Superfish site downed after Lenovo debacle

lenovo-logoThe company that is behind the technology that powers Superfish has suffered a distributed denial of service (DDoS) attack.

That’s according to Forbes, which said the technology is called Komodio and the site is down, with the company saying the DDoS attack has happened because of media interest.

Earlier this week, it was revealed that Lenovo distributed malware with some of its machines, although because of the Chinese New Year, it doesn’t appear able to comment on the debacle.

Forbes talked to the founder of Komodia, a man who formerly worked for Israeli cyber intelligence. He said that he couldn’t comment on the Lenovo debacle because he’s under contract to the Chinese company.

But the Komodia software is included on many other software programs and is pretty easy to hack.

Software include some parental control software and in other web filter programs available worldwide.

Harvard invents flat lens

glassesPhysicists at Harvard University claim to have made a breakthrough in optics that will mean perfect colours can be captured with a flat ultra thin lens.

The prototype, made of a glass substrate, includes small light concentrating silicon antennae – when light is shone on the lens it bends immediately but light passes through.

And the effects of the bending can be designed in software and fine tuned for different applications.

Robert Wallace, professor of applied physics at Harvard said: “What this now means is that complicated effects like colour corrections, which in a conventional optical system would require light to pass through several thick lenses in sequence, can be achieved in one extremely thin, miniaturised device.”

Bernard Kress, in charge of Google optics, posed a challenge to work toward the goal of a flat lens. And for him, at least Google Glass is not dead and buried.

He said: “The Google Glass group is relying heavily on state of the art optical technologies to develop products that have higher functionalities, are easier to mass produce, have a smaller footprint, and are lighter, without compromising efficiency.”

The Harvard physicists think the invention will rival equipment used in photography, astronomy and microscopy. It will also likely e used in optical comms devices, compact cameras and imaging devices.

 

IBM opens London studio

ibm-officeIn a bid to promote projects based on data, IBM said that it has opened a London studio to be the hub of design in London.

IBM wants to pull in clients from healthcare, financial services and the retail marketplace to cooperate with IBM consultants and researchers to explore integrating mobile, social, analytics and cloud technologies. Obviously it wants to sell its products and services.

IBM Design prototypes data centric products and uses its Design Language as a framework for developing future products and services.

The studio is being endorsed by the Design Council. John Mathers, CEO, said that good quality improves people’s lives. “This is why we work to bring the design and business communities together and help develop the skills which are vitally important to our economy.”

Matt Candy, who runs IBM projects like this in Europe, said: “London is a creative epicentre that now boasts a powerful digital economy. IBM Studio will bring digital experiences to our exceptional digital city, where some of our most forward looking clients reside.”

The studio will be based at IBM’s head office in Southwark.

 

Russia takes aim at Google

330ogleGoogle is under attack again by government agencies, but this time its Russia that’s being accused of anti-monopolistic practices.

Search site Yandev asked the anti-competition watchdog to investigate claims whether it was taking advantage of Google’s Android operating system and shutting out competing apps.

Google is denying it behaves in a monopolistic manner and according to Reuters said people have complete control over apps on devices.

The same wire says that the European Commission is also pursuing Google to answer questions about whether its dominance in the mobile operating systems marketplace precludes competition.

And that’s not the end of it – the USA is also putting Google under the magnifying glass, even though Google said it will keep Android as an open system.

British and US spooks stole SIM card keys

james_bond_movie_poster_006Spies from the US and the UK hacked into the internal computer network of the largest manufacturer of SIM cards in the world and stole encryption keys used to protect the privacy of mobile phones.

According to the latest release from the Edward Snowden cache, the hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ.

It all happened in 2010 when GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s mobiles, including both voice and data.

Gemalto, a multinational firm incorporated in the Netherlands, makes chips used in mobile phones and next-generation credit cards. Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world.

It makes two billion SIM cards a year and with the stolen encryption keys, intelligence agencies could monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments.

