China is requiring that all app stores operating in the country register with its Cyberspace Administration in an effort to battle malware but also to tighten control over uncensored content.The rules took effect Monday, in a country where domestic third-party app stores -- not from Apple or Google -- are serving billions of downloads to Android smartphones. Chinese internet companies such as Baidu, Tencent and a host of smaller, shadier local app stores have been feeding the demand, at a time when Google has largely pulled out of the market.To read this article in full or to leave a comment, please click here
January doesn’t just mean the start of a new year for me – it also means an opportunity to review the Nielsen Norman Group’s Intranet Design Annual. The 10 Best Intranets of 2017 were officially announced on January 7, 2017. Even though it’s a little weird to call these the best intranets of 2017 – especially because the submissions were completed in June of 2016 – the report has a lot of interesting and helpful information and design trends that intranet design teams should consider. A word of caution as you review the full report, just because a feature was used in an “award winning” intranet doesn’t mean it needs to show up on your intranet! Megamenus continue to be a popular method for intranet navigation – and about half of the award winners use megamenus for global navigation. But that doesn’t mean your intranet must have a megamenu! You do, on the other hand, need to make sure that your users can find what they need easily. But, that doesn’t mean you must choose a megamenu as your navigational approach. On the other hand, if you don’t have a plan for ongoing governance, you can pretty much be Continue reading
The popular Samsung SmartCam security cameras contain a critical remote code execution vulnerability that could allow hackers to gain root access and take full control of them.The vulnerability was discovered by researchers from the hacking collective the Exploiteers (formerly GTVHacker), who have found vulnerabilities in the Samsung SmartCam devices in the past.The flaw allows for command injection through a web script, even though the vendor has disabled the local web-based management interface in these devices.The Samsung SmartCam is a series of cloud-enabled network security cameras that were originally developed by Samsung Techwin. Samsung sold this division to South Korean business conglomerate Hanwha Group in 2015 and the company was renamed Hanwha Techwin.To read this article in full or to leave a comment, please click here
Microsoft Teams is nearing its official debut. Designed as a hub for teamwork, the cloud-based Teams gives employees access to content, tools, people and conversations within the Office 365 environment. Groups and subgroups can communicate and collaborate using text-based chat, file sharing, and video and voice chats.To read this article in full or to leave a comment, please click here(Insider Story)
This tire pressure guage from Fovsal features a lighted nozzle and display screen for ultimate visibility in low light, and doubles as a vehicle emergency tool with LED flashlight, car window breaker, seat belt cutter, and red safety light. It averages 4.5 out of 5 stars on Amazon, where its typical list price of $20 has been reduced 51% to just $9.87. See it now on Amazon.To read this article in full or to leave a comment, please click here
One of the hottest trends in data center technology is hyperconvergence, with early adopters reaping the benefits of cost savings, enhanced data protection, increased scalability and ease of management.To read this article in full or to leave a comment, please click here(Insider Story)
New products of the weekImage by GSXOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Bill of ITImage by apptioTo read this article in full or to leave a comment, please click here
The new Raspberry Pi single-board computer is smaller and cheaper than the last, but its makers aren't expecting the same rush of buyers that previous models have seen.The Raspberry Pi Compute Module 3 will be more of a "slow burn," than last year's Raspberry Pi 3, its creator Eben Upton predicted.That's because it's designed not for school and home use but for industrial applications. To make use of it, buyers will first need to design a product with a slot on the circuit board to accommodate it and that, he said, will take time.The Compute Module 3 has the same four-core, 64-bit Broadcom BCM2837 processor and 1GB of RAM as the credit-card-sized Raspberry Pi 3, but is less than half the size and missing the Ethernet, USB, SD Card and display sockets of its larger cousin. It also has no Wi-Fi.To read this article in full or to leave a comment, please click here
There is a very dark underbelly to the web that is not for the weak of stomach. You may be thinking of 4chan, but that place is just the starting point. Unfortunately, it falls to some people to monitor this garbage for law enforcement, and in the case of two Microsoft employees, it drove them over the edge. In a lawsuit filed against Microsoft, Henry Soto and Greg Blauert claim they were forced daily for months to view some of the most disturbing photos and videos you can find on the internet and that Microsoft did nothing as the constant viewing took its toll on them. They now claim to suffer Post-Traumatic Stress Disorder (PTSD). The two were part of Microsoft’s Online Safety Team, a group formed to investigate content being stored on Microsoft sites, like OneDrive, that should be taken down or reported to police. To read this article in full or to leave a comment, please click here
Attackers are increasingly able to penetrate perimeter defenses, compromise accounts and mine data without targets even being aware of the attack, as the Democratic National Committee breach proved. Encrypting data is the best defense.Strong encryption of complex data structures requires a Key Management System (KMS). But implementing a KMS can be challenging, especially for enterprises below the security poverty line that don’t have the budget to hire a multidisciplinary security team. Google may have a solution with its Cloud Key Management Service (CKMS) now in beta in select countries. To read this article in full or to leave a comment, please click here
With double-wall vacuum insulation, these over-engineered drink holders keep your favorite beverage as cold -- or hot -- as science allows. Over-the-nose wide mouth, anti-condensation, puncture and rust-resistant, no-leak cap, and a giant 64-oz capacity that can fit everything from a growler of beer to multiple bowls of soup. The Yeti Rambler is currently listed for the very low price of $49.99, a good deal considering its $89.99 list price. See the high-end, over-engineered Yeti bottle now on Amazon. To read this article in full or to leave a comment, please click here
