Sign up for our Technology Newsletter 
Is HP’s Forthcoming Split A Good Idea?
Comments Off on Is HP’s Forthcoming Split A Good Idea?
HP Has released its financial results for the third quarter and they make for somewhat grim reading.
The company has seen drops in key parts of the business and an overall drop in GAAP net revenue of eight percent year on year to $25.3bn, compared with $27.6bn in 2014.
The company failed to meet its projected net earnings per share, which it had put at $0.50-$0.52, with an actual figure of $0.47.
The figures reflect a time of deep uncertainty at the company as it moves ever closer to its demerger into HP and Hewlett Packard Enterprise. The latter began filing registration documents in July to assert its existence as a separate entity, while the boards of both companies were announced two weeks ago.
Dell CEO Michael Dell slammed the move in an exclusive interview with The INQUIRER, saying he would never do the same to his company.
The big boss at HP remained upbeat, despite the drop in dividend against expectations. “HP delivered results in the third quarter that reflect very strong performance in our Enterprise Group and substantial progress in turning around Enterprise Services,” said Meg Whitman, chairman, president and chief executive of HP.
“I am very pleased that we have continued to deliver the results we said we would, while remaining on track to execute one of the largest and most complex separations ever undertaken.”
To which we have to ask: “Which figures were you looking at, lady?”
Breaking down the figures by business unit, Personal Systems revenue was down 13 percent year on year, while notebook sales fell three percent and desktops 20 percent.
Printing was down nine percent, but with a 17.8 percent operating margin. HP has been looking at initiatives to create loyalty among print users such as ink subscriptions.
The Enterprise Group, soon to be spun off, was up two percent year on year, but Business Critical system revenue dropped by 21 percent, cancelled out by networking revenue which climbed 22 percent.
Enterprise Services revenue dropped 11 percent with a six percent margin, while software dropped six percent with a 20.6 percent margin. Software-as-a-service revenue dropped by four percent.
HP Financial Services was down six percent, despite a two percent decrease in net portfolio assets and a two percent decrease in financing volume.
Source- http://www.thegurureview.net/computing-category/is-hps-forthcoming-split-a-good-idea.html
Web.com Latest Hacking Victim
Hackers gain unauthorized access to the computers of Internet services provider Web.com Group and stole credit card information of 93,000 customers.
According to a website set up by the company to share information about the incident, Web.com discovered the security breach on Aug. 13 as part of its ongoing security monitoring.
Attackers compromised credit card information for around 93,000 accounts, as well as the names and addresses associated with them. No other customer information like social security
numbers was affected, the company said.
According to the company, the verification codes for the exposed credit cards were not leaked. However, there are websites on the Internet that don’t require such codes for purchases.
Web.com has notified affected customers via email and will also follow up with letters sent through the U.S. Postal Service. Those users can sign up for a one-year free credit monitoring service.
The company did not specify how the intruders gained access to its systems, but has hired a “nationally recognized” IT security firm to conduct an investigation.
Web.com provides a variety of online services, including website and Facebook page design, e-commerce and marketing solutions, domain registration and Web hosting. The company claims to have over 3.3 million customers and owns two other well known Web services companies: Register.com and Network Solutions.
Register.com and Network Solutions customers were not impacted by this breach unless they also purchased services directly from Web.com.
Source-http://www.thegurureview.net/aroundnet-category/web-com-latest-victim-of-credit-card-hacking.html
Malware Turns Computers Into Cellular Antenna
Comments Off on Malware Turns Computers Into Cellular Antenna
A team of Israeli researchers have improved on a way to steal data from air-gapped computers, thought to be safer from attack due to their isolation from the Internet.
They’ve figured out how to turn the computer into a cellular transmitter, leaking bits of data that can be picked up by a nearby low-end mobile phone.
While other research has shown it possible to steal data this way, some of those methods required some hardware modifications to the computer. This attack uses ordinary computer hardware to send out the cellular signals.
Their research, which will be featured next week at the 24th USENIX Security Symposium in Washington, D.C., is the first to show it’s possible to steal data using just specialized malware on the computer and the mobile phone.
“If somebody wanted to get access to somebody’s computer at home — let’s say the computer at home wasn’t per se connected to the Internet — you could possibly receive the signal from outside the person’s house,” said Yisroel Mirsky, a doctoral student at Ben-Gurion University and study co-author.
The air-gapped computer that is targeted does need to have a malware program developed by the researchers installed. That could be accomplished by creating a type of worm that infects a machine when a removable drive is connected. It’s believed this method was used to deliver Stuxnet, the malware that sabotaged Iran’s uranium centrifuges.
