Sign up for our Technology Newsletter 
MDM Coming To Office 365
November 10, 2014 by admin
Filed under Smartphones
Comments Off on MDM Coming To Office 365
Microsoft will rollout mobile device management (MDM) capabilities to Office 365 in 2015, making it easier for firms to manage corporate data across a range of mobile devices, including those running iOS and Android as well as Windows.
Microsoft unveiled the updates coming to its Office 365 cloud-delivered productivity suite in 2015 at its TechEd Europe conference.
These will enable customers to apply security policies against devices that connect to Office 365 to ensure that email and documents can be accessed only by approved devices, plus the ability to remotely wipe Office 365 data if necessary.
Julia White, Microsoft general manager for Office 365, said that the updates will enable customers to offer “conditional access” to Office documents and email, such as ensuring that any device used by employees has not been jailbroken or rooted, which could potentially pose a security risk.
Administrators will be able to set policies directly from the Office 365 administration portal, and enforce the use of a Pin to secure access to the device. Any wipe of Office 365 content will not affect the user’s personal data, White added.
These MDM features coming to Office 365 are actually powered by Microsoft’s Intune cloud-based management service and are a subset of Intune’s capabilities, the firm disclosed.
Intune itself is also getting some upgrades that will enable customers to benefit from additional security features if they also subscribe to Intune.
These will include data leak prevention measures that enable policies to be applied against managed applications, preventing users from copying and pasting data from an Office 365 app to another, for example, or copying files from Office 365 to elsewhere on the device.
While these capabilities are built in to Office 365, Microsoft will also enable this to be extended to other applications using Intune app wrapper functionality, White said.
White also confirmed that Microsoft is working on an Android version of the Office for iPad suite of mobile productivity tools that the firm announced for Apple’s tablet platform earlier this year.
Microsoft’s Office announcement comes amid speculation that the firm will release Office for Android next month.
MasterCard Testing New Fingerprint Reader
October 29, 2014 by admin
Filed under Consumer Electronics
Comments Off on MasterCard Testing New Fingerprint Reader
MasterCard is trying out a contactless payment card with a built-in fingerprint reader that can authorize high-value payments without requiring the user to enter a PIN.
The credit-card company showed a prototype of the card in London on Friday along with Zwipe, the Norwegian company that developed the fingerprint recognition technology.
The contactless payment card has an integrated fingerprint sensor and a secure data store for the cardholder’s biometric data, which is held only on the card and not in an external database, the companies said.
The card also has an EMV chip, used in European payment cards instead of a magnetic stripe to increase payment security, and a MasterCard application to allow contactless payments.
The prototype shown Friday is thicker than regular payment cards to accommodate a battery. Zwipe said it plans to eliminate the battery by harvesting energy from contactless payment terminals and is working on a new model for release in 2015 that will be as thin as standard cards.
Thanks to its fingerprint authentication, the Zwipe card has no limit on contactless payments, said a company spokesman. Other contactless cards can only be used for payments of around €20 or €25, and some must be placed in a reader and a PIN entered once the transaction reaches a certain threshold.
Norwegian bank Sparebanken DIN has already tested the Zwipe card, and plans to offer biometric authentication and contactless communication for all its cards, the bank has said.
MasterCard wants cardholders to be able to identify themselves without having to use passwords or PINs. Biometric authentication can help with that, but achieving simplicity of use in a secure way is a challenge, it said.
Will Sprint Cut It’s Staff?
August 26, 2014 by admin
Filed under Around The Net
Comments Off on Will Sprint Cut It’s Staff?
Sprint’s new CEO Marcelo Claure addressed employees for the first time and promised price reductions are coming very soon, according to a report.
Sprint didn’t deny the report of Marcelo’s comments. A spokesman also confirmed Friday that Sprint is “focusing on providing the best value in the market.”
According to the account of Claure’s comments, he told workers, “We’re going to change our plans to make sure every customer in America thinks twice about signing up to a competitor.” The report, which first appeared in LightReading.com, also said that “very disruptive” rate plans are coming this week.
Sprint didn’t dispute Light Reading’s report, but a spokesman said Sprint is not commenting on “any potential pricing plans before they are announced.”
The spokesman, Doug Duvall, said Marcelo held his first all-employee town hall meeting before a standing-room-only crowd. He added: “He shared his passion for his family, work and soccer team and his commitment to leading Sprint. He discussed Sprint’s challenges and pledged to get Sprint ‘back in the game’ by focusing on providing the best value in the market, completing our network build and optimizing Sprint’s cost structure.”
