Intel’s Security Exec Jumps Ship

Michael Fey has left Intel Security Group to become chief operating officer at Blue Coat. Blue Coat is apparently not the traditional garb of a British Holiday Camp entertainer, but apparently a privately owned network security company.

Fey was one of the few top McAfee managers to stay with the company after it was bought by Intel in 2011. McAfee is now part of Intel Security Group, where Fey had been chief technology officer. Fey said that his role at Blue Coat would be “very similar” to his old job but he was allowed to focus on the cloud and the advanced threats space more.

“Blue Coat had tremendous growth behind the scenes and now I get to focus on taking that growth and trying to get it to the billion-dollar revenue mark,” he told Reuters.

Since the $7.7 billion acquisition by Intel, McAfee has lost senior managers and key talent in technology development, research and sales. At Blue Coat, Fey will replace David Murphy, who will stay on as a strategic adviser to the board.

Source

Google Moves To Drop CAPTCHA

Google announced that it is trying to get rid of those annoying CAPTCHAs required by websites, which is short for Completely Automated Public Turing test to tell Computers and Humans Apart.

Instead of requiring that users fill in the letters and numbers shown in a distorted image, sites that use Google’s reCAPTCHA service will be able to use just one click, answering a simple question: Are you a robot?

“reCAPTCHA protects the websites you love from spam and abuse,” wrote Vinay Shet, product manager for Google’s reCAPTCHA service, in a blog post. “For years, we’ve prompted users to confirm they aren’t robots by asking them to read distorted text and type it into a box… But, we figured it would be easier to just directly ask our users whether or not they are robots. So, we did! ”

Google on Wednesday began rolling out a new API that rethinks the reCAPTCHA experience.

CAPTCHA “can be hard to read and frustrating for people, particularly on mobile devices,” said Zeus Kerravala, an analyst with ZK Research. “People often have to put in the text several times. On the surface, this seems a good way to improve the user experience. It still requires human intervention, just something simpler.”

CAPTCHAs were created to foil computer programs that hackers or spammers use to troll for access to websites or to collect email addresses.

Google said CAPTCHAs are less useful than they have been, although they are still frustrating to everyday users.

“CAPTCHAs have long relied on the inability of robots to solve distorted text,’ wrote Shet. “However, our research recently showed that today’s artificial intelligence technology can solve even the most difficult variant of distorted text at 99.8% accuracy. Thus distorted text, on its own, is no longer a dependable test.”

The new API, along with Google’s ability to analyze a user’s actions — before, during, and after clicking on the reCAPTCHA box — let’s the new technology figure out if the user is human or not.

“The new API is the next step in this steady evolution,” Shet stated. “Now humans can just check the box and in most cases, they’re through the challenge.”

Source

McAfee’s Biometric Software Coming Soon

A McAfee security product that will use biometric technology to authenticate users will be available for download by the end of the year, said Kirk Skaugen, senior vice president and general manager of the PC Client Group at Intel, last week.

“Your biometrics basically eliminate the need for you to enter passwords for Windows log in and eventually all your websites ever again,” Skaugen said.

Further product details were not immediately available. But one of the major inconveniences in using PCs and tablets is remembering passwords, which biometrics can tame.

An average user has about 18 passwords and biometric authentication will make PCs easier to use, Skaugen said.

Biometric authentication isn’t new. It’s being used in Apple Pay, where fingerprint authentication helps authorize credit card payments through the iPhone or iPad. Intel has been working on multiple forms of biometric authentication through fingerprint, gesture, face and voice recognition.

McAfee is owned by Intel, and the chip maker is building smartphone, tablet and PC technology that takes advantage of the security software. Intel has also worked on biometric technology for wearable devices like SMS Audio’s BioSport In-Ear Headphones, which can measure a person’s heart rate.

