Implantable medical devices can be hacked to harm patients

It's possible to transmit life-threatening signals to implanted medical devices with no prior knowledge of how the devices work, researchers in Belgium and the U.K. have demonstrated.By intercepting and reverse-engineering the signals exchanged between a heart pacemaker-defibrillator and its programmer, the researchers found they could steal patient information, flatten the device's battery, or send malicious messages to the pacemaker. The attacks they developed can be performed from up to five meters away using standard equipment -- but more sophisticated antennas could increase this distance by tens or hundreds of times, they said."The consequences of these attacks can be fatal for patients as these messages can contain commands to deliver a shock or to disable a therapy," the researchers wrote in a new paper examining the security of implantable cardioverter defibrillators (ICDs), which monitor heart rhythm and can deliver either low-power electrical signals to the heart, like a pacemaker, or stronger ones, like a defibrillator, to shock the heart back to a normal rhythm. They will present their findings at the Annual Computer Security Applications Conference (ACSAC) in Los Angeles next week.To read this article in full or to leave a comment, please click here

Implantable medical devices can be hacked to harm patients

It's possible to transmit life-threatening signals to implanted medical devices with no prior knowledge of how the devices work, researchers in Belgium and the U.K. have demonstrated.By intercepting and reverse-engineering the signals exchanged between a heart pacemaker-defibrillator and its programmer, the researchers found they could steal patient information, flatten the device's battery, or send malicious messages to the pacemaker. The attacks they developed can be performed from up to five meters away using standard equipment -- but more sophisticated antennas could increase this distance by tens or hundreds of times, they said."The consequences of these attacks can be fatal for patients as these messages can contain commands to deliver a shock or to disable a therapy," the researchers wrote in a new paper examining the security of implantable cardioverter defibrillators (ICDs), which monitor heart rhythm and can deliver either low-power electrical signals to the heart, like a pacemaker, or stronger ones, like a defibrillator, to shock the heart back to a normal rhythm. They will present their findings at the Annual Computer Security Applications Conference (ACSAC) in Los Angeles next week.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Top 3 causes of storage bottlenecks

What are the leading causes of storage bottlenecks? They include mismanagement of virtual storage, applications with insufficient or the wrong type of storage, and poor storage design. Let’s explore these further.1.    Mismanagement of virtual storageIf you’re not monitoring your IT infrastructure, carving up your storage array or subsystem between numerous virtual machines (VMs) can be challenging. That’s because you have no visibility to the flow of traffic. Allocating your VMs to a logical unit number (LUN) without data to guide you is like building a highway without doing a traffic study to assess traffic volume at different times of the day and week. How would you know how many lanes are required to accommodate the traffic?To read this article in full or to leave a comment, please click here

IPv6 Internet router using merchant silicon

Internet router using merchant silicon describes how a commodity white box switch can be used as a replacement for an expensive Internet router. The solution combines standard sFlow instrumentation implemented in merchant silicon with BGP routing information to selectively install only active routes into the hardware.

The article describes a simple self contained solution that uses standard APIs and should be able to run on a variety of Linux based network operating systems, including: Cumulus Linux, Dell OS10, Arista EOS, and Cisco NX-OS.

The diagram shows the elements of the solution. Standard sFlow instrumentation embedded in the merchant silicon ASIC data plane in the white box switch provides real-time information on traffic flowing through the switch. The sFlow agent is configured to send the sFlow to an instance of sFlow-RT running on the switch. The Bird routing daemon is used to handle the BGP peering sessions and to install routes in the Linux kernel using the standard netlink interface. The network operating system in turn programs the switch ASIC with the kernel routes so that packets are forwarded by the switch hardware and not by the kernel software.

The key to this solution is Bird's multi-table capabilities. The full Internet Continue reading

27% off WakaWaka Solar-Powered Flashlight and Smartphone Charger – Deal Alert

Perfect for emergencies, traveling or for anyone who spends time outdoors, the WakaWaka Power+ is a rugged, ultraefficient solar flashlight and charger designed to help people plug into the sun for power and light. It has full battery life after about 12 hours in the sun or 4 hours charged from a wall outlet. From there, the WakaWaka Power+ can get you out of a jam by completely charging your smartphone or USB device in about two hours. And the brilliant Dutch designed Power+ flashlight generates up to 150 hours of bright light whenever you need it. It averages 4 out of 5 stars on Amazon, where its list price of $79 has been reduced 27% to $57.99. See the discounted Power+ solar light and charger on Amazon.To read this article in full or to leave a comment, please click here

How to Spot a Fake Facebook Account

Ever get a friend request from someone you don’t know and have never met before? More often than not, these accounts are created by criminals looking to harvest your personal information, or scam you in some other fashion.

It typically starts when you receive a friend request from someone you don’t know. And you have no mutual friends in common:

1-fake-facebook-account

A dead giveaway is looking at their Recently Added Friends. In this case, this person has accumulated a lot of new friends in a very short period of time. Notice they are all guys. Guys are more willing to accept a friend request from someone they don’t know, especially if it’s attached to a pretty face.

Also note that there are no mutual friends in common:

2-fake-facebook-account

Another tell tale sign is that all the pictures associated with the account have been added quite recently, in this case, in the last hour. This indicates this is a new account, not one that has been a legitimate account for a long time:

3-fake-facebook-account

NOTE: Pictures have been masked to protect the innocent. In this case, some unknowing girl has had her pictures harvested by the scammer for the purpose of running this endeavor.

