If Windows 10 isn't your cup of tea, System76 has a new Ubuntu laptop with Intel's Kaby Lake chip that won't burn your wallet.The 14-inch Lemur laptop starts at $699, a more affordable price for cost-sensitive users than Dell's Ubuntu-based XPS 13 Developer Edition, which starts at $949."We don't have any Mac tax or Windows tax that goes into [Lemur]," said Ryan Sipes, community manager at System76.Despite having a free OS, Dell's XPS 13 laptop has been criticized for being more expensive than the XPS 13 with Windows 10, which starts at $799.99. The Lemur is has many features in common with the XPS 13 DE, though it isn't as slick-looking.To read this article in full or to leave a comment, please click here
Mozilla last week named its next-generation browser engine project and said it would introduce the new technology to Firefox next year.Dubbed Quantum, the new engine will include several components from Servo, the browser rendering engine that Mozilla has sponsored, and been working on, since 2013. Written with Rust, Servo was envisioned as a replacement for Firefox's long-standing Gecko engine. Both Servo and Rust originated at Mozilla's research group."Project Quantum is about developing a next-generation engine that will meet the demands of tomorrow's web by taking full advantage of all the processing power in your modern devices," said David Bryant, the head of Firefox engineering, in a piece published Thursday on Medium.To read this article in full or to leave a comment, please click here
Behavioral biometrics that uses machine learning is behind new features being added to IBM’s Trusteer Pinpoint Detect platform, which financial institutions use to head off crooks who may have stolen the username and password of legitimate account holders.The new feature looks for anomalies between legitimate users’ normal mouse gestures and those of the current user, and over time refines the accuracy of its analysis, says Brooke Satti Charles, Financial Crime Prevention Strategist for IBM Security.That analysis creates a risk score that banks can use to decide whether an ongoing transaction is fraudulent and trigger an alert. The institutions have to decide what to do about the alerts, but they could cut off the transaction or require further ID before the customer is allowed to continue, she says.To read this article in full or to leave a comment, please click here
What do you do after your firm gets bought for $32 billion?For Zach Shelby and Jonny Austin, the answer was clear. They’d give back and help others. They decided the most impact could be made by engaging more young students with technology.How can kids without technical backgrounds be taught how to invent with technology? How could teachers be enabled to support their students? How could the program be made affordable and scale globally?Their approach is simple and impactful.How the Micro:bit Education Foundation started
Shelby and Austin worked at ARM Holdings until its acquisition by Softbank in July 2016. They left to found the Micro:bit Education Foundation, which builds upon a proven BBC micro:bit program. To read this article in full or to leave a comment, please click here
Attackers are aggressively attacking Joomla-based websites by exploiting two critical vulnerabilities patched last week.The flaws allow the creation of accounts with elevated privileges on websites built with the popular Joomla content management system, even if account registration is disabled. They were patched in Joomla 3.6.4, released Tuesday.Hackers didn't waste any time reverse engineering the patches to understand how the two vulnerabilities can be exploited to compromise websites, according to researchers from Web security firm Sucuri.To read this article in full or to leave a comment, please click here
Ever read a story so depressing, so utterly devoid of happiness, that you wonder why on Earth any fool would take the time to write it down? Just solid sadness beginning to end.This, right here, is one of those stories.This dismal little tale also makes use of what is quite possibly the most over-used (and over-rated) plot device in the history of mankind: the butterfly effect. You know: the notion that a simple little thing can have extreme consequences. A butterfly flaps its wings in Sheboygan, and two days later, a hurricane hits Walla Walla. Because—the butterfly effect. Just a dreadful crutch used by hack writers to move forward a story when they can’t come up with any original ideas.To read this article in full or to leave a comment, please click here
Since its release, a major point of controversy with Windows 10 has been the many ways that it can track your personal activity and gather other data about you. Many people don’t mind sharing personal information in exchange for enabling or enhancing a helpful app or service.To read this article in full or to leave a comment, please click here(Insider Story)
Online services and workers choosing the tools they want to work with, rather than employees being dictated to by in-house IT experts, means the IT department’s functions are now primarily redundant, says Japan-based Brother.The printer maker refers to IT departments’ control over technology as “dark days” in its web-based advertorial feature in the British national newspaper the Telegraph in September.To read this article in full or to leave a comment, please click here
The best way to get experience with most jobs or tasks is to do them. It’s difficult to learn how to drive a car without getting behind the wheel. Soldiers need to face the enemy in order to gain combat experience. And IT administrators have to experience and mitigate attacks to learn how to best defend their networks.To read this article in full or to leave a comment, please click here(Insider Story)
New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Atlantis Workspace Infrastructure integrated with CitrixKey features: Atlantis integrated workspace infrastructure into the Citrix management suite. The combination of applications, management and infrastructure into a single PaaS solution will lower cost and complexity for managing virtual workspaces. More info.To read this article in full or to leave a comment, please click here
After seeing reports that the Justice Department is “furious” at FBI Director Comey for telling Congress about new emails potentially related to Hillary Clinton’s private email server and if she disclosed classified information, the Clinton campaign “made it personal” and accused Comey of a smear campaign. Comey, ironically the same FBI guy who recommended no criminal charges for Clinton, is now being treated like her enemy.“It is pretty strange to put something like that out with such little information right before an election,” Clinton said during a rally at Daytona Beach on Saturday. “In fact, it’s not just strange; it’s unprecedented and deeply troubling.” She added, “So we’ve called on Directory Comey to explain everything right away, put it all out on the table.”To read this article in full or to leave a comment, please click here
