Friday, January 3, 2014

LG heads to Las Vegas with a 980 gram laptop

LG Electronics is expanding its line-up of Windows PCs with a number of new products, including the 13Z940 Ultra PC laptop, which has a 13.3-inch full HD screen and weighs 980 grams.

The laptop along with the Tab-Book 2 family and an all-in-one PC will be on display at the International CES trade show in Las Vegas between Jan. 7 and 10.

The 13Z940 is powered by a Haswell-based Core i5 processor and has up to 256GB of SSD storage. The laptop is 13.6 millimeters at its thickest point and the screen has a 4.4 millimeter bezel. It also has what LG calls a reader mode, allowing users to "alter the background of any on-screen image to resemble paper, reducing eye-strain and energy consumption," the company said.

IDG News Service - LG Electronics is expanding its line-up of Windows PCs with a number of new products, including the 13Z940 Ultra PC laptop, which has a 13.3-inch full HD screen and weighs 980 grams.

The laptop along with the Tab-Book 2 family and an all-in-one PC will be on display at the International CES trade show in Las Vegas between Jan. 7 and 10.

The 13Z940 is powered by a Haswell-based Core i5 processor and has up to 256GB of SSD storage. The laptop is 13.6 millimeters at its thickest point and the screen has a 4.4 millimeter bezel. It also has what LG calls a reader mode, allowing users to "alter the background of any on-screen image to resemble paper, reducing eye-strain and energy consumption," the company said.

The two new Tab-Book 2 models have a slide-out QWERTY keyboard hidden under an 11.6-inch touchscreen. The 11T740 flagship model is also powered Core i5 Haswell processor. It has a full HD display and weighs 1.05 kilograms. The simpler 11T540 is a bit lighter at 930 grams, but it remains to be seen what LG has done to the hardware specification to get there.

The new all-in-one PC has a 27-inch full HD screen and a GeForce GT 740M graphics card from Nvidia. LG hopes consumers will use the unit as both a computer and a TV. Users can switch from computer to TV mode using the included remote without having to reboot the PC, according to LG.

LG didn't offer any details on the pricing or when the new products will become available, but that will likely be announced at CES. Other products LG has said it will show in Las Vegas include an all-in-one PC running Google's Chrome OS and a curved 105-inch 4K TV with a 21:9 aspect ratio, which makes it wider than traditional widescreen TVs.

Send news tips and comments to mikael_ricknas@idg.com

The IDG News Service is a Network World affiliate.


View the original article here

As customers fume, Microsoft promises Surface Pro 2 firmware fix ASAP

Even as Microsoft promised to speed up work on a re-release for a flawed Surface Pro 2 firmware update, customers continued to damn the company for the fiasco.

Microsoft yanked the firmware update earlier this month, about a week after it shipped the non-security fixes on Dec. 10. Surface Pro 2 owners had complained that the update reduced their tablets' battery life and spontaneously changed how the devices went into or out of the power-saving sleep mode.

Originally, Microsoft said that it would re-release the firmware update "after the holidays," which the company confirmed should be interpreted as some point after New Years Day, or Jan. 1, 2014.

Computerworld - Even as Microsoft promised to speed up work on a re-release for a flawed Surface Pro 2 firmware update, customers continued to damn the company for the fiasco.

Microsoft yanked the firmware update earlier this month, about a week after it shipped the non-security fixes on Dec. 10. Surface Pro 2 owners had complained that the update reduced their tablets' battery life and spontaneously changed how the devices went into or out of the power-saving sleep mode.

Originally, Microsoft said that it would re-release the firmware update "after the holidays," which the company confirmed should be interpreted as some point after New Years Day, or Jan. 1, 2014.

However, this week the Redmond, Wash. company revised its timeline. "We are working to release an alternative update package as soon as possible," a spokeswoman said via email on Thursday. She declined to be more specific about the re-release's availability, reiterating only that it would be ASAP.

Microsoft has not said whether the update will repair already-affected Surface Pro 2 tablets.

By the comments posted to Microsoft's Surface Pro 2 support forum, many owners had run out of patience.

"Come on Microsoft -- give us a date for release of a fix -- confirm what an update will fix and exactly when it will be available," said TrevM in a message posted Thursday on one of the longest support threads about the firmware problems. "My [Surface Pro 2] is now a major pain. All I want to do is use it and not spend hours trying to make it stable when this is the least I would expect!"

Some customers have returned their Surface Pro 2 tablets for replacements, or simply given up on the device.

"I'm quite fortunate that I had just purchased my machine 2 weeks ago," said someone who identified himself as Mario. "I took my 128GB model back and exchanged it for a new 128GB pre-update, and what a difference. It was night and day." "I am a consumer and accountant and dropped $1,100 on the Surface Pro 2 last month with my bonus money," a Computerworld reader reported via email Friday. "Now the thing won't turn on. I will bring it back to Best Buy." Microsoft launched the Surface Pro 2, its second-generation Intel-powered tablet, in late September.

It has had to pull flawed updates before -- in October, Microsoft yanked the Windows RT 8.1 update after customers reported it "bricked" their tablets -- but typically the firm reissues fixes within a few days.

The slower response to the Dec. 10 issues may have been due to engineering staff shortages during the holidays, the complexity of a fix or a combination of the two.

A few people took the problems in stride, and urged people to be patient. But others said the update had soured them on Microsoft and its 2-in-1 tablet.

"I think the question is no longer 'When does this get fixed?' It's been too long already," said beemr on Tuesday in another long thread. "Now the question is, 'How does Microsoft regain our trust?' It is absurd that they haven't released a firmware [update] that would at the very least just undo the Dec. 10 update. It would seem to me that the overheating (twice for me) and constant charging, draining, charging would take a toll on the lifespan of our SP2's. Microsoft needs to take ownership and extend its standard and Microsoft Complete warranties by at least another year."


View the original article here

IT pro's revitalization guide 2014

No matter how long you've been in IT, it's always a good idea to pause periodically and take stock of your professional and personal progress.

Why not take a few moments to read through the best of Computerworld's management and career coverage? Scroll down to browse the complete list or click a link to skip directly to your chosen topic.

Computerworld - No matter how long you've been in IT, it's always a good idea to pause periodically and take stock of your professional and personal progress.

Why not take a few moments to read through the best of Computerworld's management and career coverage? Scroll down to browse the complete list or click a link to skip directly to your chosen topic.

To continue reading, register here to become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.


View the original article here

The security industry found its dream enemy in 2013 -- and new technical challenges too

IDG News Service - 2013 was the year we learned we must encrypt our data if we don't want the likes of the U.S. National Security Agency or the U.K. Government Communications Headquarters reading it as it crosses the Internet.

The security industry has the enemy it always dreamed of to help it make the case for encryption adoption, but users looking to secure their data and communications need to be wary of claims made in marketing messages. Securing data in motion is the priority, experts say, and some large Internet firms are already making progress in this area, but encrypting data at rest without losing its usefulness will prove a greater challenge.

"The NSA's surveillance has opened the eyes of many people around the world," Lamar Bailey, director of security research and development at security firm Tripwire said via email. "Security professionals have always known that this style of surveillance is possible with the right resources, but this episode has been a big wake-up call for everyone. Many countries and companies outside the U.S. are now taking a harder, more in-depth look at software and hardware that comes from the U.S., although the silver lining is that mainstream users are now more concerned with encrypting data and reviewing how their information is being shared."

The public debate sparked by the surveillance revelations in recent months has prompted some encouraging responses already: Google has encrypted the links between its data centers; Yahoo is working to do the same and has promised to enable SSL encryption by default for webmail and other services, and Twitter has enabled an SSL feature called forward secrecy, already implemented by Google and Facebook, which makes mass decryption of SSL traffic hard even if the website operator's master private key is compromised.

Some software vendors started developing alternatives to existing communication technologies, with the goal of providing end-to-end encryption and making upstream data interception harder. Secure communications provider Silent Circle launched an effort called the Dark Mail Alliance to develop a private a secure email protocol that encrypts metadata, not just message contents; Pirate Bay co-founder Peter Sunde is working with others on a secure crowd-funded mobile messaging application called Hemlis with distributed infrastructure hosted in privacy-friendly jurisdictions, and BitTorrent, the company behind the popular file-sharing protocol of the same name, is developing a peer-to-peer instant messaging application that encrypts messages directly between users and doesn't rely on central servers.

These and other examples send a clear message: securing the data transport channels to prevent unwanted upstream interception is a priority. The Internet Engineering Task Force, an organization that develops Internet standards, is already working toward this goal. Together with other Internet infrastructure groups, IETF expressed concern that the reported mass monitoring and surveillance by government agencies undermines the trust and confidence of Internet users globally.

The IDG News Service is a Network World affiliate.


