Comments Off on xCodeGhost To Wreak Havoc On IOS Devices
A security firm has released a list of ongoing and incoming threats that cover a range of things from Apple’s iOS to the Internet of Things (IoT).
In its third report this year, Quick Heal warns that Apple users in particular better brace themselves for impact as more and more malware writers who’ve earned their stripes targeting Android users turn their attention to iOS.
“As the number of iPhone owners rises across the world, iOS has become a new potential target for Android malware authors and hackers. It is expected that Android malware will soon be altered to attack iOS users as well, and jailbroken iOS devices will be the first wave of targets for these attacks,” explained the firm (PDF).
“Recently, the ‘XcodeGhost’ malware was found on the Apple App Store and this is just the beginning of such attacks.”
In a section on wearables, Quick Heal predicts hackers will increasingly target fitness trackers, something that other security researchers have already warned about.
A lot of space in the report is reserved for Android-flavoured threats, and users are offered advice on protecting themselves such as if there is an option to use a password over a touch sign-in, then you ought to take it.
“A group of researchers have discovered a serious security flaw in the Android Lollipop version running on devices right now. This flaw allows attackers to bypass the lockscreen of an Android smartphone by using a massive password and thereby exposing the homescreen,” it explains.
“The attack essentially works by opening the in-built camera application and afflicts people using a password to protect their Android device and lock their screen.”
The most significant Android threat is a rascal called Android.Airpush.G, which claims 30 percent of the bug pool and is the kind of adware thing that makes you want to take a hammer to your phone screen. The second most prominent issue is Android.Reaper.A, which can haul in a large data harvest when in place.
Quick Heal is not the only security company in town, and a post on the Symantec website also seems set to put the fear into the Apple user community. That post, read it here – if you dare, says that the Mabouia ransomware is capable of causing a problem for Mac and PC users alike.
Fortunately, Mabouia is a proof-of-concept attack that a researcher shared with both Apple and Symantec. Symantec says that the PoC effort achieves at least one first.
“Mabouia is the first case of file-based crypto ransomware for OS X, albeit a proof-of-concept. Macs have nevertheless already been targeted by ransomware in the form of browser-based threats,” it explained.
Wall Street analysts have downgraded Micron technology’s value after Intel’s announcement that it will expand investment in NAND.
Intel plans to invest up to $5.5 billion over the coming years to use its Dalan, China, facility to expand its NAND manufacturing capacity. Initial 3D NAND production is expected to commence in second-half 2016 in Dalan.
Barrons has said that with pricing pressure already present in DRAM, Intel’s move puts Micron in a state of uncertainty.
This is a little odd given that Intel and Micron are chums, but Barron’s Rajvindra Gill said that the move will reduce Chipzilla’s dependence on Micron.
More than half of output is expected to use 3D NAND in the next two to three years and Intel’s focus on the technology reduces its reliance on Micron as a supplier while transforming it into a competitor, Gill said.
Micron be the last one standing when the mergers and acquisitions the industry is seeing and be an industry also ran.
Intel’s focus on the non-volatile memory market could put the pricing and supply/demand environment under pressure.
Micron has already had difficulties setting up 3D NAND versus its peers and now has another significant challenger entering the market, Gill said.
Intel’s move to NAND places a major Micron customer at risk. While Intel noted that its relationship with Micron remains strong and that it will continue to focus on 3D Xpoint, we believe the IM Flash Agreement could be at risk.
With Intel producing more NAND on its own, it could look to lower its reliance on the joint venture.
Intel has a right to sell its portion of the joint venture to Micron. If Intel elects to do so, a closing date would be set within two years. Sales to IM Flash sales to Intel were $101 million in the third quarter, or 8 per cent of trade NAND revenue.
Apple has officially released iOS 9, but in the first hour users reported that they were unable to grab the 1GB download.
“Software Update Failed,” the message read on iPhones and iPads. “An error occurred downloading iOS 9.”Computerworld confirmed the problem, initially seeing it on multiple iOS 8 devices. But after several subsequent attempts, the download successfully started about an hour after Apple issued the upgrade.
