Sign up for our Technology Newsletter 
Hackers Going After Traffic Signs
After hackers played several high-profile pranks with traffic signs, including warning San Francisco drivers of a Godzilla attack, the U.S. government advised operators of electronic highway signs to take “defensive measures” to better secure their property.
Last month, signs on San Francisco’s Van Ness Ave were photographed flashing “Godzilla Attack! Turn Back” and highway signs across North Carolina were tampered with last week to read “Hack by Sun Hacker.”
The Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, this week advised cities, highway operators and other customers of digital-sign maker Daktronics Inc to take “defensive measures” to minimize the possibility of similar attacks.
It said that information had been posted on the Internet advising hackers how to access those systems using default passwords coded into the company’s software. “ICS-CERT recommends entities review sign messaging, update access credentials and harden communication paths to the signs,” the agency said in an alert posted on Thursday.
Jody Huntimer, a representative for Daktronics, declined to say if the recent attacks involved the bug reported by ICS-CERT.
“We are working with the ICS-CERT team to clarify the current alert and will release a statement once we have assessed the situation and developed customer recommendations,” Huntimer said via email.
Krebs on Security, a widely read security blog, posted a confidential report from the Center for Internet Strategy, or CIS, which was sent to state security officials. It warned that the pranks created a public safety risk because drivers often slow or stop to view the signs and take pictures.
CIS also predicated that amateur hackers might attempt to hack into other systems in the coming weeks following the May 27 release of “Watch Dogs,” a video game from Ubisoft focused on hacking critical infrastructure.
Is China Hurting U.S. Vendors?
Shipments of servers from Chinese vendors grew at a rapid pace while the top server vendors in the U.S. declined during the first quarter of this year.
Worldwide server shipments were 2.3 million units during the first quarter, growing by just 1.4 percent compared to the same quarter last year, according to Gartner.
Growth was driven by Chinese server vendors Huawei and Inspur Electronics, which were ranked fourth and fifth, respectively, behind the declining Hewlett-Packard, Dell and IBM.
Huawei has been in the top five for server shipments for more than a year, but Inspur Electronics is a new entrant. Inspur builds blade servers, rack servers and supercomputers, and is best known for being involved in the construction of China’s Tianhe-2, which is currently the world’s fastest supercomputer, according to Top500.org.
Chinese servers partly benefitted from the 18 percent shipment growth in the Asia-Pacific region, while shipments in other regions declined, Gartner said in a statement.
Server buying trends have changed in recent years. Companies like Facebook, Google and Amazon, which buy servers by the thousands, are bypassing established server makers and purchasing hardware directly from manufacturers like Quanta and Inventec. That trend in part led to the establishment of the Open Compute Project, a Facebook-led organization that provides server reference designs so companies can design data-center hardware in-house.
Similarly, Chinese cloud providers are building mega data centers and buying servers from local vendors instead of going to the big name brands, said Patrick Moorhead, analyst with Moor Insights and Strategy.
The trend of buying locally is partly due to the security tension between the U.S. and China, but servers from Chinese companies are also cheaper, Moorhead said.
The enterprise infrastructure is also being built out in China, resulting in a big demand for servers. There is also a growing demand for servers from little-known vendors based in Asia — also known as “white box” vendors — in other regions, Moorhead said.
Is IBM Going After HP?
IBM has announced a unified branding for its commerce cloud based enterprise products and services with a presentation at the Smarter Commerce Global Summit in Tampa, Florida.
Hot on the heels of HP, which unified its cloud offerings under the Helion brand last week, IBM Experienceone is designed to allow companies to improve engagement with their customers by leveraging big data through the cloud.
Deployment comes from a unified offer of consulting services, software and infrastructure from IBM subsidary Softlayer, which can be used to gather data, mine analytics and improve customer commerce via a mixture of traditional and cloud services.
IBM has already committed 1,000 new employees for its IBM Interactive Experience who will staff 10 “IBM Interactive Experience Labs” that are being set up to help customers understand the rules of engagement and hopefully increase their level of customer engagement.
IBM GM of Industry Cloud Solution Craig Hayman said, “IBM Experienceone provides a secure and simplified portfolio – including innovation from more than 1,200 partners – to help clients design and deliver more valuable customer engagements. With cloud, on premise and hybrid options, IBM Experienceone quickly scales to engage every customer in the moment while protecting their privacy.”
