Tag: newstrack

Apple is no longer shellshocked

Posted on September 30, 2014 by - News

tim-cook-securityApple has finally released updates to protect Mac OS X systems from the dangerous “Shellshock” bug.

The osxPatches are available via Software Update, or from the following links for OS X Mavericks, Mountain Lion, and Lion.

What is amazing is the amount of time that Apple has taken to get the patch to its users. Given that it was given a patch by open sources weeks ago.

Sources within Apple suggest that the company did not want to trust any outsider when it came to the patch and ordered its software engineers to come up with a version of its own. This resulted in a long delay.

It was also not helped by Apple claiming that it was invulnerable to the Shellshock bug.

“With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services,” an Apple spokesperson said last week, adding that the company is “working to quickly provide a software update for our advanced UNIX users.”

Shellshock has been built in to every version of bash since the system’s inception in 1989. A remote attack, nefarious users could potentially issue commands to an affected computer with the intent of gathering information modifying system files and more.

Mac owners running Mavericks can download the 3.4MB patch through Apple Support website, as can users operating Mountain Lion and Lion. For Mountain Lion, the fix comes in at 34.3MB, while the Lion download clocks in at 3.5MB. Alternatively, the patch is available through Software Update.

Cisco gets into cloudbusting

Posted on September 29, 2014 by - News

Clouds in Oxford: pic Mike MageeNetwork giant Cisco said it has added 30 partners to its Intercloud initiative.

Customers want the cloud to be less hazy less than it is and Cisco believes it can help itself and them by developing standardised cloud apps as well as very secure hybrid clouds.

New partners include Deutsche Telekom BY, NTT Data and Equinix and said it will put up $1 billion for cloud financing using its equity arm, Cisco Capital.

Cisco claims that its announcements will expand the reach of its cloud initiative across 250 datacentres in 50 countries.

Rob Lloyd, Cisco’s president of sales and development said that his company is in a position to connect different cloud services by using a common stack.

Cisco signed a number of providers to build a channel programme using Comstor, Ingram Micro and Tech Data.

The firmis offering Cisco hybrid cloud bundles – a combination of tech and services – to help enterprise customers to build different kinds of cloud environments.

IBM Lenovo sale is a done deal

Posted on September 29, 2014 by - News

A not so mobile X86 PCLenovo’s offer to buy the remainder of IBM’s X86 business is likely to be concluded this Wednesday.

IBM is disposing of the deal to the Chinese manufacturer for $1.8 billion and when the acquisition is complete, it will finally have washed its hands of all of its X86 business.

That doesn’t mean its out of the hardware business completely, of course.  It will carry on selling its mainframes and a number of other high profit and enterprise standard appliances.

It was the first to launch an X86 personal computer back in the 1980s but its exclusive hold in the market was swiftly dented by competition from clone makers such as Dell and Compaq.

The deal will be completed because it waited approval from the European Union, China and the USA. But authorities in these territories have raised no objections to the sale.

When the deal is complete, it will catapult Lenovo into the major league of X86 players and will let it diversify its business by targeting the lucrative high end of the market.

Yahoo kills off Yahoo

Posted on September 29, 2014 by - News

blazing-saddles-655Yahoo has decided to kill off the product which started it all off.

In 1994, Jerry Yang and David Filo, graduate students at Stanford University, created a hierarchical directory of websites, “Jerry and David’s Guide to the World Wide Web”. In March of that year, they gave it the name “Yahoo!” for “Yet Another Hierarchical Officious Oracle.”

At the time, human-curated web listings were the bee’s knees and search engines were not exactly up to snuff. At the time, the web was a smaller place and in those golden times  children were respectful to their parents.

Directories were killed off as the web grew and Google, in particular, made search engines useful. The directory fell out of fashion. Yahoo kept its directory around with hundreds of thousands of sites listed, but fewer people use it.

Now it is for the chop. Yahoo has shut down more than 60 products and services in a bid to do fewer things better. The directory has escaped previous culls, but has finally been deemed surplus to requirements.