Similar reports of early problems were posted on Apple’s own support forums and elsewhere on the Internet. “Not a very helpful error,” wrote someone identified as “yanic” on the former.
Others countered with snark. “Strangely, this is not a ‘limited time offer,’ said “stedman 1″ on the same thread, likely referring to Microsoft’s Windows 10 free upgrade offer, which is valid for one year. “The software will be available tomorrow, and the next day, and next week.”
Some advice ended up being more helpful. “You are facing an overloaded server which is pretty typical of the first day a software revision comes out,” contended “Ralph Landry1″ on a different discussion thread.
Several iPhone owners who had said that they were unable to download iOS 9 returned to the same forum threads to report they had gotten the upgrade later.
Apple’s track record with iOS releases has been mixed. Last year’s iOS 8 roll-out seemingly started off smoothly — there were few initial complaints about getting the upgrade — but many soon griped that 8′s large size forced them to wipe apps and content from their devices before they could install the new OS.
iOS 9′s size and the free space requirements for installation were both reduced to address that problem of last year. The free space demand for iOS 9 fell to 1.3GB to 1.8GB from last year’s 4.5GB to 5GB.
Comments Off on Enterprise Needs Driving Cloud Sales Boom
The cloud continues to gain major ground, driven by enterprise storage needs.
Sales are way up for little-known manufacturers that sell directly to big cloud companies like Google and Facebook, while the market for traditional external storage systems is shrinking, according to research company IDC.
Internet giants and service providers typically don’t use specialized storage platforms in their sprawling data centers. Instead, they buy vast amounts of capacity in the form of generic hardware that’s controlled by software. As users flock to cloud-based services, that’s a growing business.
Revenue for original design manufacturers that sell directly to hyperscale data-center operators grew by 25.8 percent to more than US$1 billion in the second quarter, according to the latest global IDC report on enterprise storage systems. Overall industry revenue rose just 2.1 percent from last year’s second quarter, reaching $8.8 billion.
These so-called ODMs are low-profile vendors, many of them based in Taiwan, that do a lot of their business manufacturing hardware that’s sold under better known brand names. Examples include Quanta Computer and Wistron.
General enterprises aren’t buying many systems from these vendors, but the trends at work in hyperscale deployments are growing across the industry. Increasingly, the platform of choice for storage is a standard x86 server dedicated to storing data, according to IDC analyst Eric Sheppard. Sales of server-based storage rose 10 percent in the quarter to reach $2.1 billion.
Traditional external systems like SANs (storage area networks) are still the biggest part of the enterprise storage business, logging $5.7 billion in revenue for the quarter. But sales in this segment were down 3.9 percent.
Overall demand for storage capacity continued to grow strongly, with 37 percent more capacity shipped in the quarter compared with a year earlier.
Comments Off on Malware Turns Computers Into Cellular Antenna
A team of Israeli researchers have improved on a way to steal data from air-gapped computers, thought to be safer from attack due to their isolation from the Internet.
They’ve figured out how to turn the computer into a cellular transmitter, leaking bits of data that can be picked up by a nearby low-end mobile phone.
While other research has shown it possible to steal data this way, some of those methods required some hardware modifications to the computer. This attack uses ordinary computer hardware to send out the cellular signals.
Their research, which will be featured next week at the 24th USENIX Security Symposium in Washington, D.C., is the first to show it’s possible to steal data using just specialized malware on the computer and the mobile phone.
“If somebody wanted to get access to somebody’s computer at home — let’s say the computer at home wasn’t per se connected to the Internet — you could possibly receive the signal from outside the person’s house,” said Yisroel Mirsky, a doctoral student at Ben-Gurion University and study co-author.
The air-gapped computer that is targeted does need to have a malware program developed by the researchers installed. That could be accomplished by creating a type of worm that infects a machine when a removable drive is connected. It’s believed this method was used to deliver Stuxnet, the malware that sabotaged Iran’s uranium centrifuges.
The malware, called GSMem, acts as a transmitter on an infected computer. It creates specific, memory-related instructions that are transmitted between a computer’s CPU and memory, generating radio waves at GSM, UMTS and LTE frequencies that can be picked up by a nearby mobile device.
