at A123.”

 

 

Samsung starts mobile payments

Posted on February 19, 2015 by - News

Samsung advertising in TaipeiSamsung has bought US mobile wallet startup LoopPay, which is seen as an  intention to launch a smartphone payments service.

Mobile payments have been slow to catch on in the United States and elsewhere, despite strong backing. Apple, Google, and eBay PayPal have all launched services to allow users to pay in stores via smartphones and the stores themselves are expected to release a new standard of their own.

Most of the problem is that retailers have been reluctant to adopt the hardware and software infrastructure required for these new mobile payment options to work before a standard is sorted out.  There was no point in investing in BetaMax when VHS kills it.

LoopPay’s technology differs because it works off existing magnetic stripe card readers at checkout, changing them into contactless receivers, they said. About 90 percent of checkout counters already support magnetic swiping.

“If you can’t solve the problem of merchant acceptance…, of being able to use the vast majority of your cards, then it can’t really be your wallet,” said David Eun, head of Samsung’s Global Innovation Center.

Injong Rhee, who is leading Samsung’s as-yet-unannounced payments project, said the Asian giant will soon reveal more details of its envisioned service. He would not be drawn on speculation the company may do so during the Mobile World Congress in Barcelona.

He said new phones such as the new Galaxy would support the service.

Samsung had invested in LoopPay, along with Visa and Synchrony Financial, before its acquisition.

Rhee said in an interview that the company intends to roll out accompanying services that go beyond merely turning the smartphone into a wallet, such as by allowing users access to information such as spending.

Lockheed Martin jets into cyber security

Posted on February 19, 2015 by - News

DF-SC-82-10542US defence contractor Lockheed Martin sees cyber security as its number one growth area over the next three to five years.

Although it is better known for its jet aircraft, Lockheed Martin is the main provider of IT technology to the US government, said expects double-digit growth in its overall cybersecurity business over the next three to five years.

Lockheed said it was making strong inroads in the commercial market by using its experience and intelligence gathered while guarding its own networks and those of government agencies.
Chief Executive Officer Marillyn Hewson said Lockheed was providing cyber security services for more than 200 customers around the world in the energy, oil and gas, chemical, financial services and pharmaceuticals business.

Hewson told the company’s annual media day that Lockheed had faced 50 “coordinated, sophisticated campaign” attacks by hackers in 2014 alone, and she expected those threats to continue growing.

Lockheed now represented a large number of companies on the Fortune 500 list, including 79 percent of utilities, 35 percent of oil and gas companies, 46 percent of chemical firms, and 46 percent of financial firms.

It has been helped by the fact that other weapons makers, including Boeing and Harris have largely exited the cyber security business after finding it difficult to generate any real cash.

Sony trims its sails

Posted on February 18, 2015 by - News

Sony buildingsThe CEO of Sony said that the company will boost investment in its PlayStation and camera sensors business over the next three years.

But Kazuo Hirai said today that it may well exit the smartphone business and divest itself of its TV unit too.

Sony has already got out of PCs and is engaged in restructuring which have seen thousands of people made redundant.

Hirai told reporters in a briefing that his goal was to make Sony profitable – it expects to turn in an operating loss for its financial year, which ends on the 31st of March.

Earlier this week, Sony released its intelligent glasses – which have no guarantee of making returns following Google’s decision to go back to basics on its own version of the devices.

Video games, camera sensors and entertainment are all areas which are profitable, but Hirai is tacitly saying that Sony isn’t the giant it once was, when whatever it launched set the scene for others to follow.

It’s little surprise that Sony is getting out of smartphones. Samsung and Apple rule the roost but manufacturers in mainland China are selling smartphones at knock down prices with razor thin margins – that’s already had an effect on Samsung’s profits.

 

ARM offers entrepreneurs prizes

Posted on February 18, 2015 by - News

Screen Shot 2015-02-18 at 11.53.01British chip company ARM said it is offering £10,000 in prizes in a contest to create smart devices based on its Cortex-M4 microprocessor.

The competition runs from March to June this year with the goal to create devices in the home automation, measurement, the internet of things or system control.

Registration for the contest starts today and finishes on March 31, 2015. Competitors will receive software development tools, a debug unit, hardware containing the M4 chip and peripheral components.

Competitors can choose from platforms provided by Freescale, Infineon, NXP or ST Microelectronics.

Final prototype designs need to be submitted by the 30th of June 2015, with winners announced in October 2015. There will be five prizes ranging from $500 to $5,000.

Reinhard Kell, director of micro controller tools at ARM said: “New technology invention was previously the domain of those with advanced processor knowledge and access to funding. That has changed now.”

Competitors get a complementary licence for the ARM Keil Microcontroller Development Kit, professional edition.

You can register for the competition by clicking here.

 

IBM makes big data push

Posted on February 18, 2015 by - News

ibm-officeBig Blue said it has introduced data analytics with the introduction of IBM BigInsights for Apache Hadoop.

The offering provides machine learning, R, and other features that can tackle big data.

IBM claimed that while many think Apache Hadoop is powerful for collecting and storing large sets of variable data, companies are failing to realise its potential.

It’s offering has a broad data science toolset for querying data, visualising, and provide scaleable distributed machine learning.

The offering includes Analyst, which includes IBM’s SQL engine, Data Scientist that provides a machine learning engine that ranges over big data to find patterns.