You will have until December 31 before the directory is switched off and joins the heavenly chorus of out-of-date tech.

“iPhone clone” faces cloning problems

Posted on September 29, 2014 by - News

OrphanBlacChinese phone maker Xiaomi, which faces continual attacks from the Tame Apple Press for daring to make a phone similar to Apple’s, is facing a cloning problem of its own.

Chief Communications Officer Li Lei at Xiaomi said that it was wrong that Xiaomi was an iPhone clone and the outfit created a masterpiece from scratch.

Where Xiaomi is similar to Apple is that it has a strategy of selling single models in large quantities.

“That is why Xiaomi products give such impression,” added Li. “We release very few models a year. As everyone knows iPhone 4 and 5, everyone knows Xiaomi 3 and 4.”

Li said that Xiaomi’s strong points were that its products reflect Chinese users’ unique characteristics or experiences. That is the same to other Xiaomi electronic products, including mobile phones.

Ironically Xiaomi’s biggest problem is knock offs. It has launched its products in the Philippines, India, Indonesia, Hong Kong and Taiwan. It plans to advance into 10 more countries within this year.

“The biggest problem of a fake is that it cannot guarantee the quality and also taints reputation of Xiaomi. Consumers may complain ‘How come a Xiaomi product is in poor quality,’ and give poor evaluation on Xiaomi products,” Lei said.

Of course, the Tame Apple Press thinks that is just one giant karma boomerang which they are praying is returning to bite Xiaomi.

Cops want “hands on” policing of the internet

Posted on September 29, 2014 by - News

1408707700441_wps_2_FILM_Carry_On_Constable_1London coppers have called for more state controls of the world wide web to prevent internet anarchy.

The City of London Police’s Intellectual Property Crime Unit is a taxpayer funded security force for private companies who want to protect their content without having to spend too much.

According to PIPCU head Andy Fyfe, despite some successes,  more state interference may be needed to stop internet anarchy.

The unit uses a wide range of strategies, from writing to domain registrars and threatening them, to working with advertisers in order to cut off revenues from ‘pirate’ sites.

But Fyfe also believes that the Government may have to tighten the rules on the internet, to stop people from breaking the law.

He said he was interested in having a debate in the media about how much policing of the internet people want. At the moment, he does not see any regulation and or policing of the internet.

PIPCU’s chief believes that the public has to be protected from criminals including pirate site operators who take advantage of their trust.

He thinks that if things go wrong, the Internet becomes completely ungovernable, no one will dare operate on it at all.

“So should there be a certain level of … state inference in the interest of protecting consumers? I’m very keen to raise that as a debate,” Fyfe notes.

Tighter rules may be needed to prevent people from breaking the law in the future. This could mean that not everyone is allowed to launch a website, but that a license would be required, for example.

Fyfe  predicts that eventually the government will decide that it has had enough and it’s not getting enough help from those main companies that control the way we use the internet. Then it will imposing regulations, imposing a code of conduct about the way people may be allowed to operated on the internet.

Psychic forces bent my iPhone

Posted on September 29, 2014 by - News

uri-geller-2Apple’s super-bendy iPhone might not be a product of poor structural design at all, but problems might be down to psychic forces, according to top spoon bender Uri Geller.

Geller who is an expert in bending metal objects with his mind says Apple’s bending iPhone 6 woes could be explained by “mental forces”.

Geller said there were two possible reasons for the phenomenon. Either the device is extremely thin so that it bends when even a weak force is implied on it.

However, Geller discounts this because he finds it hard to believe that a company of Apple’s stature hadn’t conducted tests on the thing before putting it into the shops. Otherwise Apple would just be a shonky company selling expensive gear crippled by the stupid ideas of an out of control, over powerful design team.

Instead, Geller’s theory is that the energy and excitement of the millions of consumers stirred up their mental forces causing the iPhone to bend.

He has offered to work for Apple to explain to the world that the phenomenon is not at all the company’s fault.

Geller has some experience in this apparently. Once he bent his Blackberry with the power of his mind.

