Windows PCs remained vulnerable to Stuxnet-like LNK attacks after 2010 patch

If you patched your Windows computers in 2010 against the LNK exploit used by Stuxnet and thought you were safe, researchers from Hewlett-Packard have some bad news for you: Microsoft’s fix was flawed.In January, researcher Michael Heerklotz reported privately to HP’s Zero Day Initiative (ZDI) that the LNK patch released by Microsoft over four years ago can be bypassed.This means that over the past four years attackers could have reverse-engineered Microsoft’s fix to create new LNK exploits that could infect Windows computers when USB storage devices got plugged into them. However, there’s no information yet to suggest this has happened.To read this article in full or to leave a comment, please click here

Consumer Identity Management systems step up where traditional ID systems fall down

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Companies that sell products and services to consumers are collecting and storing massive volumes of customer data from not just POS, order management, customer service and e-commerce systems, but also mobile apps, social media feeds, online campaign forms and Web applications such as lead enrichment databases. As a result, new types of identity management systems have emerged to address the broader scale and risk of Web-based business processes and to give customers more control regarding how corporations use their data.

To read this article in full or to leave a comment, please click here

Apple stores redefining mall economics

If you’ve visited an Apple store at your local mall the chances are good that you’ve visited a crowded Apple store at your local mall.And, not surprisingly, those crowds don’t necessarily get right back into their cars after buying their iWhatevers. They do more shopping. In fact, an Apple store alone can boost overall mall sales by 10%, says one research firm, and Apple is using that clout to its advantage.From a Wall Street Journal report: In the past, malls typically operated according to a straightforward bargain. Department stores that anchored the ends of the malls either owned their own stores or paid almost nothing aside from fees to maintain common spaces in exchange for drawing much of the traffic, while specialty retailers in the smaller spaces between the anchors typically paid the bulk of a mall’s rent.To read this article in full or to leave a comment, please click here

Baidu ends support for Android platform

Baidu’s efforts to bring its own customized Android ROM to Chinese smartphones appears to be fizzling out as the company shifts resources away from the project.On Wednesday, the team behind the Baidu Cloud OS, a suite of tools and interfaces designed for Android phones and incorporated into the company’s Android ROM, announced it was saying goodbye to the platform.“Because of a company business adjustment, we have no choice but to painfully decide to suspend updates and support to the Baidu Cloud OS,” the team said in an official forum posting.While the rest of Baidu’s consumer cloud business will still be in operation, the Cloud OS and ROM design unit has been folded into a new company, the team added in another posting. It did not offer details about the new company.To read this article in full or to leave a comment, please click here

Disabling Vodafone autoprovisioning on Snom 821

I bought a nearly new Snom IP phone on eBay, but it was getting autoprovisioned as a Vodafone device.   I wanted to use it as a SIP phone on another provider’s network, so needed to get rid of this.

I’ll try to write down the steps I followed, but I tried quite a few things so there may be inaccuracies.

Basically this phone tries three ways to autoprovision itself:

1. Redirection – it goes to a host run by Snom, is redirected to a Vodafone host and autoprovisions from there.

2. PnP – I think this is where it multicasts for a configuration server.

3. DHCP – where it receives details of the configuraiton server from DHCP options it receives with its IP address.

Redirection is the first one it tries by default, so you need to stop this happening. Snom say on their forums that they can’t do this for Vodafone devices, which must be a legal thing between them and Vodafone, because they are able to do it for Snom phones that are auto-provisioned on other providers.  In the latter case a simple request on the forums with the phone’s MAC address appears to be sufficient.

Continue reading

Second generation Moto G with LTE goes on sale in Europe

Motorola Mobility will start shipping the second generation Moto G with LTE in Europe later this month, while smartphone buyers in the U.S. will have to wait.The price will be €199 (US$210) in countries such as Germany and France and £159.00 in the U.K. with tax. It will start shipping the week of March 16, according to Motorola. The company didn’t provide any details on a possible U.S. launch, only saying that it wasn’t included in the launch.The exclusion of LTE when Motorola announced the second generation Moto G back in September was surprising, since there already was a 4G version of the original model. But the company is now starting to rectify that by expanding availability outside Brazil, where the 4G phone went on sale earlier this year.To read this article in full or to leave a comment, please click here

MDM features and functions compared

Mobile device management tools are transforming into enterprise mobility management (EMM), which includes app and data security, among many other things. And while all the major offerings in this arena cover the basics when it comes to hardware management, there are differences when it comes to some of the extended features you may require.To read this article in full or to leave a comment, please click here(Insider Story)

The Upload: Your tech news briefing for Wednesday, March 11

Four out of five retailers don’t meet payment card security standardsIt’s no surprise that so many data breaches involve the disclosure of credit card numbers: 80 percent of retailers failed to meet the Payment Card Industry Data Security Standard (PCI DSS) in a Verizon survey of 5,000 businesses worldwide, Reuters reports. In all the data breaches that Verizon studied, the company involved was not compliant at the time of the incident.The inventor of credit default swaps is new CEO of bitcoin trading companyTo read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Wednesday, March 11