The IBM Experienceone brand is a coming together of many acquisitions that IBM has made in the field over recent years, including Sterling Commerce, Tealeaf, Coremetrics, Unica, Demandtec, Xtify and Silverpop. The only obvious omission from the top to tail offer is a specific CRM database, however IBM Experienceone is compatible with most of the leading solutions, including those of its arch rivals. This leads to the question, could a CRM be next on the company’s shopping list?
As well as on desktop and server equipment, Experienceone analytics will also be available through apps for iOS and Android.
IBM Goes BlueMix
IBM has put together a vast array of hosted cloud services, and now it has a single location to offer them for sale.
At IBM Cloud online marketplace, that went live on Monday, enterprises can find the full range of IBM’s offerings behind a single gateway.
“So many of our customers want to build new cloud-based, front-end systems, but they want to tie them into their back-end infrastructure. We’re delivering a whole set of integration components and control services to do the connection, and monitor and control what is taking place,” said Steve Mills, IBM senior vice president and group executive for software and systems.
The marketplace has more than 100 hosted IBM applications, as well as middleware components from IBM’s Bluemix platform as a service (PaaS). It also serves as a portal to IBM’s SoftLayer infrastructure as a service (IaaS) and houses a collection of services from IBM partners.
“It’s an open platform. It supports all the popular application development tools and structures. So it’s not uniquely IBM. There’s a lot of open source and partners,” Mills said. In addition to IBM’s own offerings, other services will be offered on the site by SendGrid, Zend, Redis Labs and other IBM partners.
IBM is banking heavily on the cloud. The company’s revenue has been declining lately, due in part to sagging hardware sales. The cloud is likely to be a good place to look for more money: Gartner expects 80 percent of organizations to use cloud services in some form by the end of 2014.
Although IBM got a late start in the cloud, at least compared with rivals Amazon and Microsoft, it’s aggressively repositioning itself as a one-stop cloud services company. It generated $4.4 billion in cloud-related revenue in 2013 and has made a number of additional investments in the area as well.
In January, the company announced it would invest $1.2 billion into expanding its SoftLayer cloud service, which it acquired last year for $2 billion.
It is also investing $1 billion in the effort to adapt its middleware software as cloud services, part of the Bluemix offering.
The new online marketplace ties together a number of these initiatives from IBM within a single portal. It can be accessed from desktops, laptops, tablets and smartphones, and it can customize the service offerings based on the user’s needs.
SkySQL Joins IBM On SQL Merger
SkySQL has announced a line of MariaDB products that combine NoSQL and SQL technology, offering users the ability to handle large unstructured data sets alongside traditional database features to ensure data consistency.
Available immediately, MariaDB Enterprise 2 and MariaDB Enterprise Cluster 2 are based on the code used in the firm’s MariaDB 10 database server, which it also released today.
According to SkySQL, the availability of an enterprise grade SQL database system with NoSQL interoperability will be a game changer for developers building revenue generating applications and database administrators in charge of large, complex environments.
The two new products have been developed with support from other partners in the open source community, including Red Hat, IBM and Google, according to the firm, and are aimed at giving IT managers more options for managing large volumes of data.
In fact, Red Hat will use MariaDB Enterprise 2 as the default database for its enterprise customers, while Google has also moved large parts of its infrastructure to MariaDB, according to Dion Cornett, VP of Global Sales for SkySQL .
Cornett said that customers have been using a wide variety of databases over the past few years in order to meet the diverse requirements of applications.
“The types of applications have evolved over time, and the challenge we now have today is that people have different IT stack structures, and trying to integrate all that has been very challenging and required lots of custom code to be created. What we’re doing with MariaDB is introduce an array of features to combine the best of both worlds,” he said.
The features are designed to allow developers and database administrators to take many different data structures and integrate them and use them in a cohesive application, in the same way that standard database tools presently allow.
These include the Connect Storage Engine, which enables access to a wide variety of file formats such as XML and CSV files, and the ability to run familiar SQL commands against that data.
A key feature is dynamic columns, which enables MariaDB to “smartly interpret” incoming data and adapt it to the data structure that best fits, according to Cornett.
“At a technical level what you’re actually looking at are files within the cells of information that can vary in size, which is not a capability you’ve traditionally had in databases and that flexibility is a big leap forward,” he said.
