It’s fascinating being a close observer of the OpenStack ecosystem. To be honest, the machinations and posturing among the different players feels almost like a John Le Carre novel with friends, enemies and seemingly dozens of shades in between.Two companies that epitomized this are Mirantis and Red Hat. Red Hat, the 800-pound gorilla in the open source world, has had long-term success commercializing various open-source projects, initially Linux, of course, but a host of others since.For its part, Mirantis is a much newer player and was borne after the advent of OpenStack. Mirantis is essentially trying to “out Red Hat Red Hat.” The two were, back in distant memory, close partners, with Red Hat investing in Mirantis and talking of potential acquisition plans. Red Hat went in a different direction, however, acquiring competing OpenStack service provider eNovance and embarking on a war of words with the upstart. In fairness, I have to point out that the war of words between the two has been mutual, with Mirantis doing its part to fuel the flames.To read this article in full or to leave a comment, please click here
It's India meets Indianapolis: Bangalore-based consulting firm Wipro is buying Appirio for US$500 million to bulk up its cloud applications business.With more resources behind it, cloud services vendor Appirio will be in a better position to fight back against big consulting firms like Accenture and Deloitte, which "have garnered disproportionate market share" in the cloud services market in recent years, Appirio CEO Chris Barbin wrote in a blog post explaining the deal.Appirio, based in Indianapolis, offers a range of cloud applications integration services, many of them built around Salesforce.com -- a logical fit since it grew out of Salesforce's AppExchange startup incubator. The 10-year-old company also partners with Workday, Google and Amazon Web Services, and numbers Facebook, eBay and Coca-Cola among its customers.To read this article in full or to leave a comment, please click here
The digital business era has brought with it a number of new tools and technologies, such as software-defined networking (SDN), Internet of Things (IoT), mobility and the cloud. These innovations enable businesses to increase their level of dynamism and be more distributed, but they also increase the complexity of securing the business. Old-school security methods and tools do not work in an environment where the perimeter is eroding and resources are becoming more virtual and cloud-centric.+ Also on Network World: Always be prepared: Monitor, analyze and test your security +
To combat this, security professionals have embraced the concept of segmentation. The number of segmentation providers has exploded over the past few years, including VMware repositioning its NSX network virtualization product as a micro-segmentation solution. To read this article in full or to leave a comment, please click here
A few years ago Edward Rose & Sons was suffering from the mother of all business process messes. The real estate developer's business processes had become inefficient. Its four divisions were using different property management, accounting and construction management systems. Employees were forced to shuffle paper for contracts and various other work documents. This made it difficult for management to consolidate and make sense of financial statements as they mulled purchasing more land.
Edward Rose & Sons CIO Joe Simpson.To read this article in full or to leave a comment, please click here
Every version of Windows — client and server — has promised improved security. But with Windows 10 and Windows Server 2016, Microsoft is going beyond the usual incremental improvements and closing of loopholes and giving you the tools to reduce the dangers of phished credentials, over-privileged admins and untrustworthy binaries.To read this article in full or to leave a comment, please click here(Insider Story)
Cisco Systems' Talos team has developed an open-source tool that can protect the master boot record of Windows computers from modification by ransomware and other malicious attacks.The tool, called MBRFilter, functions as a signed system driver and puts the disk's sector 0 into a read-only state. It is available for both 32-bit and 64-bit Windows versions and its source code has been published on GitHub.The master boot record (MBR) consists of executable code that's stored in the first sector (sector 0) of a hard disk drive and launches the operating system's boot loader. The MBR also contains information about the disk's partitions and their file systems.To read this article in full or to leave a comment, please click here
Distrust in the U.S. voting process and the presidential election has reached an all-time high, with many concerned their ballots won’t be counted. Voters can rest easy, though, when it comes to voting technology. Ballot errors are almost non-existent, said the CEO of voting system builder Clear Ballot.+ Also on Network World: Hacking the Election: Myths & Realities +
Clear Ballot, a venture-backed company in Boston, builds an end-to-end voting system that includes precinct voting, accessible voting to serve disabled voters, central tabulation, consolidation and reporting, and an election management system, all using commodity off-the-shelf hardware. Most voting systems are built using proprietary hardware and software platforms. Because the voting system relies on commodity hardware, acquiring and setting up a ballot verification system is straightforward.To read this article in full or to leave a comment, please click here
Looking to lock down government cloud-based resources in particular, researchers from the Intelligence Advance Research Projects Activity this week announced a program that will develop better technology to manage and secure Virtual Desktop Infrastructure environments.
