Tag: microsoft

IE is back to being Internet Exploder

rage-explosionAfter years of keeping its security flaws down in its Internet Explorer range, Microsoft appears to be under siege from malware writers.

Bromium Labs analysed public vulnerabilities and exploits from the first six months of 2014. The research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013.

This makes IE worse than Java and Flash for vulnerabilities.

It does not appear to be Microsoft’s fault. Hackers had been increasingly targeting Internet Explorer and Vole had responded by a progressively shorter time to first patch for its past two releases.

In contrast, the number of Java zero-days have declined and in the first six months of 2014, there has not been a single public Java exploit.

Bromium thinks that so much attention was paid to JAVA exploits in 2013 and countermeasures such as disabling Java may have had a role in forcing attackers to switch to new targets this year. This resulted in a drop in Java being targeted generally.

The hackers have been using Action Script Spray which is an emerging technique that bypasses address space layout randomisation (ASLR) with a return-oriented program (ROP) chain.

Rahul Kashyap, chief security architect, at Bromium said web browsers have always been a favourite avenue of attack, but hackers are not only getting better at attacking Internet Explorer, they are doing it more frequently.

He said that Action Script Sprays are a new technique and similar techniques will start to appear in the months to come. This is further evidence that the world of Web browser plugins presents a weak link that is just waiting for exploitation.

Web browser release cycles are compressing and the interval between the general availability of a new release and the appearance of the first security patches has been decreasing recently, he noted.

“This may represent greater efforts on the part of software manufacturers to secure their products, or it may represent products being released to market with less security testing than earlier versions received,” Kashyap said.

Microsoft vows to end Nokia losses

nokia-lumiaSoftware giant Microsoft said that it will get its loss-making Nokia phone unit to break even within two years.

Bringing in Nokia into the Vole hill cost Microsoft a seven percent dip in quarterly profit and Redmonds chief financial Vole Amy Hood said that the company plans to take $1 billion in costs out of the Nokia operation and stop its losses by fiscal 2016 following massive job cuts announced last week.

This statement pacified the cocaine nose jobs of Wall Street who did not expect Vole to act that quickly to stop Nokia haemorrhaging Microsoft’s bottom line.

Microsoft shares hit new 14-year highs over the past week, and were up 1.1 percent at $45.33 after hours.

Nokia’s Lumia smartphones, while well-reviewed, have not been as successful as Microsoft hoped, capturing no more than four percent of the global market. Lumia sales hit 5.8 million for the nine weeks of the quarter that Nokia was part of Microsoft.

Vole is in the process of drastically reducing Nokia’s operation, closing some facilities and cutting about half of its 25,000 workforce, as it looks to rein in costs and refocus on cloud-computing.

The fact that the PC market recovered after two years of declines, helped sales of Microsoft’s core Windows and Office products in the quarter.

Overall quarterly revenue rose 17 percent to $23.38 billion, above analysts’ average estimate of $23 billion, although the bulk of that was due to the addition of sales from Nokia.

Microsoft reported fiscal fourth-quarter profit of $4.61 billion compared with $4.96 billion last year.

Putin the thumbscrews on Western tech companies

imperial_russiaTsar Vladimir Putin is taking his revenge on the US for bringing in sanctions against its Ukraine activity by cutting back on the use of American technology.

Apparently Putin is cross about the sanctions which froze the business assets of some of his closest business supporters. He thinks he should be allowed to supply missiles to pro-Russian supporters to use how they see fit without any world sanctions.

It looks like Putin is taking out his frustrations on US companies like Microsoft and IBM and ordering the country to be less reliant on Yankee tech.

Russia’s executive secretary of the commission for the State Duma, Andrey Chernogorov, was quoted as saying, “This all has to do with sanctions. Given the current international tensions, substituting imports with local software and hardware becomes the key to ensuring self sufficiency.”

The State Duma is currently in the process of drafting a bill which would seek to replace products from Microsoft and IBM in favour of software and hardware made by local companies.

It looks like the Russians will eventually only buy products that do not need to be imported or have licensed components.

It is not clear how that will play out yet. Probably some support or pressure to move to Open Source products. That might work well with the software, but hardware dependence on US, made in China, goods will be harder to shake.

Axe falls at the Volehill

Microsoft campusCorporate axemen have been stalking the corridors of Redmond and have so far claimed the heads of 18,000 employees, in the largest staff cull at Microsoft.

The cuts are the first major change made by Satya Nadella, the company’s new chief executive, who said Microsoft needed to be more nimble and focused.

The job cuts are 14 percent of its work force and most of them will come from the Nokia mobile phone business Microsoft acquired this year.

More than two thirds of the up to 18,000 jobs that Microsoft said it would cut will come from Nokia groups, or from overlap at Microsoft resulting from the deal.

