Flustered over Win10's surveillance habits? Have you met Predix?

Subject: General Tech | October 14, 2014 - 06:28 PM |
Tagged: predix, Cisco, Intel, GM, verizon, Privacy, security

GM's Predix asset management platform has been used for a while now, after they came to the realization that they were in the top 20 of the largest software developers on the planet.  They found that by networking the machines in their factories as well as products that have been shipped to customers and are seeing active use that they could increase the efficiency of their factories and their products.  They were aiming for 1% increase, which when you consider the scale of these industries can equate to billions of dollars and in many cases they did see what they had hoped for.

Now Cisco and Intel have signed up to use the Predix platform for the same results, however they will be applying it to the Cloud and edge devices as well as the routers and switches Cisco specializes in.  This should at the very least enhance the ability to monitor network traffic, predict resource shortages and handle outages with a very good possibility of a small increase in performance and efficiency across the board.  This is good news to those who currently deal with the cloud but it is perhaps worth noting that you will be offering up your companies metrics to Predix and you should be aware of any possible security concerns that may raise because of that integration to another system.  You could however argue that once you have moved to the cloud that this is already happening.

img_predix_feature_big_data.jpg

"GE, Intel, Cisco, and Verizon have announced a big data deal to connect Predix — GE’s software platform — to machines, systems, and edge devices regardless of manufacturer."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Symantec starts a non-destructive reformat

Subject: General Tech | October 10, 2014 - 12:30 PM |
Tagged: symantec, security, norton, billions

Symantec is splitting its self down the middle, with one side focusing on their antivirus and security products, which apparently still sell and are not just bundled with new laptops and computers, and the other handling information management.  Considering they made nearly $7 billion last year someone must be buying their software and even more shocking they must be renewing the license which came with the new machine. Those commenting on Slashdot immediately tried to help Norton out by suggesting that one side should create and spread viruses while the other should come in like a white knight and slay them.  That would certainly make it a more interesting read; even so the fact that Symantec is still alive and prospering is enough of a shock for a Friday morning.

Symantec-Logo.jpg

"Symantec announced plans on Thursday to split into two separate, publicly traded companies – one focused on security, the other focused on information management. The company's security business generated $4.2 billion in revenue in fiscal year 2014 while its information management business meanwhile hit revenues of $2.5 billion. "As the security and storage industries continue to change at an accelerating pace, Symante c's security and IM businesses each face unique market opportunities and challenges," Symantec CEO Michael A. Brown, who officially took over as CEO last month, said in a statement."

Here is some more Tech News from around the web:

Tech Talk

Source: Slashdot

Rooting your Android in the name of security

Subject: General Tech | August 22, 2014 - 01:30 PM |
Tagged: byod, security, Android

In the new BYOD corporate crapshoot Android devices are frequently connecting to secure resources which raises security concerns for many IT workers.  The OS is not as secure as many would like it to be; good enough for home use but not for those who truly want to keep their data secure.  The majority of the exploits come from insecure apps as opposed to an inherent problem with the OS which has lead to a group proposing an Android Security Module Framework.  Root the phone once to add these to Android and enable the ability to restrict the capability of apps to share unnecessarily while not preventing the apps from running.  The example offered to The Register was the ability to stop Whatsapp from uploading contact information without preventing the app from functioning.  This could also allow you to configure a phone in a way similar to Blackberry's Balance feature, segregating work data from personal.

images.jpg

"An international group of researchers believes Android needs more extensible security, and is offering up a framework they hope either Google or mobe-makers will take for a spin."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

A Summary of the Recent Open Source Security News

Subject: General Tech | June 1, 2014 - 04:04 AM |
Tagged: TrueCrypt, security, openssl, openssh, heartbleed

This week has been most notable for security, as previous news suggests. TrueCrypt, the popular file encryption suite, lost its developers when they wanted to call it quits -- right in the middle of its audit. While on that topic, OpenSSL is being given money and full-time developers, in response to the recent Heartbleed fiasco. OpenSSH and Network Time Protocol, and others in the future, are also being given love.

Yes, these are two separate pieces of news that are combined into a single article.

TrueCrypt_Logo.png

Earlier, we reported on TrueCrypt's mysterious implosion. The developers' alleged last advice, use closed source solutions or whatever comes up on a random package manager search, I considered too terrible to have been from them. Seriously, from "Trust No-One" to "Trust Who Knows". Just does not seem right...

Since the article, they have apparently been contacted and confirmed that the project is being shut down. That said, it seems like basically every source cites the third-party auditors and no-one else seemed to have direct contact with them -- so who knows. Regardless, the audit is apparently still going on and might lead to a usable fork maintained by someone else.

As for the second piece of news -- several other libraries are getting serious security audits. Apparently, The Linux Foundation has arranged for a long list of companies to commit $5.4 million, over three years, to audit and maintain these projects. As mentioned, OpenSSL, OpenSSH, and Network Time Protocol are the first three mentioned, but others will be included later. Also, that budget can increase as other companies and donors step up.

Currently, the donors are: Adobe, Amazon, Bloomberg, Cisco, Dell, Facebook, Fujitsu, Google, HP, Huawei, IBM, Intel, Microsoft, NetApp, Qualcomm, Rackspace, Salesforce, and VMware. Eighteen companies, each pledging $100,000 per year for three years.

All in all, it seems like the world is on the path to righting itself, somewhat.