View the original article here

In exascale, Japan stands apart with firm delivery plan

Japan intends to deliver an exascale supercomputer in six years. The firm completion date makes Japan novel among the nations in the race to build exascale systems.

The Riken Advanced Institute for Computational Science in Kobe, Japan, already home to that nation's largest computer system, said last week it will lead Japan's exascale program, with "successful development of the exascale supercomputer scheduled for completion by 2020."

"We will devote our energy to this project," said Kimihiko Hirao, director of the Riken institute, in a statement. An exascale system "will be a great boon for science and technology, as well as industry," he said.

Computerworld - Japan intends to deliver an exascale supercomputer in six years. The firm completion date makes Japan novel among the nations in the race to build exascale systems.

The Riken Advanced Institute for Computational Science in Kobe, Japan, already home to that nation's largest computer system, said last week it will lead Japan's exascale program, with "successful development of the exascale supercomputer scheduled for completion by 2020."

"We will devote our energy to this project," said Kimihiko Hirao, director of the Riken institute, in a statement. An exascale system "will be a great boon for science and technology, as well as industry," he said.

The U.S., meanwhile, is aiming for an "early 2020s" delivery of an exascale system , a Dept. of Energy official said during a presentation that coincided with the annual supercomputing conference, SC13, in November.

In December, Congress approved a fiscal 2014 defense budget bill that requires development of an exascale system within a 10-year period, or by 2024. This is an improvement over an earlier Senate defense funding bill that included a "20 year plan."

The Europeans are developing an ARM-based exascale system and have set a delivery goal of 2020. That goal, though, doesn't have the stake-in-the-ground clarity of Japan. China, which presently operates the world's fastest supercomputer according to the Top 500 rankings, is believed to be targeting 2018-2020 timeframe for exascale delivery, but has not yet made an official announcement.

An exascale system is capable of a quintillion, or a million trillion, floating point operations per second. It is approximately 1,000 faster than a single petaflop system. The fastest systems in use today are well under 50 petaflops.

Exascale development may be a race but no one has yet defined what will constitute a winner. Today, the fastest supercomputers are determined by their ranking on the Top 500 list. But if a nation deploys an exascale system that uses 100 MWs of power, and another nation deploys one two years later with technology that uses a third as much power, which nation has won?

It now costs about $1 million a year to run a 1 megawatt system, and current supercomputers are already in the range of 10 megawatts. There are numerous technical challenges to reduce those power requirements.

For instance, memory is a major challenge for exascale developers. DRAM memory is too slow and expensive to support exascale, but scientists aren't sure yet what will replace it.

Along with the race to deliver exascale, another technology competition is taking shape: quantum computing.

The U.K. last month said it is investing $444 million in quantum computing over the next five years. The money will fund a network of quantum computing centers.

"Science is a personal priority of mine," said U.K. Chancellor George Osborne, in a speech last month outlining the quantum computing effort.

Quantum computing uses subatomic particles and has the potential to leapfrog all other forms of computing. Today, computation is based on bits that can be either 0 or 1, with calculations done one after the other. But quantum can hold those states, 0 and 1, simultaneously increasing processing power exponentially.


View the original article here

Apple, Cisco, Dell unhappy over alleged NSA back doors in their gear

Germany's Der Spiegel newsmagazine reported Monday that the U.S. National Security Agency has for years compromised a wide range of hardware devices, including PCs, iPhones, hard drives, and network routers, as part of its spying activities. The NSA also installed back doors into European telecom networks and into BlackBerry's network operations center to spy on communications, the Der Spiegel report says.

The spy agency's Tailored Access Operations (TAO) unit is alleged to have installed such hidden access methods in a variety of devices from Apple, Cisco Systems, Dell, Huawei, Juniper, Maxtor, Samsung, Seagate, and Western Digital, among others. Although the precise methods are unclear, many seem to involve installation of monitoring software or modified firmware -- some on devices intercepted in transit from vendors to their customers.

+ Also on NetworkWorld: Notable deaths of 2013 in Technology, Science & Inventions +

InfoWorld - Germany's Der Spiegel newsmagazine reported Monday that the U.S. National Security Agency has for years compromised a wide range of hardware devices, including PCs, iPhones, hard drives, and network routers, as part of its spying activities. The NSA also installed back doors into European telecom networks and into BlackBerry's network operations center to spy on communications, the Der Spiegel report says.

The spy agency's Tailored Access Operations (TAO) unit is alleged to have installed such hidden access methods in a variety of devices from Apple, Cisco Systems, Dell, Huawei, Juniper, Maxtor, Samsung, Seagate, and Western Digital, among others. Although the precise methods are unclear, many seem to involve installation of monitoring software or modified firmware -- some on devices intercepted in transit from vendors to their customers.

+ Also on NetworkWorld: Notable deaths of 2013 in Technology, Science & Inventions +

[ Prevent corporate data leaks with Roger Grimes' "Data Loss Prevention Deep Dive" PDF expert guide, only from InfoWorld. | For quick, smart takes on the news you'll be talking about, check out InfoWorld TechBrief -- subscribe today. ]

Apple, Cisco Systems, Dell, and Huawei have all responded publicly expressing concern over the alleged back doors and promising to inform customers of any vulnerabilities found. All said they were unaware of any vulnerabilities or of the TAO program. The Der Spiegel report says the companies did not appear to have cooperated with the NSA to install the back doors, and Apple today said bluntly that it has never worked with the NSA on any such efforts on any products, comparing the NSA to hackers and saying it would "defend our customers from security attacks, regardless of who's behind them."

The purported iPhone back door has gained much attention. The NSA slides that Der Spiegel says it obtained show that in 2008 the NSA figured out how to install spyware in the iPhone, though it required hands-on access to the device. The slides claim the NSA was working on ways to remotely install such spyware. It is unclear whether the NSA succeeded in its remote-installation efforts and if so for what versions of iOS.

It's common for spy agencies to install spyware on specific people's devices; China's agents routinely install spyware on Western business travelers' PCs and mobile devices, for example, and the ongoing revelations by ex-NSA contractor Edward Snowden show that the U.S. and other major powers spy on others' citizens as aggressively as the Chinese have long been criticized for doing.

In a statement, the NSA did not deny the spying, and it said any activities it undertakes are limited to foreigners. However, some of Snowden's revelations have shown that the spying extends to U.S. citizens as well.

This article, "Apple, Cisco, Dell unhappy over alleged NSA back doors in their gear," was originally published at InfoWorld.com. Follow the latest developments in business technology news and get a digest of the key stories each day in the InfoWorld Daily newsletter. For the latest developments in business technology news, follow InfoWorld.com on Twitter.

Read more about security in InfoWorld's Security Channel.


View the original article here

Apple strips CEO Cook of $4M in stock grants for poor share performance

Apple CEO Tim Cook received a compensation package of $4.25 million for the 2013 fiscal year, a 2% increase over the year before.

But the board also dinged Cook to the tune of nearly $4 million in stock vesting reductions, citing Apple's subpar performance compared to the S&P 500's for the 12-month period.

In a preliminary proxy statement filed Friday with the U.S. Securities and Exchange Commission (SEC), Apple spelled out Cook's compensation for the period ending Sept. 28, as well as that for four other executives: Eddie Cue, who heads Apple's online efforts; CFO Peter Oppenheimer; Daniel Riccio, the company's hardware engineering lead; and Jeffrey Williams, chief of operations.

Computerworld - Apple CEO Tim Cook received a compensation package of $4.25 million for the 2013 fiscal year, a 2% increase over the year before.

But the board also dinged Cook to the tune of nearly $4 million in stock vesting reductions, citing Apple's subpar performance compared to the S&P 500's for the 12-month period.

In a preliminary proxy statement filed Friday with the U.S. Securities and Exchange Commission (SEC), Apple spelled out Cook's compensation for the period ending Sept. 28, as well as that for four other executives: Eddie Cue, who heads Apple's online efforts; CFO Peter Oppenheimer; Daniel Riccio, the company's hardware engineering lead; and Jeffrey Williams, chief of operations.

Riccio, new to the named executives in the proxy, was formerly the hardware lead for the iPad. In mid-2012 he was picked to take Bob Mansfield's place as head of all hardware engineering. Cue is also a proxy debutante.

Cook received $1.4 million in salary, $2.8 million in a bonus, and less than $60,000 for sundry expenses, including Apple's contribution to his 401(k) plan, company-paid life insurance, and $35,000 for vacation time converted to cash.

For fiscal 2013, Cook and the others received the maximum bonus, twice each man's annual salary. According to Apple, the company's net sales and operating income exceeded the targets set previously by the board, triggering the big bonuses.

Cue, Oppenheimer, Riccio and Williams were awarded bonuses of $1.75 million atop their $866,000 salaries, for a total of approximately $2.6 million each.