+More on Network World: Gartner: Virtual personal health assistants and other technology eliminate the physician for annual exams+
The advanced research arm of the Office of the Director of National Intelligence rolled out the Virtuous User Environment (VirtUE) program which the agency says “is looking to use the federal government’s impending migration to commercial cloud-based IT infrastructures and the current explosion of new virtualization and operating system concepts to create and demonstrate a more secure interactive user computing environment than the government has had in the past or likely to have in the near future.”To read this article in full or to leave a comment, please click here
Windows 10's cumulative updates have ballooned in size, and a similar bloat will also affect the Windows 7 updates that Microsoft revamped this month.According to data published last month by LANDesk and refreshed by Computerworld with October's numbers, Windows 10 cumulative updates for the three versions of the new OS have surged in size.Updates for Windows 10 version 1507 -- the debut that launched in July 2015 -- have grown 153% (for the 32-bit edition) and 181% (64-bit), from 184MB and 368MB to 466MB and 1,034MB (or over a gigabyte), respectively, in just over a year.Those for version 1511 -- Windows 10's first "feature update," issued in November 2015 -- exploded in comparison: The first 64-bit 1511 update was 49MB, but the cumulative update released earlier this month was a whopping 989MB, for a growth rate of 1,918% in under 12 months.To read this article in full or to leave a comment, please click here
Writing secure code can be challenging, and implementing cryptography correctly in software is just plain hard. Even experienced developers can get tripped up. And if your goal is to swindle people quickly, not to wow them with the quality of your software, there are sure to be serious crypto mistakes in your code.Malware authors may provide significant lessons in how not to implement cryptography. Such was the upshot of research by Check Point’s Yaniv Balmas and Ben Herzog at the recent Virus Bulletin conference in Denver. Malware authors may be more likely to insert crypto doozies in their code than developers working on legitimate software because they may not care as much about code quality or design, said Balmas and Herzog. These criminals are focused on getting a product that does enough to satisfy their immediate requirements -- and no more.To read this article in full or to leave a comment, please click here
Apple Pay marks its two-year anniversary this week, and while it supposedly helped spark a revolution for in-store mobile payments, there's not much celebrating by Apple or its payments rivals.
While Apple, Samsung Pay, Android Pay and many others keep adding users, the rate of adoption is far below what was expected when Apple Pay arrived on Oct. 20, 2014.
More worrisome is the low repeat-user rate. Many consumers will sign up for a payment app and try it out with contactless technology like Near Field Communications (NFC) on a smartphone once to buy something in a store. After that, many don't bother to do it a second time, because it is just too easy to use a credit or debit card -- or even cash, according to a recent survey.To read this article in full or to leave a comment, please click here
Pedal to the metalImage by ThinkstockFor as long as Windows has existed, third-party programs have sprouted up to fix its most glaring headaches and omissions—only to be eventually squashed when Microsoft corrected course. Several of those programs, from PDF readers to ISO mounting tools to file management boosters, became unnecessary when Windows 8 rolled out. But Microsoft’s relentless axe didn’t stop there.To read this article in full or to leave a comment, please click here
In three presidential debates, including the final one Wednesday night, the two candidates did not talk about the H-1B visa program. This was the last opportunity for Donald Trump and Hillary Clinton to compare and contrast what may be tech's most controversial issue.The portion of the debate set aside Wednesday night for immigration quickly shifted to a discussion about hacked emails and Kremlin meddling. Fox New anchor Chris Wallace may be criticized for allowing this portion of the debate to run off the rails, but the person who deserves the most blame is Trump, the Republican nominee.Trump had everything to gain by raising the temporary visa issue and its use in offshore outsourcing. The tech industry has thrown its financial support behind Clinton, the Democratic nominee.To read this article in full or to leave a comment, please click here
Pixel PerfectImage by Derek WalterIt’s finally here.The new Google Pixel is in your hands and ready to deliver on the promise of Google-designed smartphone bliss. There’s a lot to unpack, even if you’ve already been down the Nexus road before. Google has taken the integration of Android and hardware to a new level, and there are a lot of little features hiding just underneath the surfaceTo read this article in full or to leave a comment, please click here