Source: Ars Technica

Securing the Internet of Things

Subject: General Tech | May 23, 2014 - 01:27 PM |
Tagged: internet of things, security, Intel

Karen Lomas is Intel's director of the Internet of Things, from smart buildings to fridges and watched and she sat down to discuss the security of these devices and the future of ubiquitous computing.  Intel expects that by 2020 there will be 26 billion internet connected devices and if we do not start to think about how to secure them now it will have serious repercussions in the future.  There is a balance which needs to be struck so that consumers will not avoid using these devices because of security concerns nor because they are too restrictive to easily be used.  As befits a Friday the discussion comes in video form.

Smart-Light-Bulb-Philips.jpg

"THE INQUIRER and Intel held an Internet of Things (IoT) event in London this week, where we sat down with IT professionals from a range of industry sectors to discuss how the growing thirst for internet-connected devices can be used in business, and how this should be done."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

Why should you be worried about the FreeBSD credentials leak?

Subject: General Tech | May 2, 2014 - 02:01 PM |
Tagged: freebsd, security

You may not use it as your main OS but there is a chance your TV, PlayStation and quite possibly a lot of your networking gear runs on a version of FreeBSD.  While the repercussions are likely to be limited to a kernel crash which is annoying but not overly concerning researchers do suggest it is possible a talented attacker could get hold of at least some of the contents of the kernel's memory.  You probably shouldn't panic like your kernel could but following the link from The Register and patching is probably a good idea.

images.jpg

"Got FreeBSD? Get busy on the patch, because a problem with its TCP ordering has emerged, with both denial-of-service and data leakage as possible effects."

Here is some more Tech News from around the web:

Tech Talk

Source: The Register

Beema Mullins down for your next mobile system

Subject: General Tech | April 29, 2014 - 04:14 PM |
Tagged: TrustZone, security, Puma+, Mullins, mobile, Kabini, Jaguar, boost, beema, amd, AM1

Beema and Mullins have arrived and by now you must have read Josh's coverage but you might be aching for more.  The Tech Report were present at the unveiling and came prepared, with a USB 3.0 solid-state drive containing their own preferred testing applications and games.  Not only do you get a look at how the Mullins tablet handled the testing you can see how it compares to Kabini and Bay Trail.  Check out the performance results as well as their take on the power consumption and new security features on the new pair of chips from AMD which come bearing more gifts than we had thought they would.

discovery-angle.jpg

"A couple weeks ago, AMD flew us down to its Austin, Texas campus for a first look at Mullins and Beema, two low-power APUs aimed at the next wave of Windows tablets and low-cost laptops. Today, we're able to share what we learned from that expedition—as well as benchmarks from the first Mullins tablet."

Here is some more Tech News from around the web:

Tech Talk

Author:
Subject: Processors
Manufacturer: AMD

AMD Makes some Lemonade...

I guess we could say that AMD has been rather busy lately.  It seems that a significant amount of the content on PC Perspective this month revolved around the AMD AM1 platform.  Before that we had the Kaveri products and the R7 265.  AMD also reported some fairly solid growth over the past year with their graphics and APU lines.  Things are not as grim and dire as they once were for the company.  This is good news for consumers as they will continue to be offered competing solutions that will vie for that hard earned dollar.

amd_bm_02.jpg

AMD is continuing their releases for 2014 with the announcement of their latest low-power and mainstream mobile APUs.  These are codenamed “Beema” and “Mullins”, but they are based on the year old Kabini chip.  This may cause a few people to roll their eyes as AMD has had some fairly unimpressive refreshes in the past.  We saw the rather meager increases in clockspeed and power consumption with Brazos 2.0 a couple of years back, and it looked like this would be the case again for Beema and Mullins.

It isn’t.

I was again expecting said meager improvements in power consumption and clockspeeds that we had received all those years ago with Brazos 2.0.  Turns out I was wrong.  This is a fairly major refresh which does a few things that I did not think were entirely possible, and I’m a rather optimistic person.   So why is this release surprising?  Let us take a good look under the hood.

Click here to read the entire Beema/Mullins introduction!

An android app you really should install

Subject: General Tech | March 6, 2014 - 01:32 PM |
Tagged: security, Android, antimalware, PUPs

Malwarebytes have recently updated their Android app to hunt down and slay PUPs, aka potentially unwanted programs or bloatware.  These are the apps which harvest an excessive amount of personal data without making it clear why they do so as well as those which use questionable tricks to present ads to the user even when they are not actively using those apps.  This is more than security, it will hunt down apps that drain the battery or simply demand more access that they reasonably should.  This could be somewhat of a concern for developers who's apps are flagged as PUPs but the user will get the choice to allow the app to continue to run as it has in the past.  Learn more at The Inquirer.

unnamed.png

"ANTI-MALWARE FIRM Malwarebytes has updated its free mobile security app to protect users from the rise of what it calls "Potentially Unwanted Programs" (PUPs) affecting Android users."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer

A wee little Linux bug

Subject: General Tech | March 5, 2014 - 02:47 PM |
Tagged: linux, security

It would seem that there is a fairly problematic bug in the way that GnuTLS library applies encryption for many Linux users.  According to the story on The Inquirer this bug could allow an improperly setup certificate to be reported as valid and while your connection states it is secure it will not in fact be encrypted.  Red Hat has already issued a patch to solve this problem but the vulnerability would apply to any distro which uses the GnuTLS library.  It would be wise to follow the link from the story to locate a patch for your system before attackers start using it in the wild.

index.jpg

"THOUSANDS OF LINUX USERS might be vulnerable to hackers after it emerged that a significant certificate checking bug exists in a low level library.

The problem stems from the GnuTLS library that provides an API to enable SSL, TLS and DTLS encryption protocols, as used particularly by web servers."

Here is some more Tech News from around the web:

Tech Talk

Source: The Inquirer