The malware, called GSMem, acts as a transmitter on an infected computer. It creates specific, memory-related instructions that are transmitted between a computer’s CPU and memory, generating radio waves at GSM, UMTS and LTE frequencies that can be picked up by a nearby mobile device.
The GSMem component that runs on a computer is tiny. “Because our malware has such a small footprint in the memory, it would be very difficult and can easily evade detection,” said Mordechai Guri, also a doctoral student at Ben-Gurion.
Cisco Warns Of Bug In Virtual App
Cisco has warned of a default Secure Shell vulnerability in three of its virtual applications.
The flaw could allow attackers to decrypt traffic exchanged in the services, and has been detailed in a Cisco security advisory.
It affects Cisco’s Web Security Virtual Appliance (SMAv), Email Security Virtual Appliance and Security Management Virtual Appliance, which are already commercially available.
Cisco said that it “is not aware of any public announcements or malicious use of the vulnerabilities”, but warned that attackers who got hold of the private keys could decrypt communications with a man-in-the-middle attack.
The default private encryption keys were preinstalled on all three of the products, a move which is considered bad security practice.
“Successfully exploiting this vulnerability on Cisco SMAv allows an attacker to decrypt communication toward SMAv, impersonate SMAv, and send altered data to a configured content appliance,” the advisory said.
“An attacker can exploit this vulnerability on a communication link toward any content security appliance that was ever managed by any SMAv.”
Cisco has released a patch which deletes the preinstalled SSH keys and explains how customers can correct the problem.
The Cisco-sa-20150625-ironport SSH Keys Vulnerability Fix comes as part of several product upgrades, and must be manually installed from a command line interface.
Cisco’s advisory said that the patch is not required for physical hardware appliances, or for virtual appliance downloads or upgrades after 25 June.
Cisco revealed details of a new point of sale attack earlier this year that could part firms from money and customers from personal data.
The threat, called PoSeidon by the Cisco team, came at a time when eyes were on security breaches at firms like Target.
Cisco said in a blog post that PoSeidon is a threat that has the ability to breach machines and scrape them for credit card information.
Is Oracle Sliding?
Oracle said weak sales of its traditional database software licenses were made worse by a strong US dollar lowered the value of foreign revenue.
Shares of Oracle, often seen as a barometer for the technology sector, fell 6 percent to $42.15 in extended trading after the company’s earnings report on Wednesday.
Shares of Microsoft and Salesforce.com, two of Oracle’s closest rivals, were close to unchanged.
Daniel Ives, an analyst at FBR Capital Markets said that this announcement speaks to the headwinds Oracle is seeing in the field as their legacy database business is seeing slowing growth.
It also shows that while Cloud business has seen pockets of strength it is not doing as well as many thought,
Oracle, like other established tech companies, is looking to move its business to the cloud-computing model, essentially providing services remotely via data centres rather than selling installed software.
The 38-year-old company has had some success with the cloud model, but is not moving fast enough to make up for declines in its traditional software sales.
Oracle, along with German rival SAP has been losing market share in customer relationship management software in recent years to Salesforce.com, which only offers cloud-based services.
Because of lower software sales and the strong dollar, Oracle’s net income fell to $2.76 billion, or 62 cents per share, in the fourth quarter ended May 31, from $3.65 billion, or 80 cents per share, a year earlier.
Revenue fell 5.4 percent to $10.71 billion. Revenue rose 3 percent on a constant currency basis. Analysts had expected revenue of $10.92 billion, on average.
Sales from Oracle’s cloud-computing software and platform service, an area keenly watched by investors, rose 29 percent to $416 million.
RedHat And Canonical Discuss Linux 4.0
Comments Off on RedHat And Canonical Discuss Linux 4.0
Red Hat has been telling everyone its plans to integrate the latest Linux 4.0 kernel into its products.
In a statement, a spokesman told us, “Red Hat’s upstream community projects will begin working with 4.0 almost immediately; in fact, Fedora 22 Alpha was based on the RC1 version of the 4.0 kernel.
“From a productization perspective, we will keep an eye on these integration efforts for possible inclusion into Red Hat’s enterprise portfolio.
“As with all of our enterprise-grade solutions, we provide stable, secure and hardened features, including the Linux kernel, to our customers – once we are certain that the next iterations of the Linux kernel, be it 4.0 or later, has the features and maturity that our customer base requires, we will begin packaging it into our enterprise portfolio with the intention of supporting it for 10 years, as we do with all of our products.”
Meanwhile, Canonical Head Honcho Mark Shuttleworth has confirmed that Linux Kernel 4.0 should be making its debut in Ubuntu products before the end of the year.
In an earlier note to The INQUIRER, Shuttleworth confirmed that the newly released kernel’s integration was “likely to be in this October release.”