Apple touted what it called "internal equity" in pay for the executives just below Cook on the company's org chart. "Because the Company's executive officers operate as a team, the Compensation Committee considers internal pay equity to be an important factor in the Compensation Committee's decisions," the proxy read.

That practice is in contrast to that of other companies. At Microsoft, for example, top executives did not receive the same salary or bonuses in fiscal 2013. COO Kevin Turner's salary was 16% higher than the next-highest named executive (and 12% higher than CEO Steve Ballmer's), while his bonus was 35% greater than the next-largest.

While none of the Apple executives, including Cook, were granted stock awards in 2013, the CEO is still enjoying the fruits of the massive grant given him in 2011 when he assumed the chief executive role a month before co-founder Steve Jobs died. Then, the board locked in Cook with 1 million shares that would vest in equal parts in August 2016 and August 2021.

At the time those shares were valued at $383 million; their current worth, if all were to vest immediately, would be $560 million.

However, earlier this year Apple's board revised Cook's vesting schedule at his urging. Rather than the two monster stock handouts -- which only relied on his continued employment -- Cook asked that they be spread out over a 10-year period and tied to the company's stock performance.

Eighty-percent of the 1 million shares were covered by the new pay-on-performance deal, in which half of each year's vesting pool can be eliminated or reduced if Apple isn't in the top third of the S&P 500 as measured by the "total shareholder return" (TSR) metric.


View the original article here

How to Keep Cloud-Based Data Safe

With about 1,000 employees and more than $8 billion in home sales since 2006, online real-estate brokerage Redfin has a lot to lose if its cloud-based applications fail.

[Related: More CIO.com Cloud Computing Coverage ]

So Eric Hollenbeck, senior manager of IT and business services, decided not to rely solely on the redundancies touted by cloud providers. Instead, he deployed Spanning Backup early last year to ensure that critical documents on Google Drive could always be accessed and re-created.

CIO - With about 1,000 employees and more than $8 billion in home sales since 2006, online real-estate brokerage Redfin has a lot to lose if its cloud-based applications fail.

[Related: More CIO.com Cloud Computing Coverage]

So Eric Hollenbeck, senior manager of IT and business services, decided not to rely solely on the redundancies touted by cloud providers. Instead, he deployed Spanning Backup early last year to ensure that critical documents on Google Drive could always be accessed and re-created.

To continue reading, register here to become an Insider . You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.


View the original article here

Cloud computing 2014: Moving to a zero-trust security model

The leaking of classified documents detailing the data collection activities of the U.S. National Security Agency earlier this year reignited some long-standing concerns about the vulnerability of enterprise data stored in the cloud.

But instead of scaring businesses away from using hosted services, as some experts predicted, the leaks about the NSA spy programs are driving some long overdue changes in enterprise and service provider security and privacy policies.

When Edward Snowden first began spilling details of the NSA's surveillance practices to selected reporters in June, industry analysts had expected that the revelations would put a severe crimp on plans for cloud deployment.

Computerworld - The leaking of classified documents detailing the data collection activities of the U.S. National Security Agency earlier this year reignited some long-standing concerns about the vulnerability of enterprise data stored in the cloud.

But instead of scaring businesses away from using hosted services, as some experts predicted, the leaks about the NSA spy programs are driving some long overdue changes in enterprise and service provider security and privacy policies.

When Edward Snowden first began spilling details of the NSA's surveillance practices to selected reporters in June, industry analysts had expected that the revelations would put a severe crimp on plans for cloud deployment.

For instance, the Information Technology & Innovation Foundation in August said the leaks could cause U.S. cloud providers to lose 10% to 20% of the foreign market to overseas competitors -- or up to $35 billion in potential sales through 2016.

Another industry group, the Cloud Security Alliance, predicted a similar backlash due to concerns by Europen companies that thje U.S. government would access to their data.

Six months later, the impact appears to be less severe than expected.

Despite some reports of slowing sales of cloud services by U.S. vendors to overseas companies, experts now expect that the Snowden leaks will have little effect on long-term sales. The business benefits of using cloud-based services continue to supersede enterprise fears of government snooping.

At the same time though, the detailing of classified NSA spy programs has prompted an increased emphasis on cloud data security and protection that's expected to grow further in 2014.

The leaks hammered home just how little control companies have over data stored in the cloud, said Richard Stiennon, principal at consulting firm IT-Harvest. "There is a fundamental shift to a zero-trust model in the cloud." The disclosures showed enterprises that "there cannot be any chink in the trust chain from internal resources to the cloud and back."

Analysys say IT security officials are looking at several key areas, such as data encryption, key management and data ownership, regionalization, and the need for increased government transparency, to improve cloud security.

Data encryption

Encryption has gained a lot of attention since the Snowden leaks. Major service providers like Microsoft, Yahoo and Google set the tone by adding end-to-end encryption of data they host and manage for customers.

For instance, Google Cloud Storage now automatically encrypts all new data before it's written to disk. Such server-side encryption will soon be available for older data stored in Google clouds.

Since the NSA programs were disclosed, Microsoft has announced that it plans to ramp up encryption support for various services, including Outlook.com, Office 365, SkyDrive and Windows Azure.

By the end of 2014, Microsoft expects to have measures in place for encrypting data in transit between customer locations and its data centers, and while in transit between its own data centers.


View the original article here

US judge dismisses challenge to border laptop searches

U.S. Customs and Border Protection can search travelers' laptops and other electronic devices without a show of reasonable suspicion, according to a federal judge's dismissal of a 2010 lawsuit on Tuesday.

In its suit, the American Civil Liberties Union had argued that having border officials search the contents of a laptop violated the U.S Constitution unless the officials had a reasonable suspicion that the contents related to a crime. Judge Edward Korman of the U.S. District Court for the Eastern District of New York, in Brooklyn, disagreed and threw out the suit. The ACLU said an appeal is being considered.

"We're disappointed in today's decision, which allows the government to conduct intrusive searches of Americans' laptops and other electronics at the border without any suspicion that those devices contain evidence of wrongdoing," ACLU attorney Catherine Crump said in a press release from the organization. Crump argued the case in 2011.

IDG News Service - U.S. Customs and Border Protection can search travelers' laptops and other electronic devices without a show of reasonable suspicion, according to a federal judge's dismissal of a 2010 lawsuit on Tuesday.

In its suit, the American Civil Liberties Union had argued that having border officials search the contents of a laptop violated the U.S Constitution unless the officials had a reasonable suspicion that the contents related to a crime. Judge Edward Korman of the U.S. District Court for the Eastern District of New York, in Brooklyn, disagreed and threw out the suit. The ACLU said an appeal is being considered.

"We're disappointed in today's decision, which allows the government to conduct intrusive searches of Americans' laptops and other electronics at the border without any suspicion that those devices contain evidence of wrongdoing," ACLU attorney Catherine Crump said in a press release from the organization. Crump argued the case in 2011.

The American Civil Liberties Union (ACLU) filed the suit on behalf of Pascal Abidor, a student with dual French and U.S. citizenship, and of the National Association of Criminal Defense Lawyers and the National Press Photographers Association. In 2010, customs officials confiscated Abidor's laptop as he entered the country from Canada on a train trip from Montreal to New York. They searched the computer while detaining Abidor for several hours, then released him without charges.

Abidor, who said he was studying the modern history of Shiites in Lebanon, had downloaded photos of the militant groups Hamas and Hezbollah on his computer. He let CBP conduct the search and provided his computer password. The government searched private material, including messages between Abidor and his girlfriend, and kept his data for further searches after giving back his laptop, the suit alleged.

Such searches are a particular concern for defense lawyers and journalists because they rely on the confidentiality of information to represent clients and to protect sources, the suit said.

In dismissing the suit, Judge Korman said CBP already has special procedures for those types of privileged content that require a show of suspicion. Border searches of electronic devices are rare, and many of them already are done with a show of reasonable suspicion, Judge Korman said.

"In sum, declaratory relief is not appropriate because it is unlikely that a member of the association plaintiffs will have his electronic device searched at the border, and it is far less likely that a forensic search would occur without reasonable suspicion," Korman wrote, according to a copy of the decision posted by the ACLU.

Though the suit had alleged 6,500 people's electronic devices were searched at U.S. borders between October 2008 and June 2010, that's out of 1.1 million people processed daily, according to CBP, the judge wrote. "Stated another way, there is less than a one in a million chance that a computer carried by an inbound international traveler will be detained," Korman wrote.

The IDG News Service is a Network World affiliate.


View the original article here

Gigabit Wi-Fi gear to arrive in 2014 but data rates will vary

Companies will be able to buy plenty of Gigabit Wi-Fi gear in 2014, but they may not get Gigabit Wi-Fi data rates.