It’s 2 a.m., and a hospital’s system has slowed to a crawl. Lives are at stake. For the harried system admins looking for the source of the slowdown, time is of the essence.The hospital’s system has servers attached through a SAN to storage devices. But where’s the weak link? The administrator cannot afford to waste time analyzing server performance when the problem may be in a storage device or the SAN. He needs information that enables him to conduct his root cause analysis as quickly as possible.Perhaps you don’t have to worry about whether someone will live or die when your IT infrastructure fails. However, when it’s slow or down, it fails to deliver a satisfying user experience. Also, it’s likely that your company’s operations falter, costs increase, and your bottom line suffers.To read this article in full or to leave a comment, please click here
A few brave souls predict IoT standards will start to gel this year, but making all those connected things work together still looks like a long shot.Two years ago, some industry analysts cautiously suggested that a vast array of IoT standards would merge into just a few beginning in 2017. If the internet of things in late 2014 was a cacophony of discordant musicians tuning up, it’s now reached the point where a few virtuosos are playing the same tune. But there’s still a lot of sheet music getting passed around.To read this article in full or to leave a comment, please click here
Digital technologies have changed the face of business and government, and they will continue to do so at an even faster pace. They drive innovation, boost productivity, improve communications and generate competitive advantage, among other benefits.The dark side of this digital revolution has now come clearly into focus as well: McKinsey estimates that cyber attacks will cost the global economy $3 trillion in lost productivity and growth by 2020, while theft, sabotage and other damage inflicted by trusted insider personnel continue to cost organizations in lost revenues, revealed secrets and damaged reputations.To read this article in full or to leave a comment, please click here
When Facebook’s WhatsApp turned on end-end-end encryption in its messaging service last year, it was a big deal. As all eyes were glued on Apple’s fight with the FBI over unlocking the San Bernardino shooter’s iPhone, WhatsApp took a huge step toward protecting its users’ privacy by moving to encrypt all messages and calls being sent between its apps.But a new report suggests it might not be as secure as users think. According to The Guardian, a serious vulnerability in WhatApp’s encryption could allow Facebook to intercept and read messages unbeknownst to the recipient, and only aware of by the sender if they have previously opted in to receive encryption warnings. The security flaw, which was discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley, can “effectively grant access (to users’ messages)” by changing the security keys and resending messages.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. In February 2016, quick service restaurant The Wendy’s Company reported unusual payment card activity affecting some of its franchise restaurants. The breach was confirmed in May when the company revealed it had found evidence of malware on the affected stores’ point-of-sale systems. Additional malicious activity was later reported in June.In a statement from the CEO, the company says it believes the cyberattacks resulted from service providers’ remote access credentials being compromised, allowing access – and the ability to deploy malware – to some franchisees’ point-of-sale systems.To read this article in full or to leave a comment, please click here
At the close of 2016, Gartner Research Director Mark O’Neill presented at both API Strategy and Practice (in Boston) and APIdays Global (in Paris) to share his insights into this year’s API trends. Top on his list was a discussion about how, while everyone talks about building APIs, the much larger impact of APIs is with their consumption. O’Neill predicts that 2017 will see some maturing in product offerings that support businesses with their API consumption.To read this article in full or to leave a comment, please click here
After deleting data from thousands of publicly accessible MongoDB databases, ransomware groups have started doing the same with Elasticsearch clusters that are accessible from the internet and are not properly secured.Elasticsearch is a Java-based search engine that's popular in enterprise environments. It's typically used in conjunction with log collection and data analytics and visualization platforms.The first report of an Elasticsearch cluster being hit by ransomware appeared on the official support forums on Thursday from a user who was running a test deployment accessible from the internet.To read this article in full or to leave a comment, please click here
How many years have gone by since you’ve upgraded your Wi-Fi router? If it’s been a few years and you want to also future-proof the network for upcoming technologies, a router on your short list should be Netgear’s Nighthawk X10 (model R9000, $499.99).The X10 not only has very fast dual-band (5GHz and 2.4 GHz) networking, but it also adds 802.11ad (60GHz) support, which provides for very fast data transfer rates over very short distances. This can be perfect for transferring large amounts of files over your LAN (such as between computers or a centralized storage device). Netgear also says that VR gaming will benefit from 802.11ad technologies (for when the headsets go wireless and need a high-speed connection to the PC from the headset) in the future. MU-MIMO technology is also supported, which maintains high data transfers when multiple-devices are also trying to do things on the network (such as stream video).To read this article in full or to leave a comment, please click here
The Tuesday arrest of Giulio Occhionero and his sister, Francesca Maria, has brought to light what appears to be the biggest, and highest-profile, hacking of institutional and corporate accounts ever reported in Italy.The siblings have been planting the Pyramid Eye remote access Trojan on computers using a spear-phishing technique over the course of years, according to the arrest order.They attacked no fewer than 18,000 high-profile targets including former Prime Ministers Matteo Renzi and Mario Monti, President of European Central Bank Mario Draghi, as well as employees and heads of various ministries including Internal Affairs, Treasury, Finance, and Education.To read this article in full or to leave a comment, please click here