We do not think Apple will take him up on it. It insists that only nine customers have complained that their phones went floppy after they stuck it in their pants.

FBI worried about unsearchable phones

Posted on September 26, 2014 by - News

untouchablesThe Untouchables are worried about Apple and Google’s smartphones which cannot be searched by the FBI.

James Comey, the Federal Bureau of Investigation director, said he was “concerned” over Apple and Google marketing smart phones that can’t be searched by law enforcement which would force them to investigate criminals like the old days.

He told hacks that the companies are marketing something expressly to allow people to place themselves beyond the law.

Comey said the bureau has “reached out” to Apple and Google “to understand what they’re thinking and why they think it makes sense”.

Phone makers have moved to encryption in the wake of NSA leaker Edward Snowden’s revelations about massive US government surveillance.

Apple announced the enhanced encryption for iOS 8, which Apple says makes it impossible for the company to decrypt a locked device, even for law enforcement. While Android’s encryption was optional, it works similarly. In its upcoming Android L release, encryption will be enabled by default.

Of course the actual ability for Google and Apple to keep the spooks out of communication is limited.  Both companies store data on the cloud and it can be obtained using a court order.

Encryption will probably protect users from individuals trying to snoop in on a stolen or resold phone, but there’s nothing to stop the FBI from getting a warrant for data on your phone or for data stored in the cloud connected to your account.

 

US more likely to hack you than the Chinese

Posted on September 26, 2014 by - News

1220aTwo security experts, Jordan Robertson and Greg Martin set up an online honey pot to see which country was more  like to attack it and was surprised to discover that the US was more likely to be an aggressor than the Chinese.

Writing for Bloomberg, the pair  wanted to find a way to show the global nature of attacks against industrial-control systems used in electrical grids, water systems and manufacturing plants. For obvious reasons, attacks against critical infrastructure are among the biggest concerns in cyber-security.

Martin and Robertson  configured the honeypot to look like an enticing industrial-control computer to hackers and traced who attacked it.

The fake control systems were made to look like they were located in the U.S., the U.K., Amsterdam, Brazil, Tokyo and Singapore. The pair wanted a variety of locations to show that systems everywhere are under attack.

Over a three month period, the US was by far the biggest source of attack traffic, trying to hit the honeypot more than 6,000 times, nearly double China with 3,500, Russia, more than 2,500.

The Dutch and France were also carrying out statistically significant amounts of attacks on the honeypot.

The attacks were mostly reconnaissance missions, in which hackers often use less obfuscation, Martin said. However, it does mean that the idea of China being the leading hacking country is a myth and that crown belongs to the United States, which appears to have a policy of hacking everyone.

Tablets and smartphones kill your brain

Posted on September 26, 2014 by - News

mybrianhurtsUsing mobile phones, laptops and other media devices at the same time could be changing the structure of our brains and not in a good way.

University of Sussex research reveals that people who frequently use several media devices at the same time have lower grey-matter density in one particular region of the brain compared to those who use just one device occasionally.

This supports the view that high media-multitasking activity and poor attention in the face of distractions, along with emotional problems such as depression and anxiety.

Neuroscientists Kep Kee Loh and Dr Ryota Kanai point out that their study reveals a link rather than causality and that a long-term study needs to be carried out before anyone can be certain.

The researchers at the University of Sussex’s Sackler Centre for Consciousness Science used functional magnetic resonance imaging (fMRI) to look at the brain structures of 75 adults, who had all answered a questionnaire regarding their use and consumption of media devices, including mobile phones and computers, as well as television and print media.

People who used a higher number of media devices concurrently also had smaller grey matter density in the part of the brain known as the anterior cingulate cortex (ACC), the region notably responsible for cognitive and emotional control functions.

Kep Kee Loh said his study was the first to reveal links between media multitasking and brain structure.

Scientists have previously demonstrated that brain structure can be altered upon prolonged exposure to novel environments and experience. The neural pathways and synapses can change based on our behaviours, environment, emotions, and can happen at the cellular level (in the case of learning and memory) or cortical re-mapping, which is how specific functions of a damaged brain region could be re-mapped to a remaining intact region.