Gigabit Wi-Fi, which refers to the IEEE 802.11ac almost-standard, can vary widely in data rates depending not only on its implementation in a radio, but also on how far a client is from an access point or hotspot. It runs only in the 5-GHz band, which in theory propagates less well compared to the crowded, channel-challenged 2.4-GHz band.

Network World - Companies will be able to buy plenty of Gigabit Wi-Fi gear in 2014, but they may not get Gigabit Wi-Fi data rates.

Gigabit Wi-Fi, which refers to the IEEE 802.11ac almost-standard, can vary widely in data rates depending not only on its implementation in a radio, but also on how far a client is from an access point or hotspot. It runs only in the 5-GHz band, which in theory propagates less well compared to the crowded, channel-challenged 2.4-GHz band.

+Also on Network World: Getting ready for gigabit Wi-Fi | First Look: Gigabit Wi-Fi adapters | Your best 'Gigabit Wi-Fi' resources+

Eric Geier reviewed a selection of 11ac USB adapters and a PCI Express card for Network World, and his tests vividly show the range issues. “In terms of performance, when tested at a distance of 25 feet from our access point, with one wall in between, our top performer was the ASUS [PCIE] card, with a maximum throughput of 280Mbps and an average of 169Mbps,” he writes. “That’s pretty fast, but not close to the Gigabit speeds promised by the 802.11ac standard. However, when we moved the laptop to within a foot of the access point, performance skyrocketed to 800Mbps.”

(Related: Geier also reviewed a group of consumer-grade 11ac access points) 

Enterprise WLAN vendors are introducing aggressively priced 802.11ac access points, and more and more dongles and mobile devices have this newest version of Wi-Fi. Market researchers are forecasting rapid growth in 2014.

IDC says about 249,000 11ac enterprise-class access points shipped in 2013, with revenues of about $130 million. “That’s barely a dent in the market,” says Nolan Greene, IDC research analyst. The dent will be much bigger in 2014: IDC forecasts 1.6 million units, and about $700 million in revenues.

Enterprise 11ac access points will constitute about 10% of the market in 2014, compared to below 5% in 2013, says Chris DePuy, vice president of wireless LAN research for Dell’Oro Group. Third quarter 2013 sales jumped 10% with new entrants, such as Ubiquiti Networks.

Full list of stories looking ahead to 2014 in the tech industry.

The bulk of the buying will be what’s called “Wave 1” 11ac, with a maximum data rate of 1.3Gbps if the radios support three spatial streams, use 80-MHz channels, and are pretty close together. However, most of the early client-side implementations in laptops (and potentially tablets) support two or, in the case of smartphones, one spatial stream. As a result, performance is well under 1.3Gbps but still up to roughly double what’s possible today with 802.11n connections in optimal conditions.

Wave 2 products, due out late in 2014, will include a number of tweaks and additions, including multi-user MIMO, that will double the maximum possible data rate to 6.9Gbps.


View the original article here

Skype's social media accounts targeted by hacker group

Skype said its social media properties were targeted, with a group styling itself as the Syrian Electronic Army appearing to claim credit for the hacks.

"You may have noticed our social media properties were targeted today," Skype said in a Twitter message late Wednesday. "No user info was compromised. We're sorry for the inconvenience."

Skype's Twitter account, blog and Facebook page appeared to have been attacked by the SEA, a group that supports the Syrian government, according to reports. The Skype blog was still inaccessible late Wednesday and redirected users to the Skype home page.

IDG News Service - Skype said its social media properties were targeted, with a group styling itself as the Syrian Electronic Army appearing to claim credit for the hacks.

"You may have noticed our social media properties were targeted today," Skype said in a Twitter message late Wednesday. "No user info was compromised. We're sorry for the inconvenience."

Skype's Twitter account, blog and Facebook page appeared to have been attacked by the SEA, a group that supports the Syrian government, according to reports. The Skype blog was still inaccessible late Wednesday and redirected users to the Skype home page.

The SEA reproduced in a Twitter message a copy of what appeared to be its message using the Skype account on Twitter. The message read: "Don't use Microsoft emails(hotmail,outlook),They are monitoring your accounts and selling the data to the governments.More details soon #SEA". It did not figure by late Wednesday on Skype's Twitter feed.

SEA later posted on Twitter contact information purportedly of Microsoft CEO Steve Ballmer, stating: You can thank Microsoft for monitoring your accounts/emails using this details.

The attack on Skype's social media accounts appears to be linked to disclosures through newspapers by former U.S. National Security Agency contractor Edward Snowden that Internet companies allegedly provide the agency real-time access to content on their servers for surveillance purposes.

The SEA has targeted previously many high-profile websites and Twitter accounts. In August, an attack purportedly by SEA on Melbourne IT, an Australian domain registrar, affected the websites of The New York Times, Twitter and other top companies.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com

The IDG News Service is a Network World affiliate.


View the original article here

Looming disasters, and other tech predictions, for 2014 and beyond

More than most years, 2013 might be remembered for some ominous predictions of doom for the earth and its inhabitants.

The threat of solar storms received much attention from prognosticators, as did abrupt climate change -- the earth's atmosphere passed the 400 parts per million in carbon dioxide mark in 2013.

Computerworld - More than most years, 2013 might be remembered for some ominous predictions of doom for the earth and its inhabitants.

The threat of solar storms received much attention from prognosticators, as did abrupt climate change -- the earth's atmosphere passed the 400 parts per million in carbon dioxide mark in 2013.

Also, life extension became part of the tech discussion in 2013 and promises to become more of one in the years ahead.

High-speed machine-to-machine trading, long a topic, is gaining ever more attention as transactions near the speed of light.

Some of the biggest (and smallest) predictions for next year and beyond follow.

The end of the power grid

The National Intelligence Council, in its Global Trends 2030: Alternative Worlds report, released this year, said geomagnetic storms "pose substantial threat" to electronics and the power grid.

This was a big year for warnings about solar storms. The last "solar super-storm," occurred in 1859, and the next one has a good chance of arriving within your lifetime.

In 1989, a solar storm knocked out the Quebec power grid, impacting 6 million customers.

Historical records suggest a return period of 50 years for Quebec-level storms and 150 years for very extreme storms, such as the 1859 so-called Carrington Event, according to a report by insurer Lloyd's earlier this year.

Scientists at the Idaho National Laboratory recently demonstrated in tests that "geomagnetic disturbances have the power to disrupt and possibly destroy electrical transformers, the backbone of our nation's utility grid."

Extreme solar events are memorable, even without electronics. In 1859 Mother Nature "lit up its own chandelier in order, as it might be, to reveal the wickedness going on at the dead hour of night," The Memphis Daily wrote after brilliant lights in the nighttime sky, flashes, and red glows startled the city.

It prompted the fire department to muster on the mistaken belief that there was a large fire.

Things that may go boom next year

"Bitcoin will explode. KABOOM!" predicts Rob Banagale, CEO and co-founder, Gilph, Inc., a messaging security provider, via the National Venture Capital Association.

"OpenStack will implode," said Jason Bloomberg, author Agile Architecture Revolution, in his 2014 predictions at ZapThink. "It will succumb to a kind of innovation paralysis," he said.

In 2013, scientists confirmed the existence of the largest volcano on the planet, and among the largest in the solar system. Tamu Massif is in Northwest Pacific Ocean and is as large as the state of New Mexico. It is, fortunately, inactive.

Google thinks about life extension, as did Edison

In 2013, Google created a new company, Calico, to focus on health and well-being. "OK ... so you're probably thinking wow," wrote Google, co-founder Larry Page, one of Google's co-founders, about the company. Time's cover story looked at the effort this way: Can Google Solve Death?


View the original article here

Is rapid detection the new prevention?

There's a trend underway in the information security field to shift from a prevention mentality — in which organizations try to make the perimeter impenetrable and avoid breaches — to a focus on rapid detection, where they can quickly identify and mitigate threats.

Some vendors are already addressing this shift, and some security executives say it’s the best way to approach security in today’s environment. But there are potential pitfalls with putting too much emphasis on detection if it means cutting back on prevention efforts and resources.

Network World - There's a trend underway in the information security field to shift from a prevention mentality — in which organizations try to make the perimeter impenetrable and avoid breaches — to a focus on rapid detection, where they can quickly identify and mitigate threats.

Some vendors are already addressing this shift, and some security executives say it’s the best way to approach security in today’s environment. But there are potential pitfalls with putting too much emphasis on detection if it means cutting back on prevention efforts and resources.

Clearly, rapid detection is gaining traction. Research firm IDC has designated a new category for products that can detect stealthy malware-based attacks designed for cyber-espionage ("Specialized Threat Analysis and Protection”) and expects the market to grow from about $200 million worldwide in 2012 to $1.17 billion by 2017.

The thinking behind a shift in security approach is that it’s impossible to keep out everything, so companies should focus on quickly detecting and mitigating threats. While it doesn’t mean abandoning prevention, it suggests companies devote more resources to detection and remediation than they have in the past, with the understanding that breaches are going to happen.