The news follows the release of version 4.0 of the Linux kernel in a flurry of what T S Eliot would describe as “not with a bang but a whimper”.
Writing on the Linux Kernel Mailing List on Sunday afternoon, Linux overlord Linus Torvalds explained that the new version was being released according to schedule, rather than because of any dramatic improvements, and because of a lack of any specific reason not to.
“Linux 4.0 was a pretty small release in linux-next and in final size, although obviously ‘small’ is relative. It’s still over 10,000 non-merge commits. But we’ve definitely had bigger releases (and judging by linux-next v4.1 is going to be one of the bigger ones),” he said.
“Feature-wise, 4.0 doesn’t have all that much special. Much has been made of the new kernel patching infrastructure, but realistically that wasn’t the only reason for the version number change. We’ve had much bigger changes in other versions. So this is very much a ‘solid code progress’ release.”
Come to think of it, it is very unlikely that T S Eliot would ever have written about Linux kernels, but that’s not the point.
Torvalds, meanwhile, explained that he is happier with releasing to a schedule rather than because of any specific feature-related reason, although he does note that there have been four billion code commits, and Linux 3.0 was released after the two billion mark, so there’s a nice symmetry there.
In fact, back in 2011 the version numbering of the Linux kernel was a matter of some debate, and Torvalds’ lacklustre announcement seems to be pre-empting more of the same.
In a subsequent post Torvalds jokes, “the strongest argument for some people advocating 4.0 seems to have been a wish to see 4.1.15 – because ‘that was the version of Linux Skynet used for the T-800 Terminator.’”
Oracle Launches OpenStack Platform With Intel
Comments Off on Oracle Launches OpenStack Platform With Intel
Oracle and Intel have teamed up for the first demonstration of carrier-grade network function virtualization (NFV), which will allow communication service providers to use a virtualized, software-defined model without degradation of service or reliability.
The Oracle-led project uses the Intel Open Network Platform (ONP) to create a robust service over NFV, using intelligent direction of software to create viable software-defined networking that replaces the clunky equipment still prevalent in even the most modern networks.
Barry Hill, Oracle’s global head of NFV, told The INQUIRER: “It gets us over one of those really big hurdles that the industry is desperately trying to overcome: ‘Why the heck have we been using this very tightly coupled hardware and software in the past if you can run the same thing on standard, generic, everyday hardware?’. The answer is, we’re not sure you can.
“What you’ve got to do is be smart about applying the right type and the right sort of capacity, which is different for each function in the chain that makes up a service.
“That’s about being intelligent with what you do, instead of making some broad statement about generic vanilla infrastructures plugged together. That’s just not going to work.”
Oracle’s answer is to use its Communications Network Service Orchestration Solution to control the OpenStack system and shrink and grow networks according to customer needs.
Use cases could be scaling out a carrier network for a rock festival, or transferring network priority to a disaster recovery site.
“Once you understand the extent of what we’ve actually done here, you start to realize just how big an announcement this is,” said Hill.
“On the fly, you’re suddenly able to make these custom network requirements instantly, just using off-the-shelf technology.”
The demonstration configuration optimizes the performance of an Intel Xeon E5-2600 v3 processor designed specifically for networking, and shows for the first time a software-defined solution which is comparable to the hardware-defined systems currently in use.
In other words, it can orchestrate services from the management and orchestration level right down to a single core of a single processor, and then hyperscale it using resource pools to mimic the specialized characteristics of a network appliance, such as a large memory page.
“It’s kind of like the effect that mobile had on fixed line networks back in the mid-nineties where the whole industry was disrupted by who was providing the technology, and what they were providing,” said Hill.
“Suddenly you went from 15-year business plans to five-year business plans. The impact of virtualization will have the same level of seismic change on the industry.”
Today’s announcement is fundamentally a proof-of-concept, but the technology that powers this kind of next-generation network is already evolving its way into networks.
Hill explained that carrier demand had led to the innovation. “The telecoms industry had a massive infrastructure that works at a very slow pace, at least in the past,” he said.
“However, this whole virtualization push has really been about the carriers, not the vendors, getting together and saying: ‘We need a different model’. So it’s actually quite advanced already.”
NFV appears to be the next gold rush area for enterprises, and other consortium are expected to make announcements about their own solutions within days.
The Oracle/Intel system is based around OpenStack, and the company is confident that it will be highly compatible with other systems.
The ‘Oracle Communications Network Service Orchestration Solution with Enhanced Platform Awareness using the Intel Open Network Platform’ – or OCNSOSWEPAUTIONP as we like to think of it – is currently on display at Oracle’s Industry Connect event in Washington DC.
The INQUIRER wonders whether there is any way the marketing department can come up with something a bit more catchy than OCNSOSWEPAUTIONP before it goes on open sale.