Intel also wants to make PCs and tablets easier to use through wireless charging, display, docking and data transfers. Such capabilities would eliminate the need to carry power brick and cables for displays and data transfers. Such capabilities will start appearing in laptops next year with sixth-generation Core chips code-named Skylake, which will be released in the second half.

Source

Sony Launches SDK For SmartEyeglass

Sony has rolled out an SDK (software development kit) for its SmartEyeglass head-mounted display, another step toward challenging Google Glass.

The glasses can connect to Android smartphones via Bluetooth and project green monochrome text or basic graphics across a field within the lenses.

Sony said it will begin sales of the eyewear to developers by March 31, the end of its fiscal year. They will be sold in Japan, the U.S. and some European countries.

The Developer Preview SDK includes an emulator, tutorials, sample code and design guidelines to make the most of the device’s hardware and sensors including an accelerometer, gyroscope and brightness sensor.

The glasses, which weigh 77 grams, are more than 85 percent transparent and include a camera that can shoot 3-megapixel images and VGA video.

Sony has emphasized that the glasses project images to a user’s natural line of sight, which differs from the Google Glass display set in a corner.

“Sony’s competitive edge lies in our achievement of a thin lens with high transparency thanks to our unique holographic light guide plate technology, which enables us to provide a bright field of vision,” a Sony spokeswoman wrote in an email.

“Furthermore, the screen size is large, and images and text are displayed from the front for both eyes (not only one eye) to facilitate easier viewing and prevent eye fatigue.”

The price for the glasses as well as availability of a consumer version are still to be decided, she added.

Bulky prototype versions of the glasses were shown at the IFA and CES electronics shows earlier this year.

Potential applications include displaying cooking instructions for chefs, running time for joggers and messages from friends.

Augmented reality-style functions are also possible, such as displaying information when a user looks at a certain bottle of wine, facial recognition or navigation information in an unfamiliar city.

Source

HTTP2 Procotol Nears Completion

When it comes to amping up traffic over the Internet, sometimes too much of a good thing may not be such a good thing at all.

The Internet Engineering Task Force is putting the final touches on HTTP/2, the second version of the Hypertext Transport Protocol (HTTP). The working group has issued a last call draft, urging interested parties to voice concerns before it becomes a full Internet specification.

Not everyone is completely satisfied with the protocol however.

“There is a lot of good in this proposed standard, but I have some deep reservations about some bad and ugly aspects of the protocol,” wrote Greg Wilkins, lead developer of the open source Jetty server software, noting his concerns in a blog item posted Monday.

Others, however, praise HTTP/2 and say it is long overdue.

“A lot of our users are experimenting with the protocol,” said Owen Garrett, head of products for server software provider NGINX. “The feedback is that generally, they have seen big performance benefits.”

First created by Web originator Tim Berners-Lee and associates, HTTP quite literally powers today’s Web, providing the language for a browser to request a Web page from a server.

Version 2.0 of HTTP, based largely on the SPDY protocol developed by Google, promises to be a better fit for how people use the Web.

“The challenge with HTTP is that it is a fairly simple protocol, and it can be quite laborious to download all the resources required to render a Web page. SPDY addresses this issue,” Garrett said.

While the first generation of Web sites were largely simple and relatively small, static documents, the Web today is used as a platform for delivering applications and bandwidth intensive real-time multimedia content.

HTTP/2 speeds basic HTTP in a number of ways. HTTP/2 allows servers to send all the different elements of a requested Web page at once, eliminating the serial sets of messages that have to be sent back and forth under plain HTTP.

HTTP/2 also allows the server and the browser to compress HTTP, which cuts the amount of data that needs to be communicated between the two.

As a result, HTTP/2 “is really useful for organization with sophisticated Web sites, particularly when its users are distributed globally or using slower networks — mobile users for instance,” Garrett said.

Source

Was Dropbox Really Hacked?

Dropbox suffered a major outage over the weekend.

In one of the more bizarre recent incidents, after the service went down on Friday evening a group of hackers claimed to have infiltrated the service and compromised its servers.