The new MariaDB products can also plug into the Apache Cassandra storage engine, which can take a columnar data store and read or write against it like it is a traditional SQL table.
An example of how MariaDB Enterprise 2 might be used is if a service provider has a large-scale video server and wants to combine that with billing information, Cornett said.
“The customer’s video history and what they’re consuming could be very unstructured, but the billing structure will be very fixed, and it has been something of a challenge to bring the two of those together up to this point,” he explained.
IT Dissatisfaction Growing
Companies want to reduce spending on IT operations and infrastructure and shift resources to revenue-producing areas, according to two new studies. But businesses leaders and IT executives are also registering higher levels of dissatisfaction with IT as more demands are placed on technology.
The reports, by the Hackett Group and McKinsey & Co., both agree that business executives want IT to do more to improve the bottom line while companies spend less on infrastructure in the process.
The bad news for people who work in IT operations is that large businesses expect to cut IT staff positions by about 2% this year, thanks to automation and outsourcing, according the Hackett’s survey of 160 businesses with revenues above $1 billion.
One path to improved automation will likely be through adoption of software-defined infrastructures, something Bank of America plans to do.
IT budgets will grow by 1.7% this year as IT pivots, increasingly, from a service-providing operation to a revenue-generating one, the Hackett Group said in its study.
IT managers are being told that “you’ve got to grow the business, not just run the business,” said Mark Peacock, an IT transformation practice leader and principal at Hackett.
McKinsey & Co., in its online survey of more than 800 executives — with 345 having a technology focus — also found that executives want less of their budgets to go to infrastructure so more resources can be shifted to analytics and innovation.
The McKinsey survey found that business executives are less likely to say now that IT performs effectively, compared to their views two years ago.
“The IT executives are even more negative,” wrote McKinsey, with only 13% of them saying their IT organizations “are completely or very effective at introducing new technologies faster or more effectively than competitors.” That percentage was down from 22% in 2012.
The negative results “likely reflect the overall rising expectations for corporate IT,” wrote McKinsey.
When asked how to fix IT shortcomings, respondents cited improved business accountability, more funds for priority projects and a higher the level of IT talent, the report said.
The Hackett Group survey didn’t report on dissatisfaction, but it did find that the top goal for IT organizations this year is “to strengthen partnership and goal alignment between IT and the business.”
Target Makes Information Security Changes
Comments Off on Target Makes Information Security Changes
Target Corp announced an overhaul of its information security processes and the departure of its chief information officer as the retailer tries to re-gain customers and investors after a massive data breach late last year.
CIO Beth Jacob is the first high-level executive to leave the company following the breach, which led to the theft of about 40 million credit and debit card records and 70 million other records of customer details.
Jacob, who comes from a sales background and has been CIO since 2008, will be replaced by an external hire, according to sources at Target.
“It’s a decision that should have been made by the CEO on January 1, not through the resignation of an employee that overlooked critical weakness in the operating model,” Belus Capital Advisors CEO Brian Sozzi said.
The breach at Target was the second largest at a U.S. retailer, after the theft of more than 90 million credit cards over about 18 months was uncovered in 2007 at TJX Cos Inc, operator of the T.J. Maxx and Marshalls chains.
Hacking has become a major concern for retailers in the United States. In the latest reported breach, beauty products retailer and distributor Sally Beauty Holdings Inc said on Wednesday its network had been hacked but no card or customer data appeared to have been stolen.
Target Chief Executive Gregg Steinhafel said the company would elevate the role of chief information security officer as part of its plan to tighten its security.
The company will also look externally to fill that position as well as the new position of chief compliance officer.
Steinhafel said Target would be advised by security consultant Promontory Financial Group as it evaluates its technology, structure, processes and talent.
“I believe this is definitely a measure in restoring faith and really showing that they are taking the breach seriously,” Heather Bearfield, who runs the cybersecurity practice for accounting firm Marcum LLP, told Reuters.
Target, the third-largest U.S. retailer, said last week customer traffic had started to improve this year after falling significantly toward the end of the holiday shopping season when news of the cyber attack spooked shoppers.
Did Intel Kill Bay Trail?
Intel has decided that some of its budget Bay Trail parts have been out evolved and flung them into a tar pit. According to CPU World the parts first appeared in September. Intel released budget Bay Trail systems on a chip for mobile and desktop markets, under Celeron and Pentium brands.
