More than Moore: IEEE Set to Standardize on Uncertainty

Several decades ago, Gordon Moore made it far simpler to create technology roadmaps along the lines of processor capabilities, but as his namesake law begins to slow on the rails, the IEEE is stepping in to create a new, albeit more diverse roadmap for future systems.

The organization has launched a new effort to identify and trace the course of what follows Moore’s Law with the International Roadmap for Devices and Systems (IRDS), which will take a workload focused view of the mixed landscape and the systems that will be required. In other words, instead of pegging a

More than Moore: IEEE Set to Standardize on Uncertainty was written by Nicole Hemsoth at The Next Platform.

How news was delivered aboard a cruise ship in 1998

Housecleaning yesterday unearthed this miniature 8-page publication called TimesFax, which was delivered to me by the New York Times aboard a cruise ship somewhere in the Caribbean on May 23, 1998. Measuring 7 by 8.5 inches, it was, as I recall, the only source of news available, and since it lacked a full-service sports section, meant I had to go without the box scores needed to follow my fantasy baseball team (unthinkable today). Such were the limitations of leisure travel in that primitive era, at least the manner of leisure travel that I could afford. While the form factor and delivery method were unusual by today’s standards, the headlines were certainly familiar, as the front page featured accounts of both a school shooting and a Clinton scandal, the latter involving the former president as opposed to the future one, of course. That skimpy sports section did include an Associated Press story about the Williams sisters, Serena and Venus, meeting in the final of the French Open, marking the first time they had ever met in the final of a professional tournament.To read this article in full or to leave a comment, please click here

How news was delivered aboard a cruise ship in 1998

Housecleaning yesterday unearthed this miniature 8-page publication called TimesFax, which was delivered to me by the New York Times aboard a cruise ship somewhere in the Caribbean on May 23, 1998. Measuring 7 by 8.5 inches, it was, as I recall, the only source of news available, and since it lacked a full-service sports section, meant I had to go without the box scores needed to follow my fantasy baseball team (unthinkable today). Such were the limitations of leisure travel in that primitive era, at least the manner of leisure travel that I could afford. While the form factor and delivery method were unusual by today’s standards, the headlines were certainly familiar, as the front page featured accounts of both a school shooting and a Clinton scandal, the latter involving the former president as opposed to the future one, of course. That skimpy sports section did include an Associated Press story about the Williams sisters, Serena and Venus, meeting in the final of the French Open, marking the first time they had ever met in the final of a professional tournament.To read this article in full or to leave a comment, please click here

Aruba fixes networking device flaws that could open doors for hackers

Wireless networking device manufacturer Aruba Networks has fixed multiple vulnerabilities in its software that could, under certain circumstances, allow attackers to compromise devices.The vulnerabilities were discovered by Sven Blumenstein from the Google Security Team and affect ArubaOS, Aruba's AirWave Management Platform (AMP) and Aruba Instant (IAP).There are 26 different issues, ranging from privileged remote code execution to information disclosure, insecure updating mechanism and insecure storage of credentials and private keys. However, Aruba combined them all under two CVE tracking IDs: CVE-2016-2031 and CVE-2016-2032.Common issues that are shared by all of the affected software packages have to do with design flaws in an Aruba proprietary management and control protocol dubbed PAPI.To read this article in full or to leave a comment, please click here

Aruba fixes networking device flaws that could open doors for hackers

Wireless networking device manufacturer Aruba Networks has fixed multiple vulnerabilities in its software that could, under certain circumstances, allow attackers to compromise devices.The vulnerabilities were discovered by Sven Blumenstein from the Google Security Team and affect ArubaOS, Aruba's AirWave Management Platform (AMP) and Aruba Instant (IAP).There are 26 different issues, ranging from privileged remote code execution to information disclosure, insecure updating mechanism and insecure storage of credentials and private keys. However, Aruba combined them all under two CVE tracking IDs: CVE-2016-2031 and CVE-2016-2032.Common issues that are shared by all of the affected software packages have to do with design flaws in an Aruba proprietary management and control protocol dubbed PAPI.To read this article in full or to leave a comment, please click here

Aruba fixes networking device flaws that could open doors for hackers

Wireless networking device manufacturer Aruba Networks has fixed multiple vulnerabilities in its software that could, under certain circumstances, allow attackers to compromise devices.The vulnerabilities were discovered by Sven Blumenstein from the Google Security Team and affect ArubaOS, Aruba's AirWave Management Platform (AMP) and Aruba Instant (IAP).There are 26 different issues, ranging from privileged remote code execution to information disclosure, insecure updating mechanism and insecure storage of credentials and private keys. However, Aruba combined them all under two CVE tracking IDs: CVE-2016-2031 and CVE-2016-2032.Common issues that are shared by all of the affected software packages have to do with design flaws in an Aruba proprietary management and control protocol dubbed PAPI.To read this article in full or to leave a comment, please click here