British spies mined the private communications of unwitting engineers and other company employees in multiple countries.

Apparently, Gemalto did not notice and still cannot work out how it was done.

According to one secret GCHQ slide, the British intelligence agency penetrated Gemalto’s internal networks, planting malware on several computers, giving GCHQ access.

Open saucy Microsoft puts Azure on Ubuntu

Every silver has a cloudy liningMicrosoft has released its Azure hosted service so that it can run Linux.

Microsoft showed off a preview of Azure HDInsight running on Ubuntu and the makers of the open saucy gear Canonical claims that it is a recognition that Ubuntu is great for running Big Data solutions.

For those who came in late, Azure HDInsight, is Microsoft’s Apache Hadoop-based service in the Azure cloud. It is designed to make it easy for customers to evaluate petabytes of all types of data with fast, cost-effective scale on demand, as well as programming extensions so developers can use their favourite languages.

The big idea is that people that already use Hadoop on Linux on-premises like on Hortonworks Data Platform, because they can use common Linux tools, documentation, and templates and and now they can extend their deployment to Azure with hybrid cloud connections.

It is not all one way traffic.  Canonical has Juju which  is a Cloud Orchestration tool. This is the result of years of effort to optimize Big Data workloads on Ubuntu. This will mean that Azure will effectively gain access to this.

Apple might troll its way into VR control

apple-disney-dreams-snow-white-Favim.com-142405Famous for operating its reality distortion shield, Apple might have taken control of the Virtual Reality market with an ancient patent application.

Apple was granted a patent for a Gear VR-like mobile headset which would use a portable device (like a smartphone) as the primary display. However the patent is similar to Samsung’s Gear VR and a swath of VR smartphone adapters out there like Google Cardboard.

According to patent attorney, Eric Greenbaum the patent could kill off all competition for mobile VR headsets and patent troll the market to oblivion.

In 2008  Apple filed a patent for a “Head-mounted display apparatus for retaining a portable electronic device with display.”

The patent describes a device which sounds an awful lot like Gear VR and other VR smartphone adapters. Eric Greenbaum, told Road to VR  that the Apple patent may have broad ramifications for mobile-device based head mounted displays.” Which I take to mean, Apple could have a case on their hands if they wanted to challenge Gear VR or similar devices in court.

He thinks that Jobs’ Mob may have pressed to get the patent through the system after Gear VR was announced.

Greenbaum  warned that Apple has not yet announced a plan to build any VR products. However their patent filings indicate a strong interest in the field and I would expect them to be planning something.

This Apple HMD patent is significant. I would say it introduces potential litigation risks for companies that have or are planning to release a mobile device HMD.

There is no duty for Apple to make or sell an HMD. They can sit on this patent and use it strategically either by enforcing it against potential infringers, licensing it, or using it in forming strategic partnerships.

In other words, Apple without actually inventing anything could take control of the entire market.  It could cherry pick the best technology out there and then release its own product.

 

New chips put Qualcomm on top for now

qualcomm-snapdragonQualcomm has released four Snapdragons 415, 425, 618, and 620 which tighten its grip on the mobile chip maket.

All the SoCs support 64-bit, they all connect to 4G LTE networks—the 425, 618, and 620 and can support super-fast 300 megabit per second networks. The last two chips are based around ARM’s new Cortex A72, instead of a more in-house chip design.

The Snapdragon 618 supports a “next generation Adreno GPU,” an integrated category 7 LTE-Advanced modem (300 Mbps download/100 Mbps upload) and dual image signal processors which support 21 megapixel cameras. It also supports HEVC/H.265 video encode and decode.

The Snapdragon 620 is more of the same but with four Cortex A72 cores instead of two word on the street is that it has a better GPU too.

All the chips should be in the shops in the second half of 2015 where they might rule the mid-range market.

Qualcomm has been snuggling up to ARM lately so that it can focus on the other components of the chip, particularly graphics and the various wireless radios. This has meant that it can churn out chips just as the world wants faster, next generation LTE-Advanced networks.

