Sounds from your hard disk drive can be used to steal a PC’s data

Researchers have found a way to steal a PC’s data by using the mechanical noise coming from the hard disk drives inside. It’s not a very practical hack, but the scheme has been designed for “air-gapped” systems, or computers that have been sectioned off from the Internet. The researchers at Ben-Gurion University of the Negev in Israel have been studying how to use sound to extract information from air-gapped computers. In June, they showed that even a PC’s cooling fans can be controlled to secretly transmit data, including passwords and encryption keys.To read this article in full or to leave a comment, please click here

HP turns to Windows 10 for mobile devices, cutting reliance on Android

HP has dabbled in many operating systems over the last few years, but the company always seems to come back to Windows.The company is building a mobile device strategy around Windows 10 Mobile and is slowly cutting its reliance on Android, once high on the company's list for tablets and PCs.HP has discontinued low-cost Android tablets, and two remaining enterprise tablets feature aging hardware and an old version of the OS. Company executives have said future mobile devices will be built around Windows 10 unless there's significant new demand for Android.HP is following the lead of Dell, which has cut Android devices to focus on Windows. Lenovo, meanwhile, still sells Android tablets and smartphones but is cutting its number of Android tablets and increasing its number of Windows 2-in-1s.To read this article in full or to leave a comment, please click here

Is a bidding war brewing for Raspberry Pi manufacturer Premier Farnell?

Swiss conglomerate Datwyler today said that it was still considering its options after its $795 million bid for Raspberry Pi manufacturer Premier Farnell was trumped by a $900 million offer from Avnet Inc late last month.In an earnings release issued today, Datwyler emphasized that the process isn’t over, and that the prospect of acquiring the U.K.-based electronics supply company is still a highly attractive one.+ALSO ON NETWORK WORLD: How well does social engineering work? One test returned 150% + 'Golden keys' that unlock Windows' Secure Boot protection discovered+To read this article in full or to leave a comment, please click here

The tide may be turning against encryption in Europe

In the wake of increased terror incidents Europe is starting to look seriously at ways to read encrypted messages that officials there say are instrumental to carrying out attacks.France and Germany apparently are teaming up to formulate a plan for enabling law enforcement there to read encrypted communications, according to a report in Le Monde. But it’s unclear exactly what the two countries will discuss.France’s interior minister Bernard Cazeneuve says an international effort is needed to deal with the issue and he plans to meet with his German counterpart later this month to discuss it.To read this article in full or to leave a comment, please click here

The tide may be turning against encryption in Europe

In the wake of increased terror incidents Europe is starting to look seriously at ways to read encrypted messages that officials there say are instrumental to carrying out attacks.France and Germany apparently are teaming up to formulate a plan for enabling law enforcement there to read encrypted communications, according to a report in Le Monde. But it’s unclear exactly what the two countries will discuss.France’s interior minister Bernard Cazeneuve says an international effort is needed to deal with the issue and he plans to meet with his German counterpart later this month to discuss it.To read this article in full or to leave a comment, please click here

IDG Contributor Network: How the Affordable Care Act contributed the rise of the blended workforce

Work “works” differently than it used to. More and more people are working as freelancers in the gig economy, and today 40 percent of the workforce does freelancing, contract work and part-time work. That means many more organizations have blended workforces with a variety of employees, including full-time, permanent employees, contractors and freelancers.Multiple factors are enabling the disruption of the traditional employer-employee model and the rise of the blended workforce. Technology enables people to work from wherever they are, societal attitudes towards work have changed, and competitive demands place more pressure on organizations to be agile. More than 30 percent of workers for nearly 40 percent of top-performing firms are already contract or freelance workers. In fact, these firms intend to hire even more freelancers in the future.To read this article in full or to leave a comment, please click here

Best Deals of the Week, August 8-12 – Deal Alert

Best Deals of the Week, August 8-12 - Deal AlertCheck out this roundup of the best deals on gadgets, gear and other cool stuff we have found this week, the week of August 18th. All items are highly rated, and dramatically discounted!23% off HDMI Cloner Box for Gaming or HD Video Stream Capture, No PC neededHere's a device any gamer or video enthusiast may want to have on hand. Connect a game console, DVD, or any video source to this gadget via its HDMI input, and with the push of a button it captures and saves the video stream to any attached USB flash drive, with no PC required. Advanced hardware H.264 encoding captures your live gameplay or video playback in 1080p Full HD, while keeping the file size low and capturing speeds high. Averaging 4 out of 5 stars on Amazon from over 170 customers (read reviews), the gadget's $129.99 list price has been reduced23% to $99.99. With the unit you'll get a free 16gb USB stick to get you started (enough for several hours of video). See the discounted cloner box now on Amazon.To read this article in full or to leave a comment, please click here