+ MORE ON NETWORK WORLD See the entire list of Outlook stories +

“Prevention is a great strategy when it works. But unfortunately no preventative measure can be completely effective,” says Timothy Ryan, managing director of the Cyber Investigations practice at Kroll Advisory Solutions, a provider of risk mitigation products and services.

“For that reason, companies cannot rely on prevention and protection alone,” Ryan says. They must also rely on an information security plan that blends technology and processes to identify and respond to compromises quickly. The right tools and processes often reduce the time and cost of an investigation, he says.

There cannot be an 'either/or' approach to prevention and rapid detection. The vast majority of organizations must do both.— Ed Powers, national managing principal, security and privacy, at consulting firm Deloitte

“Rapid detection and efficient, effective response is the new prevention,” says David Scholtz, CEO of Damballa, a security technology provider. “The mindshift here is what's being prevented. We can no longer prevent our networks and systems from becoming infected, but we can prevent those infections from growing and evolving to become damaging breaches.”

Organizations can do this by discovering threats that successfully bypass layers of prevention and cutting them down before they do damage, Scholtz says. “Today, you can continue to add prevention-based solutions to an already fortified yet disappearing perimeter, but it's the small percentage of threats that get through that then equate to 100% of your risk,” he says.


View the original article here

Unencrypted Windows crash reports give 'significant advantage' to hackers, spies

Windows' error- and crash-reporting system sends a wealth of data unencrypted and in the clear, information that eavesdropping hackers or state security agencies can use to refine and pinpoint their attacks, a researcher said today.

Not coincidentally, over the weekend the popular German newsmagazine Der Spiegel reported that the U.S. National Security Agency (NSA) collects Windows crash reports from its global wiretaps to sniff out details of targeted PCs, including the installed software and operating systems, down to the version numbers and whether the programs or OSes have been patched; application and operating system crashes that signal vulnerabilities that could be exploited with malware; and even the devices and peripherals that have been plugged into the computers.

"This information would definitely give an attacker a significant advantage. It would give them a blueprint of the [targeted] network," said Alex Watson, director of threat research at Websense, which on Sunday published preliminary findings of its Windows error-reporting investigation. Watson will present Websense's discovery in more detail at the RSA Conference in San Francisco on Feb. 24.

Computerworld - Windows' error- and crash-reporting system sends a wealth of data unencrypted and in the clear, information that eavesdropping hackers or state security agencies can use to refine and pinpoint their attacks, a researcher said today.

Not coincidentally, over the weekend the popular German newsmagazine Der Spiegel reported that the U.S. National Security Agency (NSA) collects Windows crash reports from its global wiretaps to sniff out details of targeted PCs, including the installed software and operating systems, down to the version numbers and whether the programs or OSes have been patched; application and operating system crashes that signal vulnerabilities that could be exploited with malware; and even the devices and peripherals that have been plugged into the computers.

"This information would definitely give an attacker a significant advantage. It would give them a blueprint of the [targeted] network," said Alex Watson, director of threat research at Websense, which on Sunday published preliminary findings of its Windows error-reporting investigation. Watson will present Websense's discovery in more detail at the RSA Conference in San Francisco on Feb. 24.

Sniffing crash reports using low-volume "man-in-the-middle" methods -- the classic is a rogue Wi-Fi hotspot in a public place -- wouldn't deliver enough information to be valuable, said Watson, but a wiretap at the ISP level, the kind the NSA is alleged to have in place around the world, would.

"At the [intelligence] agency level, where they can spend the time to collect information on billions of PCs, this is an incredible tool," said Watson.

And it's not difficult to obtain the information.

Microsoft does not encrypt the initial crash reports, said Watson, which include both those that prompt the user before they're sent as well as others that do not. Instead, they're transmitted to Microsoft's servers "in the clear," or over standard HTTP connections.

If a hacker or intelligence agency can insert themselves into the traffic stream, they can pluck out the crash reports for analysis without worrying about having to crack encryption.

And the reports from what Microsoft calls "Windows Error Reporting" (ERS), but which is also known as "Dr. Watson," contain a wealth of information on the specific PC.

When a device is plugged into a Windows PC's USB port, for example -- say an iPhone to sync it with iTunes -- an automatic report is sent to Microsoft that contains the device identifier and manufacturer, the Windows version, the maker and model of the PC, the version of the system's BIOS and a unique machine identifier.

By comparing the data with publicly-available databases of device and PC IDs, Websense was able to establish that an iPhone 5 had been plugged into a Sony Vaio notebook, and even nail the latter's machine ID.

If hackers are looking for systems running outdated, and thus, vulnerable versions of Windows -- XP SP2, for example -- the in-the-clear reports will show which ones have not been updated.


View the original article here

7 sneak attacks used by today's most devious hackers

InfoWorld - Millions of pieces of malware and thousands of malicious hacker gangs roam today's online world preying on easy dupes. Reusing the same tactics that have worked for years, if not decades, they do nothing new or interesting in exploiting our laziness, lapses in judgment, or plain idiocy.

But each year antimalware researchers come across a few techniques that raise eyebrows. Used by malware or hackers, these inspired techniques stretch the boundaries of malicious hacking. Think of them as innovations in deviance. Like anything innovative, many are a measure of simplicity.

[ Verse yourself in 14 dirty IT security consultant tricks, 9 popular IT security practices that just don't work, and 10 crazy security tricks that do. | Learn how to secure your systems with the Web Browser Deep Dive PDF special report and Security Central newsletter, both from InfoWorld. ]

Take the 1990s Microsoft Excel macro virus that silently, randomly replaced zeros with capital O's in spreadsheets, immediately transforming numbers into text labels with a value of zero -- changes that went, for the most part, undetected until well after backup systems contained nothing but bad data.

Today's most ingenious malware and hackers are just as stealthy and conniving. Here are some of the latest techniques of note that have piqued my interest as a security researcher and the lessons learned. Some stand on the shoulders of past malicious innovators, but all are very much in vogue today as ways to rip off even the savviest users.

Stealth attack No. 1: Fake wireless access pointsNo hack is easier to accomplish than a fake WAP (wireless access point). Anyone using a bit of software and a wireless network card can advertise their computer as an available WAP that is then connected to the real, legitimate WAP in a public location.

Think of all the times you -- or your users -- have gone to the local coffee shop, airport, or public gathering place and connected to the "free wireless" network. Hackers at Starbucks who call their fake WAP "Starbucks Wireless Network" or at the Atlanta airport call it "Atlanta Airport Free Wireless" have all sorts of people connecting to their computer in minutes. The hackers can then sniff unprotected data from the data streams sent between the unwitting victims and their intended remote hosts. You'd be surprised how much data, even passwords, are still sent in clear text.

The more nefarious hackers will ask their victims to create a new access account to use their WAP. These users will more than likely use a common log-on name or one of their email addresses, along with a password they use elsewhere. The WAP hacker can then try using the same log-on credentials on popular websites -- Facebook, Twitter, Amazon, iTunes, and so on -- and the victims will never know how it happened.

Lesson: You can't trust public wireless access points. Always protect confidential information sent over a wireless network. Consider using a VPN connection, which protects all your communications, and don't recycle passwords between public and private sites.

Stealth attack No. 2: Cookie theftBrowser cookies are a wonderful invention that preserves "state" when a user navigates a website. These little text files, sent to our machines by a website, help the website or service track us across our visit, or over multiple visits, enabling us to more easily purchase jeans, for example. What's not to like?

Answer: When a hacker steals our cookies, and by virtue of doing so, becomes us -- an increasingly frequent occurrence these days. Rather, they become authenticated to our websites as if they were us and had supplied a valid log-on name and password.

Sure, cookie theft has been around since the invention of the Web, but these days tools make the process as easy as click, click, click. Firesheep, for example, is a Firefox browser add-on that allows people to steal unprotected cookies from others. When used with a fake WAP or on a shared public network, cookie hijacking can be quite successful. Firesheep will show all the names and locations of the cookies it is finding, and with a simple click of the mouse, the hacker can take over the session (see the Codebutler blog for an example of how easy it is to use Firesheep).

Worse, hackers can now steal even SSL/TLS-protected cookies and sniff them out of thin air. In September 2011, an attack labeled "BEAST" by its creators proved that even SSL/TLS-protected cookies can be obtained. Further improvements and refinements this year, including the well-named CRIME, have made stealing and reusing encrypted cookies even easier.

With each released cookie attack, websites and application developers are told how to protect their users. Sometimes the answer is to use the latest crypto cipher; other times it is to disable some obscure feature that most people don't use. The key is that all Web developers must use secure development techniques to reduce cookie theft. If your website hasn't updated its encryption protection in a few years, you're probably at risk.