If you run a social networking service then the one thing you don’t want to be considered to be is a publisher. As a publisher, you become responsible for whatever your users care to post which means when they post something that’s illegal in any way, you are as liable as the poster to be prosecuted. On the other hand, as a “platform”, where no editorial control is exercised, a social media service is only obliged to act on content when they received a court order or a DMCA takedown notice. Pixabay
This distinction between being a publisher and a platform is crucial to the major social media services because the cost of vetting and policing user-generated content would be prohibitively expensive even if it were possible (every minute, Twitter generates 350,000 tweets while in the same window 510 comments are posted, 293,000 statuses are updated, and 136,000 photos are uploaded to Facebook).To read this article in full or to leave a comment, please click here
When a criminal robs a store, the police visit the scene, conduct an investigation and try to bring the perpetrator to justice. What happens when a criminal breaches that same store’s server and makes off with its customer’s credit-card numbers? I’d argue that the response to the physical crime would be much greater and effective than how the cyber crime would be handled, although cyber attacks have the potential to cause more damage than robberies.Blame cyber criminals, not nation-states, for attacks
While nation-states are typically blamed for breaches, the culprits are usually cyber criminals who are using nation-state techniques and procedures. Companies likely claim infiltration by nation-state attackers because it provides them with some cover from lawsuits and preserves business deals and partnerships. (Yahoo is using this tactic with little success.) The reasoning could look like this: how could our organization protect itself from attackers who have the support and resources of a major government? We’re simply outgunned.To read this article in full or to leave a comment, please click here
The American public has become so inured to data breaches that it’s difficult to remember them all. Infamous breaches like the ones at Target and Sony become almost forgettable when confronted with the recently disclosed half-billion accounts compromised at Yahoo in 2014.The numbers are simply staggering. It is estimated over 900,000,000 records of personally identifiable information (PII) have been stolen in the U.S. over the past few years. Keeping a memory of all the hacks and when they happened may require the use of complex data visualization.To read this article in full or to leave a comment, please click here
A Pennsylvania man was sentenced to 18 months in federal prison on charges of hacking the Google and Apple email accounts of over 100 people including celebrities, and getting access to nude videos and photographs of some people.The sentencing against Ryan Collins, 36, of Lancaster is the offshoot of a Department of Justice investigation into the online leaks of photographs of numerous female celebrities in September 2014, widely referred to as "Celebgate."But DOJ has not found any evidence linking Collins to the actual leaks or the sharing and uploading of the content.Between November 2012 and early September 2014, Collins is said to have sent e-mails to victims that appeared to be from Apple or Google and asked them to provide their usernames and passwords. Having gained access to the email accounts, he got hold of personal information including nude photographs and videos, and in some cases used a software program to download the entire contents of the victims' Apple iCloud backups, according to DOJ.To read this article in full or to leave a comment, please click here
The Australian Red Cross said its blood donor service has found that registration information of 550,000 donors had been compromised, which the agency blamed on human error by a third-party contractor.The moot issue at this point, which may decide how the breach unfolds, is that nobody knows how many people have the data. The information from 2010 to 2016 was available on the website from Sept. 5 to Oct. 25. this year.The database backup, consisting of 1.74GB with about 1.3 million records, contains information about blood donors, such as name, gender, physical address, email address, phone number, date of birth, blood type, country of birth, and previous donations, according to security researcher Troy Hunt.To read this article in full or to leave a comment, please click here
The MagGrip Vent Car Mount is a sturdy, cradle-less device holding system focused on simplicity. Pop it onto your car's air vent and magnets do all the work. Currently discounted to just $8 and averages 4.5 out of 5 stars on Amazon from over 7,000 people. Learn more, or buy it now, on Amazon.To read this article in full or to leave a comment, please click here
In my prior posts, I discussed both the changing face of data breaches and the reality distortion field surrounding today’s IT security professionals when they talk about effective ways to combat data breaches. Three things we know for certain, though, is that data breaches are not going away, our adversaries are continuing to innovate and attack, and the costs of a breach are becoming more tangible.Just this month, Verizon claimed the massive hack on Yahoo caused irreparable harm to the tech company in terms of customer trust, possibly allowing the wireless provider to withdraw from or renegotiate the terms of its $4.83 billion acquisition agreement. Also, in October, the U.K. Information Commissioner’s Office hit TalkTalk with more than $400,000 in fines for its 2015 cyber attack.To read this article in full or to leave a comment, please click here
It takes a technologically nimble and well-managed enterprise to take advantage of today’s fast-changing market conditions. Eschewing the plodding, monolithic business models of the past, today’s best-run businesses rely on interchangeable, best-of-breed approaches that allow them to adapt on the fly and seize market opportunities others miss.Multi-sourcing brings speed, but also complications
At the heart of such speed and agility is the practice of multi-sourcing, a business model that has been on the rise for many years and is now considered a secular trend. But many enterprises still struggle with managing and integrating so many service streams to achieve their desired business outcomes.To read this article in full or to leave a comment, please click here
The U.S. Federal Communications Commission has passed rules requiring broadband providers to receive opt-in customer permission to share sensitive personal information, including web-browsing history, geolocation, and financial details with third parties.The FCC on Thursday voted 3-2 to adopt the new broadband privacy rules, which also include requirements that ISPs promptly notify customers of serious data breaches.Broadband customers need transparency and control over how their data is used, said Jessica Rosenworcel, one of three Democratic commissioners voting for the rules. Broadband providers are increasingly sharing customer data with third-party companies such as advertising networks and analytics firms, she said.To read this article in full or to leave a comment, please click here