However, on the Dropbox blog, Dropbox VP of engineering Ardita Ardwarl told users that hackers were not to blame.

Ardwari said, “On Friday evening we began a routine server upgrade. Unfortunately, a bug installed this upgrade on several active servers, which brought down the entire service. Your files were always safe, and despite some reports, no hacking or DDOS attack was involved.”

The fault occurred when a bug in an upgrade script caused an operating system upgrade to be triggered on several live machines, rendering them inoperative. Although the fault was rectified in three hours, the knock-on effects led to problems that lasted through the weekend for some users.

Dropbox has assured users that there are no further problems and that all users should now be back online. It said that at no point were files in danger, adding that the affected machines didn’t host any user data. In other words, the “hackers” weren’t hackers at all, but attention seeking trolls.

Dropbox claims to have over 200 million users, many of which it has acquired through strategic partnerships with device manufacturers offering free storage with purchases.

Source

The company is looking forward to an initial public offering (IPO) on the stock market, so the timing of such a major outage could not be worse. Dropbox, which includes Bono and The Edge from U2 amongst its investors, has recently enhanced its business offering to appeal to enterprise clients, and such a loss of uptime could affect its ability to attract customers.

T Mobile Sees Growth

T-Mobile US has reported a fourth-quarter boost in customer growth and offered to pay customers to ditch rival service providers, escalating already intense competition in the U.S. wireless market.

The company, the No. 4 U.S. mobile operator, promised payments of up to $350 per line to consumers who break their contract with any of its bigger rivals and switch to T-Mobile.

The offer came just days after AT&T Inc promised a $200 credit to T-Mobile customers who switch. While AT&T also offered up to $250 for switching customers who trade in their phone, T-Mobile said it would pay up to $300 for trade-ins.

The companies have been targeting each other because they use the same network technology, making it easy for consumers to bring their phone when they switch, but some on Wall Street are concerned they will cause an industry-wide price war.

T-Mobile said it hoped that whole families as well as individuals would switch to its service in response to the new cash offer, which is aimed at covering early contract termination fees typically charged by wireless operators.

John Legere, the outspoken chief executive of T-Mobile, said he hoped the offer would end the “industry scam” of family plans, which tie entire families into long-term contracts.

Legere joked that AT&T’s recent offer would actually play to T-Mobile’s advantage because it would allow AT&T customers to try a different service with less financial risk than before.

“If it doesn’t work they’ll pay you to come back,” Legere said in announcing the offer at the Consumer Electronics Show in Las Vegas.

T-Mobile, which is 67 percent owned by Deutsche Telekom, managed to turn the corner on four years of customers losses in 2013 by criticizing its rivals and promoting its service plans as being more flexible and consumer friendly.

It said it added 1.645 million net customers in the fourth quarter, up from 1.023 million in the quarter before, marking its third quarter of customer growth for 2013.

The fourth-quarter additions included 869,000 valuable post-paid customers, which was up 13 percent from the third quarter, according to the company.

It said customer defections, known in the industry as churn, stayed at third-quarter levels of 1.7 percent and compared with 2.5 percent in the fourth quarter of 2012.

Source

NSA Developing System To Crack Encryption

The U.S. National Security Agency is working to develop a computer that could ultimately break most encryption programs, whether they are used to protect other nations’ spying programs or consumers’ bank accounts, according to a report by the Washington Post.

The report, which the newspaper said was based on documents leaked by former NSA contractor Edward Snowden, comes amid continuing controversy over the spy agency’s program to collect the phone records Internet communications of private citizens.

In its report, The Washington Post said that the NSA is trying to develop a so-called “quantum computer” that could be used to break encryption codes used to cloak sensitive information.

Such a computer, which would be able to perform several calculations at once instead of in a single stream, could take years to develop, the newspaper said. In addition to being able to break through the cloaks meant to protect private data, such a computer would have implications for such fields as medicine, the newspaper reported.

