Controversial MacKeeper security program opens critical hole on Mac computers

A critical vulnerability in MacKeeper, a controversial security program for Mac computers, could let attackers execute malicious commands on Macs when their owners visit specially crafted Web pages.MacKeeper’s developers acknowledged the recently discovered problem and released a fix for it Friday, saying in a blog post that users should run MacKeeper Update Tracker and install version 3.4.1 or later.MacKeeper registers itself as the handler for a custom URL scheme, allowing websites to automatically call the application through the browser.Researcher Braden Thomas found an issue in the program’s validation of such URLs that makes it possible for attackers to execute arbitrary commands with root privilege when MacKeeper users visit a specially crafted website in Safari. As a proof of concept, he posted a link on Twitter that automatically executes a command to remove MacKeeper when clicked.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Why Wi-Fi will be the technology of choice for the Internet of Things

With projections of more than 5 billion connected devices by the end of this year and growth to 50 billion by 2020, the challenges facing the Internet of Things (IoT) include a lack of standardization, security, integration, battery life, and rapid evolution. Wi-Fi, in its 16th year, is getting ready for IoT and will perhaps make the most suitable network for the technology.IoT may be a recent buzzword, but the quest for connected things is old. Very old. Caller ID, connected Coca-Cola vending machines, M2M, smart meters, RFID, AutoID, etc. The whole appeal of connected things has been efficiency and experience. And the desire for experience and efficiency is even greater today. We live in an experience era and have no patience. We expect 'great experience' and 'efficiency' around us. Only IoT can enable that. IoT is nothing but an intelligent and invisible network of things that communicate directly or indirectly with each other or the internet to enable experience and efficiency.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Why Wi-Fi will be the technology of choice for the Internet of Things

With projections of more than 5 billion connected devices by the end of this year and growth to 50 billion by 2020, the challenges facing the Internet of Things (IoT) include a lack of standardization, security, integration, battery life, and rapid evolution. Wi-Fi, in its 16th year, is getting ready for IoT and will perhaps make the most suitable network for the technology.IoT may be a recent buzzword, but the quest for connected things is old. Very old. Caller ID, connected Coca-Cola vending machines, M2M, smart meters, RFID, AutoID, etc. The whole appeal of connected things has been efficiency and experience. And the desire for experience and efficiency is even greater today. We live in an experience era and have no patience. We expect 'great experience' and 'efficiency' around us. Only IoT can enable that. IoT is nothing but an intelligent and invisible network of things that communicate directly or indirectly with each other or the internet to enable experience and efficiency.To read this article in full or to leave a comment, please click here

GPU malware can also affect Windows PCs, possibly Macs

A team of anonymous developers who recently created a Linux rootkit that runs on graphics cards has released a new proof-of-concept malware program that does the same on Windows. A Mac OS X implementation is also in the works.The developers are trying to raise awareness that malware can infect GPUs and that the security industry is not ready for it. Their goal isn’t to tip off malicious hackers, but the source code they released, while incomplete and buggy by design, could potentially be built upon and used for illegal purposes.The problem the developers are trying to highlight lies not with the operating systems, such as Windows or Linux, nor with the GPU (graphics processor unit) vendors, but rather with existing security tools, which aren’t designed to scan the random access memory (RAM) used by GPUs for malware code.To read this article in full or to leave a comment, please click here

Using PXE with virt-install

In this post, I’ll just share a quick command that can be used to build and install a KVM guest using PXE instead of an ISO image. There’s nothing new here; this is just me documenting a command so that it’s easier for me (and potentially others) to find next time I need it.

I shared how to use the virt-install command to build KVM guest domains in a blog post talking about working with KVM guests. In that post, I used an ISO image with the virt-install command to build the guest domain.

However, there may be times when you would prefer to use PXE instead of an ISO image. To build a KVM guest domain and instruct the guest domain to boot via PXE, you would use this command (I’ve inserted backslashes and line returns to improve readability):

sudo virt-install --name=guest-name --ram=2048 --vcpus=1   
--disk path=/var/lib/libvirt/images/guest-disk.qcow2,bus=virtio   
--pxe --noautoconsole --graphics=vnc --hvm   
--network network=net-name,model=virtio   
--os-variant=ubuntuprecise

The key here is the --pxe parameter, which virt-install uses to instruct the guest domain to PXE boot instead of booting from a virtual CD-ROM backed by an ISO image.