The GSMem component that runs on a computer is tiny. “Because our malware has such a small footprint in the memory, it would be very difficult and can easily evade detection,” said Mordechai Guri, also a doctoral student at Ben-Gurion.
Inotera chairman Charles Kau said that it was unclear if DRAM prices will stop falling and rebound in the third quarter.
Inotera on May 11 signed a $508 million five-year syndicated loan agreement with a consortium of local banks in Taiwan in the hope of getting a bit of flexibility until things pick up.
The outfit was not thinking of flogging any of the family silver, but plans to start distributing dividends to shareholders in 2016, Kau noted.
In 2014, non-PC DRAM products accounted for 60 per cent of Inotera’s total revenues. The company will continue to improve its product mix in 2015, while making progress in the transition to 20nm process technology.
Kau told Digitimes that Inotera http://www.digitimes.com/news/a20150512PD219.html plans to have 80 per cent of its total production capacity to be built using a newer 20nm node by the end of 2015.
Meanwhile it is not planning any big capital expenditure, he said.
Samsung Electronics has started mass production of what it claims is the industry’s first Non-Volatile Memory Express (NVMe) PCIe solid state drive (SSD), which has an M.2 form factor for use in PCs and workstations.
Samsung said in an announcement that it is “the first in the industry” to bring NVMe SSDs to OEMs for the PC market.
The SM951-NVMe operates at low power in standby mode and is the most compact of any NVMe SSD out there, according to the firm.
“Our new NVMe SSD will allow for faster, ultra-slim notebook PCs with extended battery use, while accelerating the adoption of NVMe SSDs in the consumer marketplace,” said SVP of memory marketing Jeeho Baek.
“Samsung will continue to stay a critical step ahead of others in the industry in introducing a diversity of next-generation SSDs that contribute to an enhanced user experience through rapid popularisation of ultra-fast, highly energy-efficient, compact SSDs.”
Samsung has added an NVMe version of the SM951 SSD after making a AHCI-based PCIe 3.0 version available since early January. This, Samsung said, will form an even stronger SSD portfolio.
The new NVMe-based SM951 SSD boasts a sequential data read and write speed of up to 2,260MBps and 1,600MBps respectively, while taking advantage of the firm’s own controller technology.
“These performance figures are the industry’s most advanced, with speeds four and three times faster than those of a typical SATA-based M.2 SSD which usually moves data at up to 540MBps and 500MBps respectively,” Samsung added.
The drive achieves these high speeds by using four 8Gbps lanes of simultaneous data flow. This allows for a data transfer rate of 32Gbps and a maximum throughput of 4GBps, giving the new drive a huge advantage over SATA-based M.2 SSDs, which can only transfer data at up to 600MBps.
When it comes to random read operations, the SM951-NVMe can process 300,000 IOPS operations, which is more than twice as fast as the 130,000 rate of its AHCI-based predecessor, Samsung said, while being more than three times faster than the 97,000 IOPS of a SATA-based SSD.
“Meeting all M.2 form factor requirements, the drive’s thickness does not exceed 4mm. [It] also weighs less than 7g, which is lighter than two nickels and only a tenth the weight of a 2.5in SSD. Capacities are 512GB, 256GB and 128GB,” Samsung explained.
Samsung said that the company plans to incorporate 3D V-NAND technology into its NVMe SSD line-up, which could see even higher densities and performance.
Earlier this week HP unveiled the HP Z Turbo Drive G2, a storage solution featuring Samsung’s NVMe SSDs to process large datasets.
The HP Z Turbo Drive G2 PCIe SSD is said to deliver four times traditional SATA SSD performance at a similar cost to previous devices. This will allow workstation users to “super-charge” the productivity and creativity of workflows, according to HP.
Michael Fey has left Intel Security Group to become chief operating officer at Blue Coat. Blue Coat is apparently not the traditional garb of a British Holiday Camp entertainer, but apparently a privately owned network security company.