It is clearly in the lead for now, but that is set to change. Samsung’s upcoming Galaxy S6 will have its own designed and manufactured chip under the bonnet. This is because it said it did not like what Qualcomm was doing. Sony and HTC are also dissatisfied and are flirting with chips from MediaTek.
LG’s already working on its own “NUCLUN” chip and there is mutterings that even Intel might have something better.

 

Intel is open source king

Intel Q4_14_ResultsThe once famous proprietary chipmaker Intel is set to become the largest contributor to the open sauce Linux.

A report from the Linux Foundation said Intel was the largest corporate sponsor of new contributions to the Linux computer operating system.

This means that Intel has replaced some top notch software companies, having made more than 10,000 more changes to Linux Kernel.

It makes sense, Linux plays a significant role in computers integrated inside communications networks and industrial equipment, which are vital segments for Intel.

Doug Fisher, who heads Intel’s software group, is also on the board of the Linux Foundation he said that Intel wants to explore new markets through its chips by integrating it in wearable computing, connected appliances and mobile technologies. Intel has hired several thousand software developers to assist in developing new features for Linux.

Intel has made $350 million in revenue during 2014 by using a component of the IT infrastructure it supplies, according to the company’s annual IT business review.

The report suggested Intel is exploiting IT services in a better way like data analytics and collaboration tools for “optimized business workflows and [to] unlock new insights” to generate millions of dollars of new revenue.

ITC intros high speed analytics

Pic Mike MageeITC Infotech said that it has introduced an enterprise analytics system that lets users more easily access high speed data analytics.

The product, called ZEAS (Z Enterprise Analytics Solution) uses a graphical user interface to analyse big data with the minimum of coding.

The product supports Hadoop open source technology and ITC claims that it will let enterprises analyse big data five times faster than its’ competitors’ offerings.

It also claimed that data analysis projects that would have taken months for experienced Hadoop developers to implement can now be done in weeks.

ZEAS also includes a data operation centre that gives enterprise grade access controls, monitoring and alerting mechanisms for data management.

The company introduced the offering at the Strata+Hadoop World conference held in San Jose this week.

ITC Infotech is a subsidiary of $7 billion company ITC that provides services to global customers. It targets the banking, financial services and insurance sectors.

IBM intros nextgen flash storage

IBM logoBig Blue said that it today introduced two flash enterprise storage products that give high performance and better reliability.

The products, called IBM Flash System storage come in two types, the V9000 and the 900.

The first of these allows enterprises to consolidate existing storage systems under a single management domain.

The 900 gives high performance, enterprise reliability and can be deployed in two hours, compared to days for conventional products.

IBM said it is committed developing flash based storage products to enterprises and industries of whatever size.

In April 2013, IBM invested a billion dollars in flash storage research, as well as making partnerships and product development.

It’s the larger amount of data that makes enterprises move to flash systems, according to Jamie Thomas, general manager of storage at IB.

The systems use Micron semiconductors but IBM has hand tweaked the flash memory chips to deliver what it claims is a better sort of flash storage.

 

HP intros open network switches

HPHewlett Packard said it has launched a line of open network switches for the data centre that gives service providers and Web scale organisations more flexibility for coping with cloud, mobile, social media and big data workloads.

The network switches include options such as choice of hardware and software and branded switches giving access to worldwide local support and services through HP Technology Services.

HP said the products are amongst the first in the category of branded white box switches.

The network switches will be sold to Web scale data centre customers through its partners Acton and Cumulus.

HP’s deal with Cumulus means it will provide Linux OS to cloud based data centres using tools and management from open source and commercial Linux communities.

The first in HP’s line with be two open network switches supporting 10G/40G spine and 10G leaf data centre deployments. The switches come with Cumulus Linux OS.

In the second half of this year, HP will expand the line, hardware and OS software options.