Kep Kee Loh said that the mechanisms of these changes are still unclear. It is conceivable that individuals with small ACC are more susceptible to multitasking situations due to weaker ability in cognitive control or socio-emotional regulation, it is equally plausible that higher levels of exposure to multitasking situations leads to structural changes in the ACC.

Apple faces the music on bendy, faulty iPhone 6

Posted on September 26, 2014 by - News

bendFruity cargo cult Apple has broken its silence on complaints about bending iPhones, hours after withdrawing a glitch-ridden software update.

Like most of Apple’s statements in the middle of a crisis, the outfit insisted that the problem of bending iPhones was extremely rare.

In the first six days of sale, a total of nine customers have contacted Apple with a bent iPhone 6 Plus,” Apple spokeswoman Trudy Muller said.

That might be true but “bendgate” is all over the Internet and online forums.  The phones do bend when placed in back pockets or while wearing skinny jeans.

Jobs’ Mob insists that its iPhones feature stainless steel and titanium inserts to reinforce high-stress locations and use the strongest glass in the smartphone industry. However structural engineers say that the phone is aluminium and thin so of course it has to bend.

But the bendy phone issue coincided with a faulty update to its latest operating system after some users of its new phones complained of call service disruptions. Users of the iPhone 6 and 6 Plus also complained about the inbility to use the fingerprint-reading Touch ID after updating to iOS 8.0.1.

Muller did at least admit that this problem was a cock up.

Apple said on its website it was working on an iOS update to fix the problem, and will release it in the next few days.

As we reported, Apple said on Monday it had shipped 10 million units of iPhone 6 and 6 Plus. If they are all returned because they bend, then Apple could lose a fortune.

Meanwhile Apple is getting a ribbing from rivals. Samsung ran an advert which showcased a bending phone against its own product, while BlackBerry CEO John Chen said: “I would challenge you guys to bend our Passport.”

Even Nestle Kit-Kat chocolate wafer brand tweeted “We don’t bend, we break”,

 

Motorola leaks phablet Nexus 6

Posted on September 25, 2014 by - News

Google the OgleMotorola is rumoured to be working on two devices for Google which include an upgraded Nexus 5 and a phablet-like Nexus 6.

According to Nine to Five  the Nexus 5 will extend the screen up to a 5.2in diagonal, but the Nexus 6 will arrive with a huge 5.92in display.

The handset,  codenamed ‘Shamu’, will be based on the second generation Moto X, with a few minor tweaks to make it easier to use given the larger screen. The volume and power buttons would be moved further towards the centre of the side of the handset, but the overall design would remain the same. That means it will have an aluminium outer frame, curved rear and forward-facing speakers.

The 2,560×1,440 resolution display will have a pixel density of 498ppi. Under the bonnet is a 2.6GHz quad-core Snapdragon 805 processor, 3GB of RAM and 32GB of internal storage.

The rear-facing camera will reportedly use a 13-megapixel sensor and the ring flash first seen on the new Moto X. It should also use a 3,200mAh battery.

The new handset will run Android L, presumably in 64-bit mode.

It will be the first time Google has tried to release two smartphones simultaneously and the Tame Apple Press claims that it is just copying Apple’s move. After all Apple was the first to introduce phablets wasn’t it?  A 5.92in screen would make the Nexus 6 one of the largest mainstream handsets around.

Apple botches iOS8 update

Posted on September 25, 2014 by - News

CD153Not satisfied with releasing an expensive phone which bends if you stick it in your pocket, Apple has botched an update to its brand new iOS 8 operating system.

TheTame Apple Press praised Apple for releasing an “update” to the iOS 8 platform so early, but this was itself a cover to the fact that the iOS 8 was really broken, it was also packed with U2 which was too smug to be deleted.

However, the update itself was flawed within an hour-and-a-half of it going live, Apple is said to have pulled it. It turned out that the software geniuses at Apple created an update which inserted more problems.

How serious were the bugs, well Twitter is full of people who can’t get a signal following the update, with their iPhones stuck in searching for service mode, or getting the “No signal” message.