Windows 10 free upgrade will not end July 29 for people with accessibility needs

After announcing that 300 million devices are running Windows 10, Microsoft said its free upgrade offer ends on July 29. If you want Windows 10 after that date, then you can purchase the $119 Windows 10 Home version or buy a new device running Windows 10.The free upgrade offer will not end, however, for Windows customers who have accessibility issues. The Microsoft Accessibility Blog wrote:To read this article in full or to leave a comment, please click here

Windows 10 free upgrade will not end July 29 for people with accessibility needs

After announcing that 300 million devices are running Windows 10, Microsoft said its free upgrade offer ends on July 29. If you want Windows 10 after that date, then Microsoft said you can purchase the $119 Windows 10 Home version or buy a new device running Windows 10.The free upgrade offer will not end for Windows customers with accessibility issues. The Microsoft Accessibility Blog wrote:To read this article in full or to leave a comment, please click here

Bangladeshi police accuse SWIFT technicians of leaving central bank vulnerable to hack

Technicians from the SWIFT global financial network connecting it to Bangladesh's central bank made it easier for hackers to attack the bank, Bangladeshi police and a bank official have told Reuters.The technicians worked on Bangladesh's Real-time Gross Settlement (RTGS) system, used to transfer money among Bangladeshi banks, three months before hackers attempted to steal US$951 million from the central bank. The work opened up "a lot of loopholes" in bank computer systems, said the head of the criminal investigation department leading the investigation.Bangladeshi police want to interview the SWIFT technicians to find out whether their actions were intentional or negligent, Mohammad Shah Alam told Reuters.To read this article in full or to leave a comment, please click here

Bangladeshi police accuse SWIFT technicians of leaving central bank vulnerable to hack

Technicians from the SWIFT global financial network connecting it to Bangladesh's central bank made it easier for hackers to attack the bank, Bangladeshi police and a bank official have told Reuters.The technicians worked on Bangladesh's Real-time Gross Settlement (RTGS) system, used to transfer money among Bangladeshi banks, three months before hackers attempted to steal US$951 million from the central bank. The work opened up "a lot of loopholes" in bank computer systems, said the head of the criminal investigation department leading the investigation.Bangladeshi police want to interview the SWIFT technicians to find out whether their actions were intentional or negligent, Mohammad Shah Alam told Reuters.To read this article in full or to leave a comment, please click here

Founder of Liberty Reserve virtual currency sentenced to 20 years in prison

The founder of now defunct virtual currency Liberty Reserve has been sentenced to 20 years in prison for using his company to run a huge money laundering scheme catering to cybercriminals.Arthur Budovsky, 42, was sentenced Friday in U.S. District Court for the Southern District of New York, with Judge Denise Cote also ordering him to pay a US $500,000 fine.In January, Budovsky pleaded guilty to one count of conspiring to commit money laundering.  During sentencing, Cote noted Budovsky ran an "extraordinarily successful" and "large-scale international money laundering operation."The long sentence shows that "money laundering through the use of virtual currencies is still money laundering, and that online crime is still crime," Leslie Caldwell, assistant attorney general for the U.S. Department of Justice's Criminal Division, said in a press release.To read this article in full or to leave a comment, please click here

Founder of Liberty Reserve virtual currency sentenced to 20 years in prison

The founder of now defunct virtual currency Liberty Reserve has been sentenced to 20 years in prison for using his company to run a huge money laundering scheme catering to cybercriminals.Arthur Budovsky, 42, was sentenced Friday in U.S. District Court for the Southern District of New York, with Judge Denise Cote also ordering him to pay a US $500,000 fine.In January, Budovsky pleaded guilty to one count of conspiring to commit money laundering.  During sentencing, Cote noted Budovsky ran an "extraordinarily successful" and "large-scale international money laundering operation."The long sentence shows that "money laundering through the use of virtual currencies is still money laundering, and that online crime is still crime," Leslie Caldwell, assistant attorney general for the U.S. Department of Justice's Criminal Division, said in a press release.To read this article in full or to leave a comment, please click here

Android’s Stagefright vulnerability hardened against exploits

Last week Google announced fixes to the widely reported Stagefright vulnerability. Fix might not be the right word, though, because as of April 19, 2016, when Google released the Android Security Year in Review for 2015, the company reported: “As of this writing, we have not observed, nor are we aware of, any successful attempts to exploit the Stagefright vulnerabilities against actual user devices.”The status of this exploit seems to contradict the many reports of the Stagefright vulnerability, dating to its announcement at the Black Hat security conference last summer. If all were true, Android phones could be expected to spontaneously combust at any moment.To read this article in full or to leave a comment, please click here

Inside ImageTragick: The Real Payloads Being Used to Hack Websites

Last week multiple vulnerabilities were made public in the popular image manipulation software, ImageMagick. These were quickly named ImageTragick. Although a vulnerability in image manipulation software might not seem like a problem for web site owners it is in fact a genuine security concern.