Intel's hope of recovering a record antitrust fine have improved with a recommendation from a top European Union judge on Thursday that the case be reviewed.The company paid the €1.06 billion (then US$1.4 billion) fine in 2009 after the European Commission found it guilty of abusing its dominant position in the market for x86 processors. Since then, it has been seeking to have the judgment overturned, first by the EU's General Court and then, since 2014, by the EU's highest legal authority, the Court of Justice.The CJEU heard that appeal in June, and now Advocate General Nils Wahl has issued his recommendation to the court. The opinions of the court's advocates general are not binding, but it often follows them.To read this article in full or to leave a comment, please click here
There are big changes afoot for Google Cloud Platform's storage offerings. On Thursday, the company announced a complete overhaul of the storage options available to customers, complete with new storage tiers and reduced pricing.Customers that need incredibly high availability storage can use Google's new fully managed Multi-Regional Cloud Storage service, which will replicate data across multiple Google Cloud data centers in different areas for high-uptime access. On the opposite end of the spectrum, the company also launched a new Coldline storage service that's designed for data accessed less than once a year like backups.The storage changes are part of Google’s overall pitch to capture businesses in a highly-competitive cloud market. Managed, multi-region storage will be helpful for customers who don’t want to worry about reliability, and the new Coldline storage will help GCP compete with other cold storage offerings like Amazon Glacier.To read this article in full or to leave a comment, please click here
At long last, Apple has plans to refresh its beleaguered Mac lineup. Late yesterday afternoon, Apple sent invitations to select media outlets for a special Mac-oriented event that will take place next Thursday at 10 a.m. PT at 1 Infinite Loop.The upcoming event will focus largely on refreshed Macs and will likely be anchored by a completely revamped MacBook Pro. According to various rumblings from the rumor mill, Apple's upcoming MacBook Pro will not only have upgraded internals, but it will feature an OLED touch panel located at the top of the keyboard in place of where the function row resides.One of the more intriguing benefits of an OLED touch panel built directly into the keyboard is that the keys themselves would presumably be able to adjust in real time to correspond to the demands of the user or a specific application. For example, if you have Netflix running, the OLED touch panel would display Netflix-centric commands to provide a more efficient and intuitive user experience.To read this article in full or to leave a comment, please click here
A suspected Russian hacker arrested recently in the Czech Republic was involved in a massive 2012 data breach at LinkedIn, the professional social networking company says. LinkedIn said Wednesday that it has been working with the FBI to track down the culprits behind the data breach, which exposed hashed passwords from 117 million accounts."We are thankful for the hard work and dedication of the FBI in its efforts to locate and capture the parties believed to be responsible for this criminal activity," LinkedIn said in an email.To read this article in full or to leave a comment, please click here
Yahoo is asking that the U.S. government set the record straight on requests for user data, following reports saying the internet company has secretly scanned customer emails for terrorism-related information. On Wednesday, Yahoo sent a letter to the Director of National Intelligence James Clapper, saying the company has been "unable to respond" to news articles earlier this month detailing the alleged government-mandated email scanning."Your office, however, is well positioned to clarify this matter of public interest," the letter said.The scanning allegedly involved searching through the email accounts of every Yahoo user and may have gone beyond other U.S. government requests for information, according to a report from Reuters. To read this article in full or to leave a comment, please click here
A Russian hacking group used spearphishing to steal the Gmail login credentials of Hillary Clinton campaign staff, and that may be how campaign emails now being released were stolen, according to Secure Works.
The attack targeted 108 hillaryclinton.com email addresses, and was carried out by a Russian group called Threat Group-4127 (TG-4127), according to Secure Works’ Counter Threat Unit (CTU) blog.
CTU can’t directly link the spearphishing operation against the Clinton campaign with the hack of Democratic National Committee emails revealed June 14, but “CTU researchers suspect that TG-4127 used the spearphishing emails or similar techniques to gain an initial foothold in the DNC network. “To read this article in full or to leave a comment, please click here