Illusive Networks uses deception to detect an attacker in your network

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  The term "advanced persistent threat" is tossed around so frequently that some people might think that every cyberattack results from an APT. This is far from the case. In fact, APTs represent a very dangerous category of cyber threats that use sophisticated resources and techniques to evade detection and that are tenacious in their mission, whether it's to steal information or disrupt normal operations.NIST defines advanced persistent threat by describing three characteristics. The APT:1.         Pursues its objectives repeatedly over an extended period of timeTo read this article in full or to leave a comment, please click here

Illusive Networks uses deception to detect an attacker in your network

This column is available in a weekly newsletter called IT Best Practices.  Click here to subscribe.  The term "advanced persistent threat" is tossed around so frequently that some people might think that every cyberattack results from an APT. This is far from the case. In fact, APTs represent a very dangerous category of cyber threats that use sophisticated resources and techniques to evade detection and that are tenacious in their mission, whether it's to steal information or disrupt normal operations.NIST defines advanced persistent threat by describing three characteristics. The APT:1.         Pursues its objectives repeatedly over an extended period of timeTo read this article in full or to leave a comment, please click here

More details on rumored Microsoft Surface desktops appear

Last month I mentioned Microsoft could be targeting the all-in-one (AIO) market—including Apple's horribly neglected iMac line—with a series of AIO PCs. Now details are emerging on just what Redmond has in the works.Windows Central, which fueled the initial rumors, has updated the story with new details from its own sources on Microsoft's AIO Surface devices. According to the report, which cites unnamed sources, Microsoft is currently testing three Surface AIOs:To read this article in full or to leave a comment, please click here

This is strictly a violation of the TCP specification

I was asked to debug another weird issue on our network. Apparently every now and then a connection going through CloudFlare would time out with 522 HTTP error.

CC BY 2.0 image by Chris Combe

522 error on CloudFlare indicates a connection issue between our edge server and the origin server. Most often the blame is on the origin server side - the origin server is slow, offline or encountering high packet loss. Less often the problem is on our side.

In the case I was debugging it was neither. The internet connectivity between CloudFlare and origin was perfect. No packet loss, flat latency. So why did we see a 522 error?

The root cause of this issue was pretty complex. Afterred long debugging we identified an important symptom: sometimes, once in thousands of runs, our test program failed to establish a connection between two daemons on the same machine. To be precise, an NGINX instance was trying to establish a TCP connection to our internal acceleration service on localhost. This failed with a timeout error.

Once we knew what to look for we were able to reproduce this with good old netcat. After a couple of dozen of Continue reading

IDG Contributor Network: Cybersecurity skills crisis creating vulnerabilities

Cybersecurity staffing continues to be a problem, a new report has found. Intel Security says a massive 82 percent of IT professionals that it surveyed are battling a shortage in workers specializing in cybersecurity.It’s proving to be a major deficit and is resulting in serious damage. Australia, France, Germany, Israel, Japan, Mexico, U.S. and U.K. are all hurting for hires, the study says.Market research specialist Vanson Bourne performed the survey and interviewed IT decision makers working in cybersecurity in developed countries.+ Also on Network World: Closing the cybersecurity talent gap, one woman at a time +To read this article in full or to leave a comment, please click here

Pakistan cybercrime law scares by its vagueness

Pakistan’s National Assembly has passed a cybercrime bill that provides for censorship of the internet and could also be misused by the vagueness of some of its provisions.Section 34 of the new Prevention of Electronic Crimes Act gives authorities the power to remove or block access to a variety of content.It provides for such action in “the interest of the glory of Islam or the integrity, security or defence of Pakistan or any part thereof, public order, decency or morality, or in relation to contempt of court or commission of or incitement to an offence under this Act, ” according to a copy of the bill on the website of the Digital Rights Foundation.To read this article in full or to leave a comment, please click here