McAfee recently announced that it has begun to work with the National Institute of Standards and Technology (NIST) to strengthen cybersecurity infrastructure. The move is another reminder of public and private groups' efforts to shore up cybersecurity together.
The partnership along with enterprise support of the revised CISPA bill is another sign that private industry is willing to work with the government to slow cyber attacks.
Over the last few years, it has become clear that cyber security isn't just an enterprise issue. With news of the Chinese military perpetrating a variety of attacks on private industry, it is now obvious that many cyber threats effect both governments and corporations.
Both hackers large and small are now using the same methods for hacks. The recent Mandiant report on Chinese military hackings outlined the fact that military actors were using the same tactics as cyber criminals.
Through social engineering and patience Chinese military hackers were able to get inside over 140 private enterprise systems. Those sorts of tactics are also used by independent cyber crooks.
The widespread use of advanced tactics is a key reason why companies and the government are finding it necessary to begin working together on the issue of cyber security. By partnering on the issue they can share information and work together to decipher potential threats.
However, the cross-industry work may also cause some privacy concerns for end users. Privacy advocates have continuously questioned CISPA because of its ability to let personal data get into the hands of government agencies without proper oversight.
According to advocates, the ability for companies to hand over data to government officials without any sort of oversight could cause problems on the privacy front.
On one hand, the unfiltered sharing of data between government and enterprise would drastically help the fight against cyber security. However, on the other hand, the open sharing could lead to data being used for the wrong reasons.
Both sides share fair points on the issue. And overtime, hopefully, they will be able to come to a compromise that increases cyber security while addressing potential privacy concerns.
Unfortunately, the cyber attacks don't look like they will go away anytime soon. Cyber-espionage is only expected to grow over the years and hackers will continue to get more sophisticated over time.
Something will need to change to promote a stronger sense of information sharing. At the same time, hopefully, advocates will continue to fight for online privacy and stand their ground in the face of growing support in Silicon Valley.
17 Apr 2013
Twitter hacking is a serious issue. Take for instance, the recent hack of National Public Radio's (NPR) Twitter account. NPR's account was hacked and erroneous tweets were sent out following the attack.
The slew of hacks makes it obvious that something needs to be done. Twitter called on its users to create stronger passwords in February, but that isn't enough. The company needs to take action and implement two-factor authentication for those that want to use it.
It's not a ground-breaking idea. Security experts have called on the firm to implement authentication for the last couple of years. Other companies like Microsoft even plan to use multi-factor authentication later this year.
Yet, Twitter has failed to get the memo (tweet?). At a time when more and more businesses begin to use Twitter for PR, something has got to be done. Enterprise can't have hackers getting a hold of their feeds and sullying their names. It's bad for business, both Twitters and the users.
It's becoming clear that something is wrong. Even the words "#IveBeenHacked" have become something of a meme on the micro-blogger site.
Luckily, something may be on the horizon. Earlier this year, a Twitter job posting popped-up calling for a software engineer to build multi-factor authentication.
The job posting looks to be leading to some sort of security update. Hopefully, it comes sooner rather than later.
In the wake of Monday's bombings at the Boston Marathon, the internet community is showing its compassionate side as assistance and hospitality abound.
Shortly after the bombs went off, raw video documenting the explosions was circulating on the web. Being a publicly broadcasted event there were not shortage of cameras present and both professional and amateur videographers were there to film the aftermath.
We will not be linking to any of the raw (and graphic) footage of the scene. It can easily be had by those who want to find it and is best unseen or forgotten by the rest of us.
But what should be remembered, however, is how the internet has mobilised in the aftermath of the attack to support the victims of the attack and do what they can to support Boston.
In most cases of terrorist attacks and mass tragedies, supplies of blood become an issue as hospitals struggle to treat casualties. As users mobilised, however, donations poured in and despite the horrific nature of the attacks the Boston Red Cross said that it has received enough donations to cover demand just hours after the attack.
People around Boston have also used the web to help care for runners and fans who find themselves stranded can consult a special Google Doc file dedicated to connecting attendees with generous individuals willing to loan out rooms.
Even if you can't donate blood or put up a stranded running fan, you can do a small bit to help console Boston residents with donations of money, well-wishes or just a nice hot pizza.