Lessons: Even encrypted cookies can be stolen. Connect to websites that utilize secure development techniques and the latest crypto. Your HTTPS websites should be using the latest crypto, including TLS Version 1.2.

Stealth attack No. 3: File name tricksHackers have been using file name tricks to get us to execute malicious code since the beginning of malware. Early examples included naming the file something that would encourage unsuspecting victims to click on it (like AnnaKournikovaNudePics) and using multiple file extensions (such as AnnaKournikovaNudePics.Zip.exe). Until this day, Microsoft Windows and other operating systems readily hide "well known" file extensions, which will make AnnaKournikovaNudePics.Gif.Exe look like AnnaKournikovaNudePics.Gif.

Years ago, malware virus programs known as "twins," "spawners," or "companion viruses" relied on a little-known feature of Microsoft Windows/DOS, where even if you typed in the file name Start.exe, Windows would look for and, if found, execute Start.com instead. Companion viruses would look for all the .exe files on your hard drive, and create a virus with the same name as the EXE, but with the file extension .com. This has long since been fixed by Microsoft, but its discovery and exploitation by early hackers laid the groundwork for inventive ways to hide viruses that continue to evolve today.


View the original article here

As Twitter hires, HP fires

With the attention given to Twitter's IPO, one might assume that the tech industry is dependent on its success. It isn't. Not even close.

For sure, Twitter's initial public offering in November made some people awfully rich -- the social networking company's market capitalization now ranges near $35 billion and its shares trade at around $65 apiece, more than double the share price of Hewlett-Packard stock.

At best, though, Twitter is likely to remain a mid-sized employer unless it buys a television network with its eventual cash.

Computerworld - With the attention given to Twitter's IPO, one might assume that the tech industry is dependent on its success. It isn't. Not even close.

For sure, Twitter's initial public offering in November made some people awfully rich -- the social networking company's market capitalization now ranges near $35 billion and its shares trade at around $65 apiece, more than double the share price of Hewlett-Packard stock.

At best, though, Twitter is likely to remain a mid-sized employer unless it buys a television network with its eventual cash.

Twitter, according to its IPO filing, has about 2,000 employees, and a long list of job openings. Perhaps, in time, it may equal Facebook current workforce of 5,800.

As HP cuts, who is hiring?

Headcount data is from annual reports and represent global headcounts, unless otherwise noted. Few tech firms breakout domestic versus hiring overseas.Apple data does not include 3,100 full-time equivalent workers in 2008, 2,800 in 2010 and 4,100 in 2013. About 42,800 of Apple 2013 employees work in the company's Retail segment. Google 2012 figures include 12,433 from Motorola Mobile and 4,995 from Motorola Home. Google Sold Motorola Home in 2012, reducing its overall headcount. HP 2008 figures include its EDS acquisition. Microsoft data includes 35,000 international in 2010 and 41,000 international in 2013.

The point of showing the Twitter and Facebook employment numbers is to create scale for HP's just announced layoff of 5,000 workers. Relative to HP's total workforce of 317,000, the cut amounts to just 1.5%, but compared to the amount of hiring now underway at Web-based firms, it's a significant hit to tech employment overall.

The question now for HP is whether it can can adapt to overcome slowdowns in the PC, server and printer businesses and resume its revenue growth. If it succeeds at that, HP could add jobs by the thousands and at a speed that would take a Web-based firm years to achieve. On the other hand, it could also shed jobs by the thousands if it fails.

This latest HP layoff plan, detailed in a Security Exchange Commission filing last week, is on top of 29,000 job cuts previously announced by HP CEO Meg Whitman. HP doesn't breakout hiring/firing by region, so it's not known many U.S. workers are affected.

HP's importance to employment goes well beyond its own payroll.

There are thousands of HP-related jobs at resellers, consulting and professional services firms. Many IT professionals have invested careers in HP-specific technologies certifications and training, and HP systems can be found in most Fortune 1000 firms.

At this stage, analysts aren't predicting any specific long-term outcome for HP. They do see a company being hit by some significant changes in the use of devices ranging from PCs to tablets, and in data centers where users are moving more workloads to the cloud.

HP is "getting rid of redundant employees left over from acquisitions and shifting to more of a software focus and adjusting for market changes," said Rob Enderle, principal analyst, Enderle Group, citing printer sales in particular.


View the original article here

Why one company declined cloud-based 'crisis communications system'

Cloud-based services are still often seen as too risky for sensitive information. Take the case at Kingsport, Tenn.-based Eastman Chemical Company, which said "no" to the cloud when designing its new crisis communications system.


Eastman Chemical, which operates chemical manufacturing facilities, decided to put in a new messaging system for interactive early warning notifications to thousands of employees in the event of any kind of emergency. They wanted one that would be IP-based with integration with Microsoft Lync VoIP, Eastman’s Active Directory as well as its legacy corporate pagers and radio systems. They could have chosen a cloud-based option from the vendor they selected, AtHoc. But it was decided the data Eastman Chemical might be sharing from its dispatch center was simply too sensitive to consider using a cloud-based service.

Network World - Cloud-based services are still often seen as too risky for sensitive information. Take the case at Kingsport, Tenn.-based Eastman Chemical Company, which said "no" to the cloud when designing its new crisis communications system.

Eastman Chemicals In its emergency communications system, Eastman Chemical Company said no to the cloud.

Eastman Chemical, which operates chemical manufacturing facilities, decided to put in a new messaging system for interactive early warning notifications to thousands of employees in the event of any kind of emergency. They wanted one that would be IP-based with integration with Microsoft Lync VoIP, Eastman’s Active Directory as well as its legacy corporate pagers and radio systems. They could have chosen a cloud-based option from the vendor they selected, AtHoc. But it was decided the data Eastman Chemical might be sharing from its dispatch center was simply too sensitive to consider using a cloud-based service.


"Eastman retains all messages on the Eastman network," says Keith Bennett, area supervisor, plant protection services, emphasizing that no emergency notification message is allowed to leave the Eastman corporate network, even though a cloud-based notification service for this was possible through AtHoc.


+MORE ON NETWORK WORLD Cloud Security Alliance offers ultra-high cloud security plan +


Through the customized crisis communications system, a central dispatch system is functioning around the clock in order to direct a range of notifications to individual computers, VoIP phones, texting, RSS feeds, as well as e-mail, phones, pagers and two-way radios.


The kind of information that could be sent to thousands of Eastman employees via the IP-based live response system might pertain to anything from tornados, fire, medical and chemical safety to possible terrorism. It’s tailored to send messages to appropriate individuals via VoIP phones, mobile devices and computer pop-ups, allowing them to respond about safety status. “We needed to take advantage of new technologies but we use legacy radios and pagers," Bennett points out.


Because it’s considered “operations critical” messaging, Eastman decided that this was all too sensitive to permit the information to travel outside its private network and into the cloud and it was a requirement that AtHoc had to build the system for Eastman to keep it closed in that way.


Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com


Read more about cloud computing in Network World's Cloud Computing section.


View the original article here

Windows 8 regains uptake mojo, XP restarts death slide

Windows 8 surged in December to end the year with almost 12% of the user share of all Windows personal computers, while the destined-for-retirement Windows XP restarted its decline after a two-month pause, a Web analytics company said Thursday.

Both were good signs for Microsoft, which has bet its future on Windows 8 and implored customers to abandon the aged Windows XP.

According to Net Applications, Windows XP fell 2.2 percentage points in December to 29% of all desktop and notebook computers worldwide, the first time it breached that 30-percent barrier. But the 12-year-old operating system still accounted for nearly a third -- 32% -- of Windows-powered PCs.

Computerworld - Windows 8 surged in December to end the year with almost 12% of the user share of all Windows personal computers, while the destined-for-retirement Windows XP restarted its decline after a two-month pause, a Web analytics company said Thursday.

Both were good signs for Microsoft, which has bet its future on Windows 8 and implored customers to abandon the aged Windows XP.

According to Net Applications, Windows XP fell 2.2 percentage points in December to 29% of all desktop and notebook computers worldwide, the first time it breached that 30-percent barrier. But the 12-year-old operating system still accounted for nearly a third -- 32% -- of Windows-powered PCs.

Meanwhile, Windows 8's and 8.1's combined user share of all computers reached 10.5%. Of the systems running Microsoft's OS, Windows 8/8.1 owned a user share of 11.6%.

Both operating systems had taken a break in October and November from earlier trends: Windows XP's gradual decline and Windows 8's deliberate growth.

Their December changes were the largest since September, Net Applications data showed.

The gain by Windows 8 and 8.1 was likely due to new PC purchases in the last month of 2013: Most consumer systems come equipped with the newest version, Windows 8.1, which accounted for 34% of the combined total, up from November's 28%.