Ironically morale at the Volehill had improved since Nadella took over, which might not have happened if people realised that job cuts were on the table.

Nadella has pledged big changes and make some quick decisions releasing Microsoft’s lucrative Office applications for the iPad. And he departed from past practice at the company by making its Windows operating system free for mobile devices to improve its market share.

But Microsoft has become bureaucratic and slow moving and has nearly double the 127,000 employees it had a decade ago. Apple has 87,000 and half of them in its retail stores.

 

Microsoft knows you are rubbish

Microsoft campusResearchers at Microsoft think they have found the secret of when someone is accidently introducing a bug into the software they are developing.

Microsoft researcher Andrew Begel said that instead of trying to go through a developers rubbish code looking for bugs it is possible to tell by looking into the developers eyes.

He hit on the idea of measuring the attributes of the developers themselves to see what cognitive or emotional issues lead to buggy code or lowered productivity.

This would enable employers to intervene and stop them from causing developers to make mistakes in the first place.

Begel has carried out tests using psycho-physiological sensors to measure developers’ reactions to tasks. He used eye-tracking technology, electrodermal-activity sensors (which measure changes in the skin’s ability to conduct electricity), and electroencephalogram sensors (which evaluate electrical activity in the brain).

Using this data, Begel was able to predict the difficulty of a task for a new developer with a precision of nearly 65 per cent. For new tasks the precision was even greater – almost 85 per cent.

Begel suggests that reducing the contrast on the display and making the fonts harder to read would force the developer to apply more brainpower to read and understand the code.

He added that Begel’s system makes no distinction between critical mistakes and minor mistakes, inevitably leading to unnecessary delays.

“I’m pretty sure that the industry could take pieces of the research that would help us understand better why mistakes are happening and when, and therefore how to try and avoid that,” said Shulman.

 

The internet belong US

pressieThe US government has ruled that if data is on the internet, anywhere in the world, it has to be turned over to one of its spying organisations for processing.

President Barack Obama’s administration is insisting that that any company with operations in the United States must comply with valid warrants for data, even if the content is stored overseas.

This means that anyone who uses an iPhone anywhere in the world will see their data inside a US government database.

Microsoft and Apple insist that enforcement of US law stops at the border, but the government seems to think that it rules the world.

A magistrate judge has already sided with the government’s position, ruling in April that “the basic principle that an entity lawfully obligated to produce information must do so regardless of the location of that information.”

Microsoft appealed   and the case is set to be heard in two weeks.

The US government said that content stored online is not protected by Fourth Amendment protections as data stored in the physical world. It quoted a law put out by President Ronald Reagan called the  Stored Communications Act (SCA).  This said that overseas records must be handed over domestically when a valid subpoena, order, or warrant forces them. No one thought that the SCA stuffed up the Fourth Amendment so there is no need to change the laws.

However Microsoft said Congress has not authorised the issuance of warrants that reach outside US territory. It points out that the government cannot issue a warrant allowing federal agents to break down the doors of Microsoft’s Dublin facility.

Microsoft said that consumer trust in US companies is low in the wake of the Edward Snowden revelations and the government will make overseas operations impossible.

It has the backing of Apple, AT&T, Cisco, and Verizon agree. Verizon said if the government wins, it would produce “dramatic conflict with foreign data protection laws.” Apple and Cisco said (PDF) that the tech sector would be blacklisted by foreign governments.

Recently the senior counsel for the Irish Supreme Court wrote in a recent filing that a US-Ireland “Mutual Legal Assistance Treaty” was a way for the US government to obtain the e-mail held on Microsoft’s external servers.

 

Microsoft braces for job cuts

Steve BallmerMicrosoft Chief Executive Satya Nadella has issued an email warning that he will “flatten the organisation and develop leaner business processes”,

Normally that is the sort of announcement which is a prelude to huge job cuts, wringing of hands, and little voles being cast out into the cold and the snow.

But it seems that Nadella is in no hurry to make his full announcement. It seems that he is waiting until July 22 when he will announce Microsoft’s quarterly earnings.

After buying Nokia, Microsoft has 127,000 employees, which makes the outfit far bigger than Apple and Google. Nadella clearly needs to make some cuts, but this will mean Vole’s first major layoffs since 2009.

In a 3,105-word memo sent to employees today and posted on Microsoft’s website Nadella set out his vision for the company five months after taking over as CEO from shy and retired Steve Ballmer.

He described Microsoft as a “productivity and platform company” focused on mobile and cloud computing. This is a little different from Ballmer’s reinvention of Microsoft as a “devices and services” company, which could signal less emphasis on manufacturing hardware.

“Nothing is off the table in how we think about shifting our culture to deliver on this core strategy,” Nadella wrote in the memo.