Four out of five retailers don’t meet payment card security standardsIt’s no surprise that so many data breaches involve the disclosure of credit card numbers: 80 percent of retailers failed to meet the Payment Card Industry Data Security Standard (PCI DSS) in a Verizon survey of 5,000 businesses worldwide, Reuters reports. In all the data breaches that Verizon studied, the company involved was not compliant at the time of the incident.The inventor of credit default swaps is new CEO of bitcoin trading companyTo read this article in full or to leave a comment, please click here

Sony pulls the plug on PlayStation Mobile platform

PlayStation Mobile, Sony’s attempt to recreate PlayStation experiences on Android smartphones, tablets and the PS Vita, will close in July.The platform will stop distributing content on July 15 and in-app purchases and downloads of previously purchased software will stop on Sept. 10, Sony Computer Entertainment (SCE) said Wednesday. An associated application, PlayStation Mobile for Android, will be unavailable after Sept. 10.The development is another blow to Sony’s struggling mobile business, which hasn’t been able to outperform like the company’s hit PlayStation 4 gaming console. The PS4 had sold over 20.2 million units worldwide through the end of February and is slated to begin sales in China on March 20, following a delay of more than two months.To read this article in full or to leave a comment, please click here

Opening up at OCP Summit

Lots of networking activity at this week’s Open Compute Project Summit as vendors develop specifications designed to further abstract the dependencies of hardware and software.Dell submitted to OCP a Switch Abstraction Interface (SAI) designed to enable a common language between vendor network operating systems and switch silicon. The submission is currently under review and Dell expects acceptance.SAI is an API to express switch abstractions. With it, third-party developers can build applications to help customers tailor their network equipment to meet certain infrastructure requirements, Dell says.To read this article in full or to leave a comment, please click here

Facebook’s ‘Wedge’ network switch will soon be on sale to all

A network switch that Facebook designed for its own data centers will soon be on sale from Taiwanese manufacturer Accton Technologies, the latest sign of progress from the community hardware effort known as the Open Compute Project.Facebook set up the OCP about four years ago as a way for data center operators to collaborate on new hardware designs that they can then ask low-cost manufacturers to produce. Part of the goal is to get cheaper, more standardized hardware than what’s normally supplied by top-tier vendors like Cisco, Hewlett-Packard, and Dell.Facebook is already using the top-of-rack switch, known as Wedge, in its own data centers, and it will be available to others in the first half from Accton and its OEM partners, said Jay Parikh, head of Facebook’s infrastructure division. Cumulus Networks and Big Switch Networks will provide software for it, and Facebook has put some of its own network software on Github for companies that want to “roll their own.”To read this article in full or to leave a comment, please click here

No, the CIA isn’t stealing Apple’s secrets

The Intercept news site by Glenn Greenwald is activism rather than journalism. Their stories don't reference experts knowledgeable about subjects, but only activists who are concerned about the subjects. This was demonstrated yet against in their piece claiming "The CIA Campaign to Steal Apple's Secrets". Yes, the Snowden documents are real, but pretty much everything else is made up.

Here's the deal. Terrorist leaders use iPhones. They are a status symbol, and status symbols are important to leaders. Moreover, since Apple's security is actually pretty good, terrorists use the phones for good reason (most Android devices suck at security, even the Blackphone).

When CIA drones bomb a terrorist compound, iPhones will be found among the bodies. Or, when there is a terrorist suspect coming out of a dance club in Karachi, a CIA agent may punch them in the face and run away with their phone. However, it happens, the CIA gets phones and wants to decrypt them.

Back in 2011 when this conference happened, the process of decrypting retrieved iPhones was time consuming (months), destructive, and didn't always work. The context of the presentation wasn't that they wanted to secretly spy on everyone's phones. The context was Continue reading

IPv4 QoS Markings Calculator

This is a quick calculator I came up that I could use in the CCIE lab to translate between various IPv4 header QoS markings. As long as I could remember how to draw out the calculator, all I had to do was some basic math and I could translate between markings quite easily.

Google CFO Patrick Pichette to retire

Patrick Pichette, Google’s chief financial officer, is retiring, the company said Tuesday.The exact date of his retirement is not yet known nor is his replacement, though Google expects to have a new CFO within the next six months, the company said in a filing with the U.S. Securities and Exchange Commission.Pichette, who has worked as Google’s finance chief for nearly seven years, informed the company of his decision last week, the filing said.He cited a desire to spend more time with his family as the reason behind his decision, in a Google+ post on Tuesday. Specifically, leaving Google will give him more time to travel with his wife, he said.To read this article in full or to leave a comment, please click here

1 3,503 3,504 3,505 3,506 3,507 3,754