Windows 8's increase put some more distance between it and Windows Vista, the 2007 OS bust: The gap between it and Windows 8 increased by seven-tenths of a percentage point in December.

But Windows 8 remained far behind Windows 7's adoption. Fourteen months after its debut, Windows 7 powered 23.1% of all Windows systems, nearly twice that of Windows 8. In fact, Windows 7 grew its user share last month, adding nine-tenths of a percentage point to end December at 47.5% of all computer operating systems, and at 52.4% of those running a flavor of Windows. Both were records for the 2009 operating system, hinting that it will remain a standard for years to come.

The decline in Windows XP may have contributed to the increase of Windows 7 as well as Windows 8 and 8.1, as some users migrated from the 2001 OS to Windows 7 as a way to forestall trying the radically-redesigned Windows 8. Most businesses, analysts have said, will stick with Windows 7 as long as possible rather than incur the costs of another migration.

Microsoft must be smiling at the revival of Windows XP's downturn: The company has been aggressive in its efforts to convince customers to ditch Windows XP before it's retired from security support on April 8, 2014. For the most part, those messages have been received, even if Microsoft would prefer a faster rate of desertion: In the last 12 months, XP's user share has dropped 10 percentage points, representing a 26% decline.

Using XP's average changes over the last 12 months, Computerworld now forecasts that Windows XP will power between 25% and 26% of all personal computers at the end of April.

Net Applications measures operating system user share by tracking unique visitors to approximately 40,000 sites that rely on its analytics software.


View the original article here

Undaunted by major Snapchat leak, Stanford marching band pays homage to homegrown app at Rose Bowl

Network World - The Stanford marching band, known for its creative and sometimes controversial musical extravaganzas, geeked out during halftime of the 100th Rose Bowl football game on New Year’s Day by collectively forming themselves into the ghostly shape of the Snapchat logo on the field.

Photo-sharing app Snapchat, which was started by a pair of Stanford students in 2011, boasts a friendly ghost called “Ghostface Chillah” as its logo. Though the spookiest thing about Snapchat this week was the revelation of a major leak of the iPhone/Android program by a computer security group that said phone numbers and user names of 4.6 million users was exposed. 

The security hole is a big blow to Snapchat, for discretion and privacy have been big selling points. It has gained popularity because of users’ ability to share photos that are only visible for a few seconds to specific recipients.

The Stanford marching band’s tribute to the Snapchat logo seemed to baffle the game’s halftime commentators on TV, and also probably puzzled many in the audience. As one woman tweeted:

 One recent validation of Snapchat’s popularity were reports that the company turned down a $3 billion buyout offer from Facebook, which is said to be losing some users to the service, along with other social offerings such as Twitter and Instagram.

Though it appears Snapchat is not all-powerful: Even its logo’s appearance at halftime of the Rose Bowl game couldn’t help Stanford beat Michigan State, much to the delight of some:

Read more about voip & convergence in Network World's VoIP & Convergence section.


View the original article here

Virtualization, security advances on tap for ADCs

The application delivery controller has been more than a simple accelerator and load balancer for some time now, becoming an increasingly important component of enterprise network infrastructures over the past couple of years.

This growth in importance is illustrated by a recent Infonetics research study, which found that ADC revenues in the second quarter grew by 4% year over year, while WAN optimization, a related network management technology, saw an 11% decline over the same period.

Network World - The application delivery controller has been more than a simple accelerator and load balancer for some time now, becoming an increasingly important component of enterprise network infrastructures over the past couple of years.

This growth in importance is illustrated by a recent Infonetics research study, which found that ADC revenues in the second quarter grew by 4% year over year, while WAN optimization, a related network management technology, saw an 11% decline over the same period.

As 2014 kicks off, two of the main issues for the growing ADC market are security and virtualization – the technology has several features that have implications for denial-of-service protection, and the trend toward SDN and network virtualization has many people looking for software-only application delivery.

But the technology isn’t going to turn into a cloudified, all-inclusive network management panacea overnight – experts say there is still some way to go.

+ALSO ON NETWORKWORLD: ABC's of ADCs in the cloud | ADC: It's a platform, not a product | How to shop for ADCs+

F5 Director of Technical Marketing Alan Murphy says that modern ADCs are a natural fit for the security role, particularly in light of the fact that most of today’s denial-of-service attacks target the application layer to begin with.

“The network tools that protect network perimeters from security attacks are great at network-level stuff – knowing what IP address it’s coming from, going to, source, and then protocol,” he says. “But once the attacker moves over to the application, manipulating what’s going on over the protocol … issuing a million DNS requests, for example – that’s going over the network, but the attack is actually against the DNS application infrastructure.”

ADCs, adds F5 Senior Product Marketing Manager Lori MacVittie, are better-suited than traditional firewalls to identify and defend against this type of attack, particularly where detection and classification are concerned.

“As we continue to evolve into the next year, it really becomes more important to start analyzing the behavior of the interaction with the application, and that’s something that application delivery is well-suited to do,” she says.

So will 2014 be the year to ditch your enterprise firewall and entrust everything to the ADC? Not entirely. Citrix Senior Product Management Director Steve Shah acknowledges that the issue is a hot one in the ADC market.

+ MORE ON NETWORK WORLD Read the entire list of our Outlook 2014 articles + 

“Right now, the ADC landscape is getting a little conflated with the whole firewall landscape,” he says. “Do ADCs take on firewall responsibilities or don’t they? Or do we maintain separation of responsibilities? And this is where I actually believe that [in] 2014, we’re going to see further clarification of that, and I believe that separation of duties is going to win out here.”


View the original article here

FireEye snaps up cyber forensics firm Mandiant for $1 billion cash-stock deal

Security vendor FireEye today announced it has acquired privately-held endpoint security incident response vendor Mandiant for $1 billion with $106.5 million in cash.

FireEye and Mandiant said they intend to integrate Mandiant’s portfolio of products with FireEye’s  to develop new enterprise and cloud products and services. For one thing, FireEye said Mandiant’s endpoint threat detection and response products will be incorporated as a core element of the FireEye Oculus platform. FireEye’s CEO Dave DeWalt says the goal is to develop comprehensive products aimed at combating advanced threats that are stealthy attacks on organizations.

+MORE ON NETWORK WORLD What to expect of Internet of Things in 2014 | Washington Post reports servers attacked, Chinese espionage suspected+

Network World - Security vendor FireEye today announced it has acquired privately-held endpoint security incident response vendor Mandiant for $1 billion with $106.5 million in cash.

FireEye and Mandiant said they intend to integrate Mandiant’s portfolio of products with FireEye’s  to develop new enterprise and cloud products and services. For one thing, FireEye said Mandiant’s endpoint threat detection and response products will be incorporated as a core element of the FireEye Oculus platform. FireEye’s CEO Dave DeWalt says the goal is to develop comprehensive products aimed at combating advanced threats that are stealthy attacks on organizations.

+MORE ON NETWORK WORLD What to expect of Internet of Things in 2014 | Washington Post reports servers attacked, Chinese espionage suspected+

Mandiant has become known for forensic work it has done to assist a wide variety of companies, including large media organizations such as the Washington Post, determine how their networks have been attacked, often for purposes of cyber-espionage. Kevin Mandia, Mandiant’s founder and CEO, has been appointed by the FireEye board of directors to the position of senior vice president and chief operating office at FireEye. FireEye indicated it now provides its threat-protection software to more than 1,500 government, enterprise and small to mid-sized customers.

Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com

Read more about security in Network World's Security section.


View the original article here

Predictions gone wrong: Losing bets analysts made for 2013

Cast your mind back to the late 2000s -- when the iPhone 3G beguiled consumers and the iTunes App Store began shifting users' ideas about how they bought and used software, when Microsoft pros saw nothing but clear skies after Windows 7 cleared out the Windows Vista storm, when green technology was touted as a transformative force in IT.

In 2008 and 2009, professional tech forecasters made their best guesses about what IT would look like in 2013. These forecasts are often meant to help IT professionals figure out where they'll get the most bang for the buck in the historical three- to five-year timelines for IT planning.

[ Bob Violino and Robert Scheier show how businesses today are successfully taking advantage of mobile tech, in InfoWorld's Mobile Enablement Digital Spotlight PDF special report. | For quick, smart takes on the news you'll be talking about, check out InfoWorld TechBrief -- subscribe today. ]

InfoWorld - Cast your mind back to the late 2000s -- when the iPhone 3G beguiled consumers and the iTunes App Store began shifting users' ideas about how they bought and used software, when Microsoft pros saw nothing but clear skies after Windows 7 cleared out the Windows Vista storm, when green technology was touted as a transformative force in IT.

In 2008 and 2009, professional tech forecasters made their best guesses about what IT would look like in 2013. These forecasts are often meant to help IT professionals figure out where they'll get the most bang for the buck in the historical three- to five-year timelines for IT planning.