CloudFlare quickly rolled out a WAF rule to protect our customers from this vulnerability. It was automatically deployed for all customers with the WAF enabled. We know that it takes time for customers to upgrade their web server software and so the WAF protects them in the interim.

Many websites allow users to upload images and the websites themselves often manipulate these images using software like ImageMagick. For example, if you upload a picture of yourself to use as an avatar, it will very likely be resized by the website. ImageMagick is very popular and there are plugins that make it easy to use with PHP, Ruby, Node.js and other languages so it is common for websites to use it for image resizing or cropping.

Unfortunately, researchers discovered that it was possible to execute arbitrary code (CVE-2016-3714) by hiding it inside image files that a user uploads. That means an attacker can make Continue reading

IDG Contributor Network: Opening up networks to choice, at last

Creating choice is one of the fundamental drivers of innovation. Choice sparks debate, fosters competition and drives innovation. There’s always someone else in the market looking to offer us a choice from what is already here, and the decision people typically make is to go with the choice that makes life easier.For example, consider the choices people make when it comes to their mobile device. In the beginning, the majority of us in business had only one choice to access work email and applications—Blackberry. Today, with devices like iPhones and Androids that utilize open APIs, we have more choices than ever. Furthermore, each person’s mobile device can be unique and personalized to their liking.To read this article in full or to leave a comment, please click here

How gender differences can make your company stronger

Remember that popular relationship book, “Men are from Mars, Women are from Venus,” which aimed to help couples communicate better by helping them understand the innate differences between the sexes?As it turns out, the neuroscience explored in that book can help businesses create more gender balance in their ranks — not simply by upping the numbers of female hires or treating everyone the same in the hopes of eliminating bias. Rather, the practice, known as gender intelligence, applies gender science to highlight and create an appreciation for the natural differences between male and female attitudes and behaviors, according to Barbara Annis, founding partner of Gender Intelligence Group (GIG) and a pioneer behind this leadership style.To read this article in full or to leave a comment, please click here

Microsoft strips Store blocking from Windows 10 Pro

Microsoft last week confirmed that it has stopped letting business customers block the Windows Store in Windows 10 Pro, removing a feature that had been present in the operating system's initial summer 2015 release.Instead, the ability to turn off the Store -- Microsoft's distribution channel for not only apps but also games, music and movies, and about as consumer-grade as a Windows component gets -- has been restricted to Windows Enterprise, the top-tier SKU (stock-keeping unit) available only to large customers.IT administrators had been using Group Policy to block the Store within Windows 10 Pro, largely to keep workers from installing apps not on their company's approved software list. Some admins, however, had ditched the Store for other reasons, including bandwidth consumption as scores of apps frequently updated.To read this article in full or to leave a comment, please click here

First look: Microsoft’s API mashup tool for the rest of us

Not all cloud applications need to be cloud-scale. They’re often simple routing and switching apps that take information from one source, process it minimally, then pass it on. That’s where tools like IFTTT and Yahoo Pipes came into play, allowing you to quickly build and share information flows that linked one service to another. Sadly, Yahoo Pipes has been shut down, and IFTTT has concentrated on simple links to the Internet of things.That means there’s space in the market for a new tool -- one focused on working with applications and services, and capable of handling more complex chains of operations than IFTTT’s basic one input to one output mapping. You could build microservices on Node.js to automate these sorts of connections between applications and between APIs, but that would be overkill. So would Azure Logic Apps or AWS Lambda.To read this article in full or to leave a comment, please click here

20 fixes for a Windows 10 update meltdown

If you’re having problems with Windows 10’s forced updates, you’re not alone. Thankfully, with 11 cumulative updates behind us, we’ve accumulated some coping experience.Each cumulative update is different, but there’s a handful of tricks that can help jolt your system back into consciousness when a troubling cumulative update strikes. If you’re having problems, the following solutions are worth a try. If you can’t get back on course, follow the instructions at the end to find more personalized help -- and the hope to live to fight another day.[ Your one-stop shop for Microsoft knowledge: Everything you need to know about Windows 10, in a handy PDF. Download it today! | Survive and thrive with the new OS: The ultimate Windows 10 survivor kit. | Stay up on key Microsoft technologies with the Windows newsletter. ] I’ve avoided recommendations that seem old-in-the-tooth nowadays. As best I can tell, few recent cumulative update problems are solved by creating a new user account (although there are exceptions). Nor have I hit any mass resets of file associations, which is a problem that plagued earlier cumulative updates. I’m also stepping lightly over Windows Mobile -- sorry, it’s a very different Continue reading

1 3,008 3,009 3,010 3,011 3,012 3,868