Nadella has asked his managers to “evaluate opportunities to advance their innovation processes and simplify their operations and how they work”,

In other words, they will have to choose who will have to go.

He did not address the unprofitable Bing search engine directly in the memo. Investors want Microsoft to ditch the software, but Nadella so far has seen the software as having a point.

Microsoft tries to snatch victory from defeat

Bill GatesSoftware giant Microsoft has attempted to claim victory in its quest to shut down the Bladabindi and Jenxcus botnets which infected more than 4.7 million PCs.

Vole went on its own to play cyber cop against the botnet and found itself in a PR nightmare after its actions resulted in shutting down hundreds of legitimate sites.

Microsoft has also identified at least another 4.7 million infected machines, though many are likely still controlled by the botnet.

The botnet has the most members in India, followed by Pakistan, Egypt, Brazil, Algeria and Mexico.

Richard Domingues Boscovich, assistant general counsel of the unit, said Microsoft would quickly provide government authorities and Internet service providers around the world with the IP addresses of infected machines so they can help users remove the viruses.

“Those victims are currently not aware they are infected,” Boscovich said in an interview.

Boscovich claims that the operation is the most successful of the 10 launched to date by Microsoft’s Digital Crimes Unit, based on the number of infected machines identified.

What Vole did was intercept traffic headed to servers at Reno, Nevada-based Vitalwerks Internet Solutions. Apparently, the criminals were using free accounts on its No-IP.com services.

But it did not go that well, Vitalwerks slammed the way Microsoft handled the operation, saying some 1.8 million of its users lost service for several days.

Microsoft has apologized, blaming “a technical error” for the disruption, saying service to customers has been restored.

Giants battle over the internet of thongs

intel_log_reversedMicrosoft has joined Qualcomm and other technology companies in a bid to establish standards for the Internet of fings, fangs, thongs and things, writes Nick Farrell.

The Qualcomm-backed AllSeen Alliance attracting people who want to promote protocols for how smart devices should work together.

Microsoft joined 50 other members in the AllSeen Alliance, including major consumer electronics players Panasonic, LG and Sharp.

However this is not the only standards consortium out there  and chipmakers that compete with Qualcomm plan to launch a rival standards consortium as early as next week.

It looks like we will have another standards war similar to that sparked by the Blu-Ray and HDTV standard.

Apple – known for strictly controlling how other companies’ products interact with its own, in June announced plans for HomeKit, which will integrate control of devices like garage door openers, lights and thermostats.  Of course  Apple gear will be slavishly adopted by Apple fanboys who are keen to have Coldplay playing on their fridge, but will probably not be seen elsewhere.

Last week, Google said it partnered with Mercedes-Benz, Whirlpool Corp and light bulb maker LIFX to integrate their products with Google’s Nest thermostats and smoke detectors.

So far the biggest player, Intel, has stood like Lord Stanley on the sidelines of the Battle of Bosworth waiting for one side to start calling for a horse.  While saying it is keen on the Internet of Thongs,  it is thinking of the internet of bags.

Microsoft allowed to execute Bladabindi and Jenxcus

GuillotineSoftware giant Microsoft has been given permission to disrupt malware by known as Bladabindi and Jenxcus, writes Nick Farrell.

Although Vole has worked with the FBI and others to disrupt communications channels between hackers and infected PCs, it is rare to act on its own. This is also the first high-profile case involving malware written by developers outside of Eastern Europe.

The operation, which began on Monday under an order issued by a federal court in Nevada, Microsoft said the two malwares operated in similar ways and were written and distributed by developers in Kuwait and Algeria.

Microsoft said that it would take days to determine how many machines were infected. Voles’ own, anti-virus software alone has detected some 7.4 million infections over the past year and is installed on less than 30 percent of the world’s PCs.

The developers marketed their malware over social media, including videos on YouTube and a Facebook page. They posted videos with techniques for infecting PCs.

The court order allowed Microsoft to disrupt communications between infected machines and Reno, Nevada-based Vitalwerks Internet Solutions.

Boscovich said about 94 percent of all machines infected with the two viruses communicate with hackers through Vitalwerks servers.

Registries will direct suspected malicious traffic to Microsoft servers in Redmond, Washington, instead of to Vitalwerks.

Vole will then filter out communications from PCs infected with another 194 types of malware also being filtered through Vitalwerks.

Vitalwerks and its operational subsidiary No-IP claim to have a very strict abuse policy. To be fair Microsoft has not accused Vitalwerks of involvement in any cybercrime, though it alleges the company failed to take proper steps to prevent its system from being abused.

Rumours of Windows 9 emerge

Bill GatesSoftware giant Microsoft has been hinting that it will make changes in Windows 9 which should satisfy those who are using Windows 7 and will not upgrade.