Fey was one of the few top McAfee managers to stay with the company after it was bought by Intel in 2011. McAfee is now part of Intel Security Group, where Fey had been chief technology officer. Fey said that his role at Blue Coat would be “very similar” to his old job but he was allowed to focus on the cloud and the advanced threats space more.
“Blue Coat had tremendous growth behind the scenes and now I get to focus on taking that growth and trying to get it to the billion-dollar revenue mark,” he told Reuters.
Since the $7.7 billion acquisition by Intel, McAfee has lost senior managers and key talent in technology development, research and sales. At Blue Coat, Fey will replace David Murphy, who will stay on as a strategic adviser to the board.
Comments Off on McAfee’s Biometric Software Coming Soon
A McAfee security product that will use biometric technology to authenticate users will be available for download by the end of the year, said Kirk Skaugen, senior vice president and general manager of the PC Client Group at Intel, last week.
“Your biometrics basically eliminate the need for you to enter passwords for Windows log in and eventually all your websites ever again,” Skaugen said.
Further product details were not immediately available. But one of the major inconveniences in using PCs and tablets is remembering passwords, which biometrics can tame.
An average user has about 18 passwords and biometric authentication will make PCs easier to use, Skaugen said.
Biometric authentication isn’t new. It’s being used in Apple Pay, where fingerprint authentication helps authorize credit card payments through the iPhone or iPad. Intel has been working on multiple forms of biometric authentication through fingerprint, gesture, face and voice recognition.
McAfee is owned by Intel, and the chip maker is building smartphone, tablet and PC technology that takes advantage of the security software. Intel has also worked on biometric technology for wearable devices like SMS Audio’s BioSport In-Ear Headphones, which can measure a person’s heart rate.
Intel also wants to make PCs and tablets easier to use through wireless charging, display, docking and data transfers. Such capabilities would eliminate the need to carry power brick and cables for displays and data transfers. Such capabilities will start appearing in laptops next year with sixth-generation Core chips code-named Skylake, which will be released in the second half.
Dell has unveiled the DCS XA90, an “ultra-dense” storage server capable of holding 720TB of data in a single 4U chassis.
Described by CEO Michael Dell on stage at the Dell World conference as “the power of a diesel truck in a Mini Cooper”, the DCS XA90 storage server means that a single Dell modular data centre of these units would hold 220PB of data, nearly a quarter of an exabyte.
“In a world where we could download our memories into those servers, we could house the experiences of about 90 people, an entire neighbourhood of digital lives,” said Dell.
He explained that the development of the DCS XA90 was driven by the demand for data storage that is “speeding us towards an exascale future”.
“That is what drove Dell to develop the DCS XA90 for our customers seeking extreme storage density and flexibility as they build out the cloud infrastructure of the future,” Dell added.
The DCS XA90 also packs two independent server nodes featuring Intel Xeon E5-2600v3 processors into each chassis, which Dell said makes it better for data-intensive analytics as well as archival storage.
As part of the announcement, Dell also revealed its PowerEdge FX architecture, a 2U enclosure with six PowerEdge server, storage and network IOA sleds built specifically to fit into the FX2 chassis and support varying workloads.
Due to ship in December, the PowerEdge FX architecture is described as “next-generation convergence” and a game changer in the IT industry, offering the flexibility to build configurations to meet requirements while simplifying management.
“There are other vendors who talk about convergence purely by doing an architecture rack,” said Dell’s server marketing vice president Ravi Pendekanti .
For example, HP’s Moonshot platform “just puts a bunch of blades together”, while Oracle’s Exadata platform “does one thing, and one thing really well, which is run Oracle’s enterprise applications”, he said.
The PowerEdge FX, which stands for ‘flexible infrastructure’, comprises a specially designed 2U rack-mount FX2 enclosure that can be filled with a choice of sled modules offering differing capabilities, enabling customers to adopt a building block approach to their infrastructure.
At launch, the sleds comprise a handful of full-width, half-width and quarter-width compute modules that allow customers to pick the performance and density required for applications such as web hosting, virtualisation or running databases, plus a half-width storage sled that can provide direct attached storage for the compute nodes.