Juniper Networks Goes OpenStack
Juniper and Mirantis are getting close, with news that they are to form a cloud OpenStack alliance.
The two companies have signed an engineering partnership that the companies believe will lead to a reliable, scalable software-defined networking solution.
Mirantis OpenStack will now inter-operate with Juniper Contrail Networking, as well as OpenContrail, an open source software-defined networking system.
The two companies have published a reference architecture for deploying and managing Juniper Contrail Networking with Mirantis OpenStack to simplify deployment and reduce the need for third-party involvement.
Based on OpenStack Juno, Mirantis OpenStack 6.0 will be enhanced by a Fuel plugin in the second quarter that will make it even easier to deploy large-scale clouds in house.
However, Mirantis has emphasized that the arrival of Juniper to the fold is not a snub to the recently constructed integration with VMware.
Nick Chase of Mirantis explained, “…with this Juniper integration, Mirantis will support BOTH VMware vCenter Server and VMware NSX AND Juniper Networks Contrail Networking. That means that even if they’ve got VMware in their environment, they can choose to use NSX or Contrail for their networking components.
“Of course, all of that begs the question, when should you use Juniper, and when should you use VMware? Like all great engineering questions, the answer is ‘it depends’. How you choose is going to be heavily influenced by your individual situation, and what you’re trying to achieve.”
Juniper outlined its goals for the tie-up as:
– Reduce cost by enabling service providers and IT administrators to easily embrace SDN and OpenStack technologies in their environments
– Remove the complexity of integrating networking technologies in OpenStack virtual data centres and clouds
– Increase the effectiveness of their operations with fully integrated management for the OpenStack and SDN environments through Fuel and Juniper Networks® Contrail SDN Controller
The company is keen to emphasize that this is not meant to be a middle finger at VMware, but rather a demonstration of the freedom of choice offered by open source software. However, it serves as another demonstration of how even the FOSS market is growing increasingly proprietary and competitive.
Medical Data Becoming Valuable To Hackers
Comments Off on Medical Data Becoming Valuable To Hackers
The personal information stored in health care records fetches increasingly impressive sums on underground markets, making any company that stores such data a very attractive target for attackers.
“Hackers will go after anyone with health care information,” said John Pescatore, director of emerging security trends at the SANS Institute, adding that in recent years hackers have increasingly set their sights on EHRs (electronic health records).
With medical data, “there’s a bunch of ways you can turn that into cash,” he said. For example, Social Security numbers and mailing addresses can be used to apply for credit cards or get around corporate antifraud measures.
This could explain why attackers have recently targeted U.S. health insurance providers. Last Tuesday, Premera Blue Cross disclosed that the personal details of 11 million customers had been exposed in a hack that was discovered in January. Last month, Anthem, another health insurance provider, said that 78.8 million customer and employee records were accessed in an attack.
Both attacks exposed similar data, including names, Social Security numbers, birth dates, telephone numbers, member identification numbers, email addresses and mailing addresses. In the Premera breach, medical claims information was also accessed.
If the attackers try to monetize this information, the payout could prove lucrative.
Credentials that include Social Security numbers can sell for a couple of hundred dollars since the data’s lifetime is much longer compared to pilfered credit card numbers, said Matt Little, vice president of product development at PKWARE, an encryption software company with clients that include health care providers. Credit card numbers, which go for a few dollars, tend to work only for a handful of days after being reported stolen.
Yet Another Retailer System Hacked
Women’s clothing retailer Bebe Stores has become the latest in a growing list of national retailers to be hit by an attack on its credit card payment system.
The company said Friday that the cardholder name, account number, expiration date, and verification code could have been stolen by hackers who apparently had access to the company’s payment processing system between Nov. 8 and 26.
The incident came to light in late November when Bebe said it noticed suspicious activity on computers that operate the payment processing system. Stores affected were the roughly 200 it operates in the U.S., Puerto Rico and the U.S. Virgin Islands.
“If you used a payment card at a U.S., Puerto Rico or U.S. Virgin Islands store during this time frame, you should review your account statements for any unauthorized activity,” it said in a message to customers.
The last couple of years have been bad ones for the safety of credit card data at major U.S. retailers. Millions of credit and debit card numbers have been compromised in breaches at retailers, including Target, Home Depot, PF Chang’s restaurants, Super Valu grocery stores, Neiman Marcus, UPS Store and others.
In many cases, the attacks were targeted at payment processing terminals and used sophisticated malware that stole card details as consumers swiped their cards. Many of the thefts were only discovered after the card numbers appeared for sale on Internet hacking forums.
Such was the case with Bebe Stores. First news of the hack came earlier this week through the closely followed Krebs on Security blog.