By confirming Sprint wants to offer the “best value in the market,” it’s pretty clear that Sprint, the third-largest U.S. carrier, will soon wage a price war with the T-Mobile, the fourth-largest U.S. carrier that has quickly been gaining on Sprint.
Analysts recently said Sprint’s recent “Framily plan” isn’t competitive in the market, which former CEO Dan Hesse acknowledged in late July before his departure on Monday.
The Sprint Framily plans costs $160 a month for 4GB of data, but comes with overage charges and won’t allow tethering. Meanwhile, T-Mobile has a family plan offered through September that costs $100 a month for four lines and 10GB of data, although each line is limited to 2.5GB.
Hesse had earlier described subscriber plans Sprint was testing that have tiers of data and unlimited data.
According to Light Reading, Claure also told employees that price cuts are needed because Sprint’s network isn’t at the level of performance and reach that it should be. “When you have a great network, you don’t have to compete on price,” he reportedly said. “When your network is behind, unfortunately you have to compete on value and price.”
IBM To Become Cloud Broker
IBM is in the throes of developing software that will allow organizations to use multiple cloud storage services interchangeably, reducing dependence on any single cloud vendor and ensuring that data remains available even during service outages.
Although the software, called InterCloud Storage (ICStore), is still in development, IBM is inviting its customers to test it. Over time, the company will fold the software into its enterprise storage portfolio, where it can back up data to the cloud. The current test iteration requires an IBM Storewize storage system to operate.
ICStore was developed in response to customer inquiries, said Thomas Weigold, who leads the IBM storage systems research team in IBM’s Zurich, Switzerland, research facility, where the software was created. Customers are interested in cloud storage services but are worried about trusting data with third party providers, both in terms of security and the reliability of the service, he said.
The software provides a single interface that administrators can use to spread data across multiple cloud vendors. Administrators can specify which cloud providers to use through a point-and-click interface. Both file and block storage is supported, though not object storage. The software contains mechanisms for encrypting data so that it remains secure as it crosses the network and resides on the external storage services.
A number of software vendors offer similar cloud storage broker capabilities, all in various stages of completion, notably Red Hat’s DeltaCloud and Hewlett Packard’s Public Cloud.
ICStore is more “flexible,” than other approaches, said Alessandro Sorniotti, an IBM security and cloud system researcher who also worked on the project. “We give customers the ability to select what goes where, depending on the sensitivity and relevance of data,” he said. Customers can store one copy of their data on one provider and a backup copy on another provider.
ICStore supports a number of cloud storage providers, including IBM’s SoftLayer, Amazon S3 (Simple Storage Service), Rackspace, Microsoft Windows Azure and private instances of the OpenStack Swift storage service. More storage providers will be added as the software goes into production mode.
“Say, you are using SoftLayer and Amazon, and if Amazon suffers an outage, then the backup cloud provider kicks in and allows you to retrieve data,” from SoftLayer, Sorniotti said.
ICStore will also allow multiple copies of the software to work together within an enterprise, using a set of IBM patent-pending algorithms developed for data sharing. This ensures that the organization will not run into any upper limits on how much data can be stored.
IBM has about 1,400 patents that relate to cloud computing, according to the company.
Google Expands Malware Blocker
Google has expanded malware blocking in an early development build of Chrome to sniff out a wider range of threats than the browser already recognizes.
Chrome’s current “Canary” build — the label for very-early versions of the browser, earlier than even Chrome’s Dev channel — will post a warning at the bottom of the window when it detects an attempted download of malicious code.
Features added to the Canary build usually, although not always, eventually make it into the Dev channel — the roughest-edged of the three distributed to users — and from there into the Beta and Stable channels. Google did not spell out a timetable for the expanded malware blocking.
Chrome has included malware blocking for more than two years, since version 12 launched in June 2011, and the functionality was extended in February 2012with Chrome 17.
Chrome is now at version 30.
Canary’s blocking, however, is more aggressive on two fronts: It is more assertive in its alerts and detects more malware forms, including threats that pose as legitimate software and monkey with the browser’s settings.
“Content.exe is malicious, and Chrome has blocked it,” the message in Canary reads. The sole visible option is to click the “Dismiss” button, which makes the warning vanish. The only additional option, and that only after another click, is to “Learn more,” which leads to yet another warning.
In Canary, there is no way for the user to contradict the malware blocking.
That’s different than in the current Stable build of Chrome, which relies on a message that says, “This file is malicious. Are you sure you want to continue?” and gives the user a choice between tossing the downloaded file or saving it anyway.