Others are seeing problems with the Touch ID fingerprint reader after applying the 8.0.1 update. The problem appears to be confined to the iPhone 6 and iPhone 6 Plus.

An Apple spokesperson said “We have received reports of an issue with the iOS 8.0.1 update. We are actively investigating these reports and will provide information as quickly as we can. In the meantime we have pulled back the iOS 8.0.1 update.”

An unofficial fix for this problem involves rolling back to iOS 8.0.  Our fix is to flog your iPhone on eBay before it is widely condemned as a lemon and buy a phone which does not bend for half the price and then take yourself on holiday somewhere nice with the left over money.

 

Apple ignored warnings of potential iCloud hack

Posted on September 25, 2014 by - News

Three-Wise-MonkeyFruity cargo cult Apple’s delusions of its own iCloud invulnerability may have led to naked pictures of its starlet customers being leaked to the Internet.

A security researcher warned Apple in March 2014 of a security hole that left the personal data of iCloud users vulnerable.

A string of emails went back and forth between Jobs’ Mob and Ibrahim Balic, a London-based software developer, which told the cargo cult of a method he’d discovered for infiltrating iCloud accounts.

The exploit Balic says he reported to Apple shares is similar to the exploit allegedly used in the so-called “Celebgate” hack.

Balic told an Apple official that he’s successfully bypassed a security feature designed to prevent “brute-force” attacks. Typically, this kind of attack is defeated by limiting the number of times users can try to log in.

He said that he could try over 20,000 passwords combinations on any account and he was warning them so that it could be fixed. The vulnerability was also reported by Balic using Apple’s online bug submission platform.

By May 6, the reported vulnerability apparently remains unfixed, as an Apple official continues to question Balic over the details of his discovery, but did nothing.

Then soon after the Celebgate photos exploded across the Web, Apple reportedly patched Balic’s vulnerability.

Apple  denied, however, that it was in any way linked to the Celebgate event. The theft of the photographs, a statement from the company insisted, was not the result of “any breach in any of Apple’s systems including iCloud or Find my iPhone.”

This is the second time that Apple has done this to Balic. In June 2013, he identified a security flaw in the Apple Developer Centre.

In that case, the website was almost immediately taken down, and Apple claimed that “an intruder attempted to secure personal information of registered developers” and it had called the rozzers.

The implication was that Balic was a criminal for reporting the flaw and Apple was only too happy to have him arrested for daring to point out flaws in its security.

Needless to say Balic was a little concerned about that and went public in the form of a comment on a TechCrunch article. He later uploaded a YouTube video, which he says contains proof of his discovery.

Apple later acknowledged Balic for reporting a cross-site scripting (XSS) vulnerability on its Web Server notification page.

Linux security Bashed

Posted on September 25, 2014 by - News

linuxA remotely exploitable vulnerability in Linux has been found and it could be really nasty for those who depend on the operating system.

Stephane Chazelas, who found the vulnerability, has named it CVE-2014-6271, but has been dubbed Shellshock by those who like their viruses to be a little more like a Marvell super-villain.

The flaw is in Bash, which supports exporting shell variables as well as shell functions to other bash instances. It has been a feature of Linux for a long time.

Web applications like cgi-scripts may be vulnerable especially if calling other applications through a shell, or evaluating sections of code through a shell.

The problem is fixed by upgrading to a new version of bash, replacing bash with an alternate shell, limiting access to vulnerable services, or filtering inputs to vulnerable services.

However it could be a while before word gets out that bash is vulnerable and a lot of Linux systems are vulnerable.

Security experts say that this vulnerability is very bad and it will be a race to get systems upgraded before someone has a working exploit.

Tod Beardsley, engineering manager from Rapid7, said it was difficult to write a “bash bug” exploit, but not impossible.

“It’s quite common for embedded devices with web-enabled front-ends to shuttle user input back and forth via bash shells, for example — routers, SCADA/ICS devices, medical equipment, and all sorts of webified gadgets are likely to be exposed,” he said.