If they don’t respond to an inquiry Continue reading

Enterprises start to migrate critical legacy workloads to the cloud

LAS VEGAS -- Now that major enterprises have gotten their feet wet with smaller cloud projects, they're beginning to focus on migrating large, critical legacy workloads.That's the take from Stephen Orban, head of enterprise strategy at Amazon Web Services (AWS).In an interview with Computerworld at the annual AWS re:Invent conference here this week, Orban said the next wave of cloud computing could be focused strategically on legacy migration.And while it's always tougher - and riskier -- to move big, mission-critical workloads and services, at least IT departments have gotten experience working with the cloud so they're not going in cold.To read this article in full or to leave a comment, please click here

Some tech firms welcome Trump’s H-1B reforms

IT services firms that hire U.S. workers and don't offshore work are looking forward to President-elect Donald Trump's crackdown on H-1B visa use.This includes firms such as Rural Sourcing Inc. (RSI), an Atlanta-based domestic software development company. RSI employs about 350 people and doesn't hire workers on temporary visas. It has four development centers in Augusta, Ga.; Mobile, Ala.; Jonesboro, Ark.; and in Albuquerque, New Mexico, where a new center opened this year.These are places "not widely known as big IT markets," said Monty Hamilton, the firm's CEO. That helps to keep costs down and makes it easier to compete with offshore firms. The locations appeal to developers who don't want to relocate to coastal tech centers, he said.To read this article in full or to leave a comment, please click here

IT Resume Makeover: Presenting an executive image

If you're going for a role that is technically a step up from your current position -- for example, in executive leadership -- you need to get strategic to make your resume stand out. That was the case for resume makeover candidate William Torres (whose name has been changed for this article). He wanted to demonstrate his suitability for senior executive leadership roles, but wasn't sure what to include and what to leave out. When Stephen Van Vreede, IT and technical resume writer at ITtechExec and NoodlePlace, saw Torres' resume he knew he wanted to rework a number of things to better reflect his qualifications as a technology leader.To read this article in full or to leave a comment, please click here(Insider Story)

Why ecommerce hasn’t taken off on social media

Shopping is still not common on social media, and social sites are unlikely to become major destinations for buying any time soon. Social media has clear potential for facilitating purchases, but the major platforms haven't invested seriously in shopping, and users don't seem particularly interested in spending on social networks, according to analysts.Social media intersects with commerce to varying degrees on certain sites and at various stages of the purchase process, but users today simply don't finalize purchases on social sites, according to Jessica Liu, a senior analyst with Forrester Research. The firm mapped the customer life cycle into six stages, and the buy stage is the least active on social, she says.To read this article in full or to leave a comment, please click here

Scholars, infosec experts call for action on Russian hacking

In the wake of reports about Russian involvement in fake news and hacks against political targets leading up to the recent presidential election, scholars and security experts are calling for federal action.As of Sunday, 158 scholars have signed an open letter calling for a congressional investigation."Our country needs a thorough, public Congressional investigation into the role that foreign powers played in the months leading up to November," the letter said.Democrats in Congress have also called for an investigation, and were recently joined by Republican Sen. Lindsey Graham.To read this article in full or to leave a comment, please click here

Scholars, infosec experts call for action on Russian hacking

In the wake of reports about Russian involvement in fake news and hacks against political targets leading up to the recent presidential election, scholars and security experts are calling for federal action.As of Sunday, 158 scholars have signed an open letter calling for a congressional investigation."Our country needs a thorough, public Congressional investigation into the role that foreign powers played in the months leading up to November," the letter said.Democrats in Congress have also called for an investigation, and were recently joined by Republican Sen. Lindsey Graham.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Dell Wyse 5060: The thin client for knowledge workers

Dell just released a thin client system that is clearly designed to address the needs of those having heavy computational, graphics and security requirements working in a virtual access/VDI computing environment. The Wyse 5060 comes equipped with an AMD 2.4GHz quad core processor that supports up to 8GB RAM and 64GB flash. The company claims this offering provides "up to 30 percent greater performance over the previous generation."Features of the Wyse 5060 Dell made the following statements about the Wyse 5060: Broad operating system support: The Wyse 5060 is available with a choice in OS, giving customers the ability to configure the thin client based on their specific requirements. At launch, the 5060 can be purchased with Dell’s own Wyse ThinOS software or with Windows Embedded Standard (WES) 7p. In early 2017, an upgrade to Windows 10 IoT will be available for WES customers, and the 5060 will also then be available with Wyse ThinLinux. Innovative security: Dell provides more than one security layer with the Wyse 5060 thin client. The device includes an embedded Trusted Platform Module (TPM) chipset with the ability to recognize if a system’s integrity has been compromised while safely storing encryption keys, Continue reading

20 years ago: Hot sci/tech images from 1996

Looking back at 1996Image by Reuters/Ethan MillerAs we wind down 2016, we thought it would be fascinating to take a look at what some of the hot topics were 20 years ago. What we found are monkeys in space; a heaping helping of interesting computer news from the old Comdex trade show; Bill Gates in full form and Al Gore with the ENIAC. Take a look back at what was hot in 1996.To read this article in full or to leave a comment, please click here

1 2,463 2,464 2,465 2,466 2,467 3,818