As it has for some time, Chrome will show such warnings on select file extensions, primarily “.exe,” which in Windows denotes an executable file, and “.msi,” an installation package for Windows applications. Canary’s expansion, said Google, also warns when the user tries to download some less obvious threats, including payloads masquerading as legitimate software — it cited screen savers and video plug-ins in a blog posting — that hijack browser settings to silently change the home page or insert ads into websites to monetize the malware.
Google’s malware blocking is part of its Safe Browsing API (application programming interface) and service, which Chrome, Apple’s Safari and Mozilla’s Firefox all access to warn customers of potentially dangerous websites before they reach them.
In Chrome’s case, the malware warning stems not only from the Safe Browsing “blacklist” of dodgy websites, but according to NSS Labs, a security software testing company, also from the Content Agnostic Malware Protection (CAMP) technology that Google has baked into its implementation of Safe Browsing.
MIT Develops Inflatable Antenna
September 17, 2013 by admin
Filed under Around The Net
Comments Off on MIT Develops Inflatable Antenna
Satellites the size of shoe boxes, which are expected to one day allow researchers to explore space more efficiently, will soon have greater range.
MIT researchers have built and tested an inflatable antenna that can fold into such a satellite, then inflate in orbit to enable long range communications — from seven times the distance possible today.
The technology will let the small satellites, called CubeSats, move further into space and send valuable information to scientists back on earth.
“With this antenna, you could transmit from the moon, and even farther than that,” said Alessandra Babuscia, a researcher on the inflatable antenna team at MIT, in a statement. “This antenna is one of the cheapest and most economical solutions to the problem of communication. But all this research builds a set of options to allow the spacecraft … to fly in deep space.”
The MIT effort comes as engineers at the University of Michigan work on ways to propel such small spacecraft into interplanetary space. The team is building a plasma thruster that could fit in a 10-centimeter space and push a small satellite-bearing spacecraft into deep space.
The university researchers using superheated plasma that would push through a magnetic field to propel a CubeSat.
The MIT researchers are seeking to solve the communications problems and enable far-afield CubeSats to send data to and receive instructions from Earth.
The CubeSat devices cannot support radio dishes that are used today to let spacecraft communicate when far from Earth’s orbit.
The inflatable antennas significantly amplifies radio signals, allowing a CubeSat to transmit data back to Earth at a higher rate, according to the university.
MIT engineers have built two prototype antennae, each a meter wide, out of Mylar, which is a polyester film known for its strength and use as an electric insulator. One antenna was a cone shape, while the other looks more like a cylinder when inflated. Each fits into a 10-cubic-centimeter space within a CubeSat.
Each prototype contains a few grams of benzoic acid, which can be converted to a gas to inflate the antenna, MIT noted.
In testing, the cylindrical antenna performed “slightly better” than the cone shaped device, transmitting data 10 times faster, and seven times farther than existing CubeSat antennae.
Developers Hack Dropbox
Two developers have penetrated Dropbox’s security, even intercepting SSL data from its servers and bypassing the cloud storage provider’s two-factor authentication, according to a paper they published at USENIX 2013.
“These techniques are generic enough and we believe would aid in future software development, testing and security research,” the paper says in its abstract.
Dropbox, which claims more than 100 million users upload more than a billion files daily, said the research didn’t actually represent a vulnerability in its servers.
“We appreciate the contributions of these researchers and everyone who helps keep Dropbox safe,” a spokesperson said in an email to Computerworld. “In the case outlined here, the user’s computer would first need to have been compromised in such a way that it would leave the entire computer, not just the user’s Dropbox, open to attacks across the board.”
The two developers, Dhiru Kholia, with the Openwall open source project , and Przemyslaw Wegrzyn, with CodePainters, said they reverse-engineered Dropbox, an application written in Python.
“Our work reveals the internal API used by Dropbox client and makes it straightforward to write a portable open-source Dropbox client,” the paper states. “Additionally, we show how to bypass Dropbox’s two-factor authentication and gain access to users’ data.”
The paper presents “new and generic techniques to reverse engineer frozen Python applications, which are not limited to just the Dropbox world,” the developers wrote.
The researchers described in detail how they were able to unpack, decrypt and decompile Dropbox from scratch. And, once someone has de-compiled its source code, how “it is possible to study how Dropbox works in detail.
“We describe a method to bypass Dropbox’s two-factor authentication and hijack Dropbox accounts. Additionally, generic techniques to intercept SSL data using code injection techniques and monkey patching are presented,” the developers wrote in the paper.
The process they used included various code injection techniques and monkey-patching to intercept SSL data in a Dropbox client. They also used the techniques successfully to snoop on SSL data in other commercial products as well, they said.