The research is part of a $79.7 million research program called “Penetrating Hard Targets,” the newspaper said. Other, non-governmental researchers are also trying to develop quantum computers, and it is not clear whether the NSA program lags the private efforts or is ahead of them.

Snowden, living in Russia with temporary asylum, last year leaked documents he collected while working for the NSA. The United States has charged him with espionage, and more charges could follow.

His disclosures have sparked a debate over how much leeway to give the U.S. government in gathering information to protect Americans from terrorism, and have prompted numerous lawsuits.

Last week, a federal judge ruled that the NSA’s collection of phone call records is lawful, while another judge earlier in December questioned the program’s constitutionality. The issue is now more likely to move before the U.S. Supreme Court.

On Thursday, the editorial board of the New York Times said that the U.S. government should grant Snowden clemency or a plea bargain, given the public value of revelations over the National Security Agency’s vast spying programs.

Source

Adobe Data Found Online

A computer security firm has discovered data it says belongs to some 152 million Adobe Systems Inc user accounts, suggesting that a breach reported a month ago is much larger than Adobe has so far disclosed and is one of the largest on record.

LastPass, a password security firm, said that it has found email addresses, encrypted passwords and password hints stored in clear text from Adobe user accounts on an underground website frequented by cyber criminals.

Adobe said last week that attackers had stolen data on more than 38 million customer accounts, on top of the theft of information on nearly 3 million accounts that it disclosed nearly a month earlier.

The maker of Photoshop and Acrobat software confirmed that LastPass had found records stolen from its data center, but downplayed the significance of the security firm’s findings.

While the new findings from LastPass indicate that the Adobe breach is far bigger than previously known, company spokeswoman Heather Edell said it was not accurate to say 152 million customer accounts had been compromised because the database attacked was a backup system about to be decommissioned.

She said the records include some 25 million records containing invalid email addresses, 18 million with invalid passwords. She added that “a large percentage” of the accounts were fictitious, having been set up for one-time use so that their creators could get free software or other perks.

She also said that the company is continuing to work with law enforcement and outside investigators to determine the cost and scope of the breach, which resulted in the theft of customer data as well as source code to several software titles.

The company has notified some 38 million active Adobe ID users and is now contacting holders of inactive accounts, she said.

Paul Stephens, director of policy and advocacy for the non-profit Privacy Rights Clearinghouse, said information in an inactive database is often useful to criminals.

He said they might use it to engage in “phishing” scams or attempt to figure out passwords using the hints provided for some of the accounts in the database. In some cases, people whose data was exposed might not be aware of it because they have not accessed the out-of-date accounts, he said.

“Potentially it’s the website you’ve forgotten about that poses the greater risk,” he said. “What if somebody set up an account with Adobe ten years ago and forgot about it and they use the same password there that they use on other sites?”

Source

Google Snubs Privacy

Search giant Google has told the British government it is immune to prosecution on privacy issues and it can do what it like. The US Company is accused of illegally snooping on its British customers by bypassing privacy settings on Apple devices, such as iPads, to track their browsing history.

A group of British people took Google to court but the search engine is trying to get the case thrown out. Its argument is that it is not subject to British privacy law because it is based in California. This is the second time that Google has tried to avoid British law by pretending to operate in another country. It has come under fire for failing to pay tax in the UK

Nick Pickles, director of Big Brother Watch, said: ‘It is deeply worrying for a company with millions of British users to be brazenly saying they do not regard themselves bound by UK law. Solicitor Dan Tench, of law firm Olswang, said this was another instance of Google being here when it suits them and not being here when it doesn’t. Ironically when the US ordered Google to stop what it was doing, it forced the search engine to pay a $22.5million to regulators.

There are some indications that Google may not get its way. In July the Information Commissioner’s Office told Google its privacy rules breached UK law so it will be very hard for it to stand up in court and say it didn’t.

Source

« Previous Page — Next Page »