Lenovo installed malware on laptops

lenovo_hqA security firm made the alarming assertion that Lenovo had pre-installed software on notebooks it sells that makes them more likely to be hacked.

The program called Superfish, which Lenovo installed on computers intended for home use was software that auto-displays adverts.

And according to Reuters, Errata Security, an American company, said Superfish opens up encrypted connections, so letting hackers take over PCs.

Lenovo officials are on holiday for the Chinese New Year and so far have not responded to the allegations.

However, Ken Westin, a senior security analyst at Tripwire had plenty to say on the matter.

“With increasingly security and privacy conscious buyers, laptop and mobile phone manufacturers may well be doing themselves a disservice by seeking outdated advertising based monetisation strategies,” he said.

“If the findings are true and Lenovo is installing their own self-signed certificates, they have not only betrayed their customers’ trust, but also put them at increased risk,” he added.

 

US banks finally adopt mark of the beast

Card-fraudUS banks have finally twigged that the reason they keep losing money to credit card theft is because they insist on being the last bastion of low tech cards.

Given the fact that the free market is supposed to decide the best form of technology to defend its transactions, the US banks have been dragging their collective trotters adopting the EMV standard.

Meanwhile in Europe, the birthplace of Europay, MasterCard and Visa (EMV) standard there is a low amount of credit card fraud while in the US it is incredibly high.

Now the US is finally making the transition to secure cards based on the European EMV standard, mostly because the liability shift imposed by the three big credit card brands — Visa, MasterCard and American Express — will start on October.

If the merchant is EMV compliant and has a POS system equipped to read EMV cards, and the card is not, because the financial institution has not started issuing them yet — effectively forcing the merchant to run your card on the magnetic stripe reader — then the bank or credit card issuer has to pay for the misuse of the card.

If the issuer has upgraded to EMV by sending chip cards to its cardholders, but the merchant has not upgraded their point of sale to accept them, the retailer bears the cost for counterfeit fraud.

While all this is a pain for the banks and retailers, it is widely accepted in the US that something has to be done. A wave of data breaches that has hit major retailers such as Target and Home Depot, among others, has convinced many card issuers that the expense of sending new cards fades in comparison to the consequences of new data breaches. It will probably take another three years for full adoption.

Some analysts expect fraud to increase this year, as thieves will step up their efforts to capture more credit card details before the EMV conversion starts to take a grip on their bottom line.

It is unclear why the US has been so slow in adopting the chips, one reason might be the fact that their parts of the US which may refuse to use them because of religious reasons.  Parts of the bible belt believe that the move to such technology is a sign of the “end times” and that any electronic transactions are the same as the “mark of the beast” of revelation.

French spooks behind latest malware

peter_sellers_3918It seems that the French are not going to stand idly by while other nations spies get all the attention for creating spyware.

Cyphort Labs found a cyber-espionage tool of the kind a nation state would be behind which invades Windows desktop machines and aims at extracting almost anything of value: it steals data from instant messengers, softphones, browsers and office applications.

Dubbed ‘Babar64’  the malware is believed to have been written by French intelligence.

It is a natty bit of code. It logs keystrokes, taking screenshots, steams audio from softphone applications, nicks clipboard data and can steal the names of desktop windows.

The malware creates an invisible window, with no other purpose than to receive window messages. By processing the window message queue it filters out input events and dispatches them to a raw input device object. Said object is configured to grab keyboard events through GetRawInputData.

Babar has two hard coded C&C server addresses included in its configuration data — http://www.horizons-tourisme.com/_vti_bin/_vti_msc/bb/index.php and http://www.gezelimmi.com/wp-includes/misc/bb/index.php

The domain horizons-tourisme.com is a legitimate website, operated by an Algerian travel agency, located in Algiers. The website is in French and still online today. Gezelimmi.com is a Turkish domain, currently responding with an HTTP error message 403, access not permitted. Both domains appear to be of legitimate use, but compromised and abused to host Babar’s server side infrastructure.