While Windows 8 has been a disaster for Microsoft because it forced desktop users to conform to a tablet format and download Apps which did not function as well as their desktop version.

Word on the superinformationstrasse is that Vole is planning to further merge the Modern UI with the desktop in Windows 9 and might reduce the OS’s use for tablet users.

According to WinBeta, the cunning plan is that tablet users will see the demise of the desktop in Windows 9.  Instead Microsoft is set to replace Win32 applications with Modern UI alternatives in Windows 9, meaning Windows is set to get a full on Modern UI facelift when it rolls around next year.

This means that the desktop will no longer have a place for tablet users running Windows RT.
This fits into rumours regarding Windows Phone and Windows RT becoming one operating system. This would see Windows Phone devices and Windows RT tablets run the same operating system with no desktop.  If the device hardware requires it, a cut down version of the desktop will be available, but this is not likely to be seen much.

Vole is apparently worried about Chrome OS.  It wants to make Windows Phone free, and Windows RT being merged with it.  This will use this as the cheaper alternative for OEMs to sell tablets and cheap laptops too.

These laptops will run apps from the Windows Store just like on Chrome OS, which is limited to Chrome OS apps, the Windows Phone/RT devices will be limited to Windows Store apps.

This means that Windows 9 will be different depending on the hardware you use and you will only see a desktop if you are actually on the desktop.

Word on the street is that Microsoft will allow Modern UI apps to run in the desktop, in windowed mode, and have Modern UI apps pinned to the Start Menu instead of a Start Screen.

Analysts sniffy at XP “hack”

framedwindowsA method of receiving updates to Windows XP right up to 2019 has been described by analysts as “very bad news”.

Earlier this week, betanews reported that people now unsupported by Microsoft who have Windows XP can use the embedded version of Windows to receive security updates by a few simple registry changes.

But Richard Acreman, CEO of WM360 said using the tweak was “potentially very bad news for the industry if it encourages anyone to remain on the outdated operating system any longer”.

He said there are legal and security concerns. “Most important is that any company still relying on an operating system released a decade before the first iPhone is setting itself up for a fall.”

There is no clear figure how many people worldwide are still using XP but what is clear that many don’t want to be bumped into a potentially expensive upgrade involving a new user interface and investment in terms of PCs.

Quanta pins hopes on servers

server-racksTaiwanese ODM firm Quanta is hoping that demand for servers will help boost its profits.

That’s according to Digitimes, which claimed that Quanta’s direct customers include Google, Facebook, Amazon, Microsoft, NTT, KDDI, Korea Telecom and Singapore Telecom. NEC uses Quanta to build its units.

The wire reports that server shipments this wire will grow by 20 percent in volume and 40 percent in value.

Quanta, known primarily for its position as a notebook ODM, has decided to create a subsidiary aimed at growing direct sales.

It now has marketing units in the US, China, Japan, Singapore and Germany and hopes to increase sales by opening another European office.

Minty intY starts channel drive

cloud 1SaaS firm intY claimed that it has forged a “historic agreement” with the mighty Microsoft related to Office 365. SaaS stands for software as a service.

It will offer what it dubs a recurring revenue resale model to its high volume partners.  That means, said intY that its partners can resell rather than just recommend Office 365 – meaning better margins and the ability to sell more services.

Chris Baldock, the chief executive officer of intT, said its major partners had problems with the referral only model. One sticking point was Microsoft’s billing relationship that prevented complementary services being offered by the channel on one invoice.

“This agreement puts our larger channel partners firmly back in the driving seat. They become a reseller with margin and value add.”

Customer adoption, added Baldock, is pretty much reliant on channel partners for migration, support and integration.

So the firm is adding Office 365 for resale in its CASCADE mix.

PC market stays in the doldrums

A not so mobile X86 PCHopes that the mobile PC market would show some spunk in the fourth quarter of 2013 were dashed by insipid sales.

According to market research company IHS, although the quarter showed the strongest global sequential growth in four years,  the results were still disappointing.

Shipments of mobile PCs worldwide amounted to 52.6 million units and that’s a rise of 9.4 percent compared to the third quarter of 2013.  But the industry, said IHS, wanted to sell 55.3 million units in the quarter. Compared to the fourth quarter of 2012, sales showed a five percent decline – the sixth year on year decline.

So what’s the problem?  According to Craig Stice, director of computers at IHS, Bay Trail and other platforms were expected to bring cheaperPs to the world.  But the vendors wanted to keep stock levels lean and entry level PCs failed to show high volume.

IHS counts its mobile PC sector as including laptops and PC tablets but as the world+dog knows, people think smartphones and non PC tablets are more appealing.

The industry is hoping against hope that when Windows XP shuffles off its mortal coil, people will buy more PC kit.