[ Bob Violino and Robert Scheier show how businesses today are successfully taking advantage of mobile tech, in InfoWorld's Mobile Enablement Digital Spotlight PDF special report. | For quick, smart takes on the news you'll be talking about, check out InfoWorld TechBrief -- subscribe today. ]

No company wants to sink a substantial percentage of its IT budget into a flash-in-the-pan technology -- and everyone wants to be a low-cost fast follower. Established analysts' predictions are part of how IT avoids the first fate and achieves the second.

Now that future has arrived. If IT pros had listened to the forecasts in 2008, would they have spent their money wisely or well? We plumbed the InfoWorld archive for some of the forecasts made about 2013, then tried to see how they held up in a world that's since seen the iPad and the spread of mobile working, plus the explosion of cloud computing.

Prediction No. 1: The overall market for green IT services will peak at $4.8 billion in 2013

What happened: The recession happened, and "our technology is green" went from being a goal to being a side benefit. Public cloud computing providers like Apple, Google, and Facebook may be building clean-energy facilities, but they're doing so with an eye toward reducing the bottom lines on energy consumption. In the United States, "green IT" has retreated as a market.

On the bright side, however, it looks like there's still a green IT market in India. This year, Gartner is expecting Indian companies to spend $29.2 billion on technologies like advanced metering infrastructure, carbon capture, and solar energy technology.

Prediction No. 2: PC shipments will record double-digit growth from 2009 to 2013, buoyed by growing demand for laptops and netbooks

What happened: The iPad happened in 2010, and individuals have been shifting their technology dollars to tablet technologies ever since. IDC, which made the original forecast, has tracked PC sales for this year, and the news isn't good: Worldwide PC shipments are expected to fall by 10.1 percent in 2013, below the previous projection of a 9.7 percent drop.

It's the most severe yearly contraction on record and reflects a truth in IT budgets: Any sales and growth in personal computers is fueled by replacement sales. The market isn't growing. Worldwide, an estimated 314 million PCs were sold this year -- far below the 444 million PCs predicted back in 2009. People are buying iPads and other tablets instead.

Prediction No. 3: Mobile phones will overtake PCs as the most common Web-access device worldwide by 2013

What happened: Although the originator of this prediction, Gartner, didn't respond to inquiries, other firms have been tracking Web access and have shared their findings. In March 2013, Adobe released its analysis of Web traffic to more than 1,000 websites and found that 84 percent of all Web traffic came from users on desktop or laptop computers, 8 percent from tablet users, and 7 percent from smartphone users. StatCounter, which tracks visits to websites via ad network data, found that desktop usage still dominates, at 76.1 percent.

Prediction No. 4: Windows Mobile will claim 15 percent of the global smartphone market, second to the Symbian OS's 47 percent market share

What happened: Nokia got killed by iOS and Android, that's what happened. Since IHS iSuppli made this prediction in 2009, the once-dominant force in the mobile phone market was overtaken by device makers who understood the basic truth that users care more about smartphone software than they do the hardware. When Nokia began its death spiral, it took Symbian with it, which explains why the OS has a 0.1 percent market share today.

iSuppli now says Android is the leader in the smartphone OS market with a 76.5 percent share, with Apple's iOS a distant second with 14.9 percent. As for Windows Phone, Windows Mobile's successor? It's an even more distant third with 3.9 percent of the market.

Prediction No. 5: By 2013, the enterprise mashup market will reach $700 million

What happened: Enterprise mashups, which were once defined as the integration of digital data from multiple sources for business purposes, have since been rebranded. You may know them now as part of the API and big data phenomena.

Asking analyst firms about estimated market sizes for enterprise mashups in 2013 gets you a lot of "We don't measure that market" responses. However, Gartner estimates that big data will be a $34 billion market in 2014. That's 48 times greater than the original forecast for mashups. Maybe this one will be true.

This story, "Predictions gone wrong: Losing bets analysts made for 2013," was originally published at InfoWorld.com. Follow the latest developments in key and emerging technologies at InfoWorld.com. For the latest developments in business technology news, follow InfoWorld.com on Twitter.


View the original article here

5G Wireless: Reality looks to catch up with hype

Don't feel bad if you don't really know anything about 5G wireless networking – because, by most standards, it doesn't actually exist yet. The cross-pollination of codified specifications, new products, and technological innovation required hasn't yet brought 5G to fruition.


What there has been, however, is a lot of hype. Samsung grabbed attention in May with its announcement of a 1Gbps wireless connection it referred to as “5G,” saying it would bring the capability to its production smartphones by 2020.

5GNetwork World - Don't feel bad if you don't really know anything about 5G wireless networking – because, by most standards, it doesn't actually exist yet. The cross-pollination of codified specifications, new products, and technological innovation required hasn't yet brought 5G to fruition.


What there has been, however, is a lot of hype. Samsung grabbed attention in May with its announcement of a 1Gbps wireless connection it referred to as “5G,” saying it would bring the capability to its production smartphones by 2020.


+ Also on NetworkWorld: A brief history of mobile networks | A first look at gigabit Wi-Fi adapters | Blazing Samsungs, or how not to handle a product return +


The European Commission’s Horizon 2020 plan, announced this month, includes roughly $172 million for 5G research and development, and South Korea’s Yonhap News announced that country’s government would spend $475 million on developing a national 5G network, to be completed by 2020. Both proposals cite the transformative effects and massive economic benefits of 5G technology.


The problem, however, is that no one seems to agree on precisely what the term 5G even means. Sathya Atreyam, a research manager at IDC, says that it’s become a buzzword at this point.


“There are many players right now who are claiming that they are investing a lot of dollars in 5G research, [but] they’re all investing in different areas of 5G … somebody’s focused on increasing data speeds, somebody’s focused on better coverage,” he says.


“It reminds me of a story which is often heard,” Atreyam adds. “There are six blind men feeling and touching an elephant and giving their definition of the elephant. Every one is true, but it’s only part of the puzzle.”


Standards bodies like the International Telecommunication Union, the Institute of Electrical and Electronics Engineers, and the 3rd Generation Partnership Project are all tracking the various technological developments. The ITU officially recognized the IMT-Advanced standard in January 2012, though it did not use the term 5G in describing the technologies, which include the next generations of the successful LTE and the less-successful WiMAX.


It’s important to remember, of course, that even when a particular “G” term is fairly stable and commonly understood – 3G, for example, is generally agreed to refer to the ITU’s IMT-2000 standard – it isn’t a hard-and-fast official definition. Refinements in WCDMA technology produced HSPA and HSPA+, which are often referred to as “3.5G” or “3.75G,” without fundamentally changing the underlying hardware.


Indeed, those technologies were even more ambitiously titled in the recent past, according to Forrester principal analyst Frank Gillett.
“With 4G, we saw versions of 3G – HSPA+ - called 4G, and then we had to say LTE to mean true 4G,” he says. “I’m expecting to see a lot of silly marketing junk later in the decade, as the 5G stuff ramps up.”


*


So what might 5G technology actually look like? That’s not known for sure, but experts like Craig Mathias, a well-known wireless consultant and Network World blogger, think there are clues out there.


View the original article here

Android invades the enterprise

As the little green robot known as Android wends its way into the enterprise, it's teaching useful lessons that are reshaping corporate attitudes toward the BYOD movement.

Analysts and CIOs say the multifaceted nature of the mobile operating system is forcing companies to make key decisions about what they will, and won't, control in bring-your-own-device programs -- and those decisions are in turn cascading across all operating systems and devices.

+ Also at NetworkWorld: 2014 Tech Industry Outlook +

While Google's operating system has far surpassed Apple's iOS in worldwide mobile market share -- Android had more than 79% of the smartphone market in the second quarter of 2013, while iOS fell to 13%, according to IDC -- Apple still dominates the enterprise. According to a June 2013 activation report from mobile software maker Good Technology, 75% of the mobile activations at Good's Fortune 500 clients were for iOS devices.

Computerworld - As the little green robot known as Android wends its way into the enterprise, it's teaching useful lessons that are reshaping corporate attitudes toward the BYOD movement.

Analysts and CIOs say the multifaceted nature of the mobile operating system is forcing companies to make key decisions about what they will, and won't, control in bring-your-own-device programs -- and those decisions are in turn cascading across all operating systems and devices.

+ Also at NetworkWorld: 2014 Tech Industry Outlook +

While Google's operating system has far surpassed Apple's iOS in worldwide mobile market share -- Android had more than 79% of the smartphone market in the second quarter of 2013, while iOS fell to 13%, according to IDC -- Apple still dominates the enterprise. According to a June 2013 activation report from mobile software maker Good Technology, 75% of the mobile activations at Good's Fortune 500 clients were for iOS devices.

To continue reading, register here to become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.


View the original article here