The developers are hoping their white hat hacking prompts Dropbox to open source its platform so that it is no longer a “black box.”
IBM Sued Over Disaster
IBM has been hit with a multimillion-dollar lawsuit by chemical products manufacturer Avantor Performance Materials, which alleges that IBM lied about the suitability of an SAP-based software package it sells in order to win Avantor’s business.
In 2010, Avantor decided to upgrade its ERP (enterprise resource planning) platform to SAP software, according to the lawsuit, filed Thursday in U.S. District Court for the District of New Jersey.
“Seizing upon Avantor’s decision — and fully aware that, given the competitive pressures of Avantor’s industry, and the specialized demands of its customers, Avantor could not tolerate any disruptions in customer service — IBM represented that IBM’s ‘Express Life Sciences Solution’ … was uniquely suited to Avantor’s business,” the lawsuit states. “The Express Solution is a proprietary IBM pre-packaged software solution that runs on an SAP platform.”
But Avantor discovered a different truth after signing on with IBM, finding that Express Life was “woefully unsuited” to its business and the implementation brought its operations to “a near standstill,” according to the suit.
IBM also violated its contract by staffing the project with “incompetent and reckless consultants” who made “numerous design, configuration and programming errors,” it states.
In addition, IBM “intentionally or recklessly failed” to tell Avantor about risks to the project and hurried towards a go-live date, the suit alleges.
“To conceal the System’s defects and functional gaps, IBM ignored the results of its own pre-go-live tests, conducted inadequate and truncated testing and instead recommended that Avantor proceed with the go-live as scheduled — even though Avantor had repeatedly emphasized to IBM that meeting a projected go-live date was far less important than having a fully functional System that would not disrupt Avantor’s ability to service its customers,” the suit states.
The resulting go-live, which occurred in May, “was a disaster,” with the system failing to process orders properly, losing some orders altogether, failing to generate need paperwork for U.S. Customs officials and directing “that dangerous chemicals be stored in inappropriate locations,” the suit states.
Avantor has suffered tens of millions of dollars in monetary damages, as well as taken a hit to its reputation among partners and customers, the suit states.
Amazon Goes To Court
Amazon is suing Daniel Powers, its ex VP in charge of global sales for Amazon Web Services because he joined Google in a cloud role.
Taking the new job, asserts Amazon, violates Powers’ non-compete agreement with Amazon, which let Powers go this summer with a reasonable severance package.
There is a risk that Powers could take important information that he learned about the Amazon web services business to its rival, Google, and that is what the firm is seeking to stop.
According to Geekwire Amazon wants an injunction against Powers to prevent him from “engaging in any activities that directly or indirectly support any aspect of Google’s cloud computing business”.
A court filing claims that Amazon has an agreement with Powers that says he will not join a rival for a “limited time following the termination of his employment”.
Powers, it warns, is a veteran who knows the cloud business from “top to bottom”, adding that he has “acquired and currently possesses extensive knowledge of Amazon’s trade secrets and its highly confidential information”.
The complaint says that he has extensive and detailed information about Amazon Web Services’ prospects, business, potential business partners, pricing strategies and goals.
Amazon has not provided us with further comment.
AMD Gives Opteron A Boost
AMD has shown there is a little life left in its Bulldozer Opterons by bumping up the clock speed of five Opteron models.
AMD launched its Bulldozer Opteron processors last November amid widespread anticipation that its brand new Bulldozer architecture would once again make it competitive with Intel. Its new architecture failed to impress, but the company has managed to eek out another 100MHz from five Opteron processors in what is likely to be a last hurrah before Piledriver Opterons make their appearance.
AMD bumped up the clocks by 100MHz on the 16-core Opteron 6284 SE and Opteron 6278 to 2.7GHz and 2.4GHz, respectively, while keeping TDPs the same as before, at 140W and 115W, respectively. The firm gave four Opteron 4200 series chips the same 100MHz bump, including the eight-core Opteron 4276HE to 2.6GHz, the six-core Opteron 4240 to 3.4GHz and the Opteron 4230 to 2.9GHz.
AMD was keen to point out that its speed bumped Opteron chips have been picked by Dell and by HP for 11 of its servers. Although the firm has not been able to compete with Intel’s Xeon chips on perfermance, its chips are considerably cheaper, a fact that AMD is using to win customers.
Although AMD’s 100MHz speed bump isn’t going to set the world on fire, every little bit of performance will help the firm as Intel ploughs on with its hugely impressive Sandy Bridge E and Ivy Bridge Xeon chips. AMD’s answer to Intel’s latest Xeon chips is expected to be the Piledriver Opterons.