They were manufactured on 22nm technology, and featured such enhancements as greater number of CPU cores, higher clock speeds, beefed up graphics unit, not to mention an out-of-order microarchitecture, that improved per-clock CPU performance by up to 30 per cent faster compared to their predecessors. With this performance goodness it is a little surprising the Intel has decided that all the all Bay Trail SoCs will be discontinued in a matter of a few months. Details of the planned discontinuation were published this week by Intel in several Product Change Notification documents.
The Desktop Pentium J2850, along with mobile Celeron N2810 and Pentium N3510 are already End of Lifed and its last orders will be in two weeks, on February 11. The chips will ship until April 25, 2014. Also retired are mobile Celeron N2806, N2815, N2820, N2920, and Pentium N3520. Their EOL date is April 11, 2014, and they will ship until May 30, 2014. On August 22, 2014, Intel is going to discontinue Celeron J1750, J1850, N2805 and N2910. The “J” models are desktop processors, and the “N” are mobile ones. There is no word on Z-series Bay Trail-T parts, none appear to be EOL’d at this time.
Furthermore, on the same date Intel will retire Core i7-3940XM Extreme Edition, and boxed and tray versions of Core i7-3840QM and i7-3740QM CPUs. The last shipment date for the Celerons and Core i7s is February 6, 2015.
vmWare Buys Airwatch
VMware will buy mobile management and security startup outfit Airwatch for $1.54billion.
The firm announced today that the deal has been approved by both companies’ boards and is forecast to close by the end of this quarter.
The deal will see VMware, which also announced estimated revenue of $1.48bn for the fourth quarter of 2013, pay $1.175bn in cash and $365m in installment payments.
Airwatch has nine offices worldwide with a workforce of 1,600 people and lists over 10,000 global customers.
The acquisition, which will help redefine VMware’s product portfolio and bring it more up to date with the industry’s threat landscape, will see the integration of Airwatch staff into the company’s End-User Computing Group, with the team working from its Atlanta base. VMware said it will continue to answer directly to Airwatch founder and CEO John Marshall, who will report to ex-Intel executive and VMware CEO Pat Gelsinger.
VMware EVP and GM of the End-User Computing group Sanjay Poonen said that the company plans to expand Airwatch’s Atlanta offices to become the centre of its mobile operations.
“Our vision is to provide a secure virtual workspace that allows end users to work at the speed of life,” he said. “The combination of Airwatch and VMware will enable us to deliver unprecedented value to our customers and partners across their desktop and mobile environments.”
Almost a year ago, VMWare announced a two percent increase in quarterly profits despite an impressive 22 percent increase in sales, and announced 900 job cuts.
The visualization specialist is one many firms to acquire security companies over the past year. Advanced threat specialist Fireeye announced plans to buy end-point protection firm Mandiant earlier in January for $1bn.
Was Dropbox Really Hacked?
January 24, 2014 by admin
Filed under Around The Net
Comments Off on Was Dropbox Really Hacked?
Dropbox suffered a major outage over the weekend.
In one of the more bizarre recent incidents, after the service went down on Friday evening a group of hackers claimed to have infiltrated the service and compromised its servers.
However, on the Dropbox blog, Dropbox VP of engineering Ardita Ardwarl told users that hackers were not to blame.
Ardwari said, “On Friday evening we began a routine server upgrade. Unfortunately, a bug installed this upgrade on several active servers, which brought down the entire service. Your files were always safe, and despite some reports, no hacking or DDOS attack was involved.”
The fault occurred when a bug in an upgrade script caused an operating system upgrade to be triggered on several live machines, rendering them inoperative. Although the fault was rectified in three hours, the knock-on effects led to problems that lasted through the weekend for some users.
Dropbox has assured users that there are no further problems and that all users should now be back online. It said that at no point were files in danger, adding that the affected machines didn’t host any user data. In other words, the “hackers” weren’t hackers at all, but attention seeking trolls.
Dropbox claims to have over 200 million users, many of which it has acquired through strategic partnerships with device manufacturers offering free storage with purchases.
The company is looking forward to an initial public offering (IPO) on the stock market, so the timing of such a major outage could not be worse. Dropbox, which includes Bono and The Edge from U2 amongst its investors, has recently enhanced its business offering to appeal to enterprise clients, and such a loss of uptime could affect its ability to attract customers.