Enterprise Management includes tools to optimise workflows, and management software to give faster results.

IBM also said it has joined the Open Data Platform (ODP) association which is aiming to provide standardisation over Hadoop and big data technologies.

Man says he didn’t hack 160 million credit cards

Posted on February 18, 2015 by - News

Screen Shot 2015-02-18 at 10.53.04A Russian extradited to the US for allegedly hacking into major corporations has pleaded not guilty to the charges.

Vladimir Drinkman, who was extradited from the Netherlands, said he didn’t conspire with other people to hack into major financial networks and sell data to other crooks.

Reuters said the attacks, which started in 2005, meant 160 million credit card numbers and hundreds of millions of dollars were extracted from corporations and individual people.

Networks hacked included a Visa licensee, 7-Eleven, JC Penney and Carrefour.

He faces a trial in Newark at the end of his April and if convicted could spend 30 years in jail.

He fought against extradition after being arrested in 2012. Three alleged co-conspirators have so far not been caught, while a fourth Dmitriy Smilianets was also extradited from the Netherlands and is in jail in the USA.

Netgear has a nasty bug in the soap

Posted on February 18, 2015 by - News

original_bug-soapSome Netgear wireless routers have a vulnerability which turns over all the data a hacker needs to break into the network.

The vulnerability is found in the embedded SOAP service, which is a service that interacts with the Netgear Genie application that allows users to control their routers via their smartphones or computers.

Network engineer Peter Adkins said that at first glance, this service appears to be filtered and authenticated, but an HTTP request “with a blank form and a ‘SOAPAction’ header is sufficient to execute certain requests and query information from the device,” he explained in a post on the Full Disclosure mailing list.

As the SOAP service is implemented by the built-in HTTP / CGI daemon, unauthenticated queries will also be answered over the internet if remote management has been enabled on the device. As a result, affected devices can be interrogated and hijacked with as little as a well placed HTTP query, Adkins said.

If this is true then the vulnerability can be exploited both by attackers that have already gained access to the local network and by remote attackers.

All this applies to Netgear WNDR3700v4 – V1.0.0.4SH, Netgear WNDR3700v4 – V1.0.1.52, Netgear WNR2200 – V1.0.1.88 and Netgear WNR2500 – V1.0.0.24.

Netgear was told of the flaw and it replied that any network should still stay secure due to a number of built-in security features, said Adkins.

“Attempts to clarify the nature of this vulnerability with support were unsuccessful. This ticket has since been auto-closed while waiting for a follow up. A subsequent email sent to the Netgear ‘OpenSource’ contact has also gone unanswered.”

 

Obama blows hot and cold on encryption

Posted on February 18, 2015 by - News

thewhitehouseWhile his security spooks are complaining that company moves to use strong encryption is making their life difficult, President Barack Obama said he likes the technology, other than when he doesn’t.

Talking to Recode, Obama appears to have jumped on the side of the big tech corporations against the NSA and when asked if American citizens should be entitled to control their data, just as the president controls his own private conversations through encrypted email, he said yes.

Obama replied that he’s “a strong believer in strong encryption …. I lean probably further on side of strong encryption than some in law enforcement.” He maintained that he is as firm on the topic as he ever has been.

However the matter, claimed Obama was hypothetical. If the FBI had a good case against someone involved in a terrorist plot and wants to know who that person was communicating with? Traditionally, they could get a court order for a wire tap. Today, a company might tell the FBI they can’t technically comply.

He warned that the first time that an attack takes place in which it turns out that we had a lead and we couldn’t follow up on it, because the data was encrypted the public’s going to demand answers.

“Ultimately everybody, and certainly this is true for me and my family, we all want to know that if we’re using a smartphone for transactions, sending messages, having private conversations, that we don’t have a bunch of people compromising that process. There’s no scenario in which we don’t want really strong encryption,” he said.

So, in other words, everyone should have strong encryption which should turn itself off when the security services want to have a look at it.

Top hedge funds trim Apple

Posted on February 18, 2015 by - News

hedge

Despite claims by the Tame Apple Press that the fruity cargo cult is at the top of its game after the launch of its new bendy iphone 6, Wall Street hedge funds do not agree.

David Einhorn’s Greenlight Capital and Philippe Laffont’s Coatue Management, have been selling their stakes in Apple during the last few months in a sign that they are predicting a slump.

To be fair, Apple did well in 2014 with its shares rising nearly 38 percent. This year the company’s stock is up more than 16 percent year to date and reached an intraday record high of $129.45 per share.

Yet Wall Street’s cleverest money men do not think it is going to get much better. Although Apple is the biggest position in Coatue Management’s portfolio, the firm sold 1.7 million shares at the end of the quarter, or more than 15 percent of its stake, leaving it with 8.9 million shares.

Greenlight said it cut Apple holdings by 6.2 percent to 8.6 million shares during the quarter.
Eric Mandelblatt’s Soroban Capital Partners sold 4.3 million Apple call options, liquidating the fund’s position. And David Tepper’s Appaloosa Management hedge fund said it had dissolved its stake in Apple, while Leon Cooperman’s Omega Advisors sold 808,000 Apple shares to own 383,790 shares at the end of the fourth quarter.

Last week, billionaire activist investor Carl Icahn tried to talk up his technology company’s shares claiming that they should be trading at $216 apiece.

It seems that few others agree.