Naturally, you’d want to substitute the desired values for the KVM Continue reading

Ansible Collaboration Day at OpenStack Summit

SimpleOpenStack

OpenStack has long had a reputation for being difficult to install and manage. This reputation may be a bit overblown, but it's not entirely unwarranted.

The plain truth is that OpenStack has a lot of components, all of which must be working in concert to be successful. A simple misconfiguration in one component can lead to cascading failures throughout the system, which can then be difficult to diagnose and correct.

It's one of the essential problems of managing any distributed system: one must effectively manage both individual components (i.e. configuration) and the relationships between those components (i.e. orchestration).

Ansible is a simple tool that excels at both -- which helps to explain Ansible's surging popularity in the OpenStack ecosystem. Over the past year, several OpenStack projects have emerged to take full advantage of Ansible's power and simplicity.

We've been watching with great interest. Now we think it's time to get more directly involved.

On Monday, May 18th, we will hold an Ansible Collaboration Day at the OpenStack Summit. Our collective goal is simple and ambitious: to make the installation and management of OpenStack as simple as we can possibly make it.

The first part of the day will Continue reading

General Howe’s Dog

The morning after a battle — one of the first won by the American army in its battle for freedom from the British Empire — if you happened to be on the scene, you might see an American soldier, under a white flag of truce, struggling with something small he is carrying between the lines. Approaching, you can see the package is, in fact, a small terrier — a dog. If you could read the note the carrier is holding there in his scrip, you would find it says —

General Washington’s compliments to General Howe, does himself the pleasure to return to him a Dog, which accidentally fell into his hands, and by the inscription on his collar, appears to belong to General Howe… October 6th, 1777

So — in the midst of a war that cut people down from their young lives, we find a singular scene of a man carrying a dog across a field to return it to the enemy’s commander. What has any of this to do with the life of an engineer? Perhaps more than you think.

Let me return to a much younger time in my technical life, a time when I was Continue reading

Don’t panic! How to fix 5 common PC emergencies

Your PC may not be as essential to you as your smartphone, but chances are it’s still pretty damn important. So it’s completely understandable if your first reaction is to freeze and freak out when you run into a PC emergency, such as a broken screen, accidentally-deleted important file, or a virus. But panicking is counter-productive, because time is often of the essence.Don’t worry. While you can’t call 9-1-1, here’s what you can do to fix five common PC emergencies.Broken laptop screen A few months ago, I was working on my MacBook Air next to my French bulldog, Blanka. For some unexplained dog reason, Blanka suddenly decided he needed to be in my lap, so he jumped on me—and landed on my laptop’s screen. A laptop screen is no match for a 27-pound Frenchie, so, needless to say, my screen was toast.To read this article in full or to leave a comment, please click here

Galaxy S6 edge an impressive enterprise phone — with one big exception

Samsung, one of the largest and most popular Android partners, has slowly been making inroads in enterprise. Last month, the company released its two new flagship smartphones, the Galaxy S6 and Galaxy S6 edge, which are identical except for the GS6 edge's curved display and slightly larger battery.Due to the popularity of Samsung's Galaxy S devices, it's easy to find GS6 reviews, but our evaluation is written specifically for business users — and the IT staffers who need to support them. I've been using both devices regularly for almost two months, though I gravitated to the GS6 edge. As such this evaluation is focused on the GS6 edge, though most of conclusions apply to both phones.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Monday, May 11

China’s smartphone market slows downThe world’s largest smartphone market may be losing its appetite: first quarter shipments of the devices in China dropped by 4 percent year over year, according to IDC. It’s the first time in six years that China’s smartphone market has contracted.IBM’s slimmed down Power servers aim at cloud, in-memory databaseIBM has brought out another round of Power8 servers, targeting private, public and hybrid clouds as well as in-memory database applications and analytics. The multipurpose servers include the four-socket Power E850 and the more powerful Power E880.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Monday, May 11

China’s smartphone market slows downThe world’s largest smartphone market may be losing its appetite: first quarter shipments of the devices in China dropped by 4 percent year over year, according to IDC. It’s the first time in six years that China’s smartphone market has contracted.IBM’s slimmed down Power servers aim at cloud, in-memory databaseIBM has brought out another round of Power8 servers, targeting private, public and hybrid clouds as well as in-memory database applications and analytics. The multipurpose servers include the four-socket Power E850 and the more powerful Power E880.To read this article in full or to leave a comment, please click here

1 3,351 3,352 3,353 3,354 3,355 3,696