Battery life has become a perennial problem for users, with the mobile revolution hamstrung by the need to stay within plug-in distance of a power point. Now researchers at the Paul Scherrer Institute in Switzerland and Toyota's Research Laboratories in Japan have discovered a previously unknown trait in widely used lithium-ion batteries, which they believe could provide the foundations for building better batteries in future.
It's long been known that Nickel-Cadmium and Nickel-metal hydride batteries suffer from what's termed the memory effect. When one of these batteries is recharged before its fully out of juice, the battery appears to remember this, and assumes in future that it need not supply all of its energy.
Until now, it had been assumed that lithium-ion batteries were immune to the memory effect. But according to Tsuyoshi Sasaki, Petr Novák and Yoshio Ukyo that is a mistake.
”Ours is the first study that has specifically looked for a memory effect in lithium-ion batteries. It had simply been assumed that no such effect would arise,“ said Novák.
The researchers were chiefly focused on what impact this might have on batteries used in electric vehicles. They noted that such batteries are partially charged during the act of braking, suggesting that the small memory effect could, over time, add up to a large memory effect. That would mean a batteries degrading far faster than they need to.
But the practice of recharging batteries before they're exhausted is also pretty common when it comes to smartphone, tablet and laptop use.
Knowing that the memory effect exists in lithium-ion batteries could enable the manufacturers to develop power management software to account for this, says Novák. This would certainly be welcomed by many across the world if it removed that panic as you notice your battery is about to disappear.
The research was published in this week's Nature Materials.
13 Apr 2013
This week, researchers made the bold prediction that by 2015, the concept of the 'netbook' system will cease to exist.
According to IHS researchers, tablets have eaten so severely into the market for netbooks next year vendors could manufacture as few as a quarter million of the ultra-portable notebooks and by 2015 production will cease entirely.
The reasoning is that for most users, a tablet does everything a netbook does, but better. While on the higher end, ultrabooks are making portable computers more lightweight and powerful than ever before. The result is a market niche for netbooks which has been completely closed.
So, with netbooks going the way of the dinosaur, what might be the next form factor to be squeezed out of the market?
It might just be desktop computer. Yes, the oldest form of the PC has endured for more than three decades and in many offices the desktop is still a fixture in many a cubicle.
But that is starting to change. For many companies, running a virtual desktop infrastructure (VDI) environment makes far more sense than putting a full PC on every desk.
In a VDI environment, user systems are stored on a central server as a virtual machine. The users then dial up their PC instances and run all their computing tasks over the network, either on thin client hardware or through their personal notebooks.
In addition to convenience and reduced hardware costs, VDI brings an inherent security aspect, as all data can be centrally managed through one single server. Yes, there have in the past been performance worries, but new products from vendors such as Nvidia have addressed that in many usage cases.
So, with VDI on the rise, how long could it be until we see the last desktop PCs on the market?
On Thursday V3 reported that six Metropolitan Police staff, including three serving officers, were sacked for writing ‘offensive’ and ‘intimidating’ posts on social media sites.
Well, that number has risen by one with the resignation of sergeant Jeremy Scott who wrote a message claiming he hoped recently deceased former prime minister Margaret Thatcher had died a “painful and degrading" death and that the world was a “better place” now she’d passed away.
Alas for Sgt Scott that he doesn’t read V3, as he may have been aware of the hardline stance taken by the Met against those that posted inappropriate updates on social media sites over the last few years as the perils of social media continue to catch out the unaware.
"These serious cases are relatively rare and we remain vigilant. We will continue to support and train our staff to ensure they are fully aware of our policies on social media use," said Directorate of Professional Standards at the Met, commander Allan Gibson.
Then again, it seem strange someone with such a public position doesn’t stop to think about what they’re writing on social media and whether it could land them in hot water.
Then again, that’s the trouble with social media – it can seem so instant and ephemeral it’s easy to forget everything you say is public, easily disseminated and lives, essentially, forever online.
BlackBerry is facing a tough time in the market and sales figures for its first BB10 device, the Z10, are hardly likely to have the likes of Apple and Samsung worried.
However, the firm is clearly not ready to be walked over by overzealous analysts looking for a headline, after BlackBerry went on the warpath in response to claims Z10 buyers are rushing to return their devices.
According to a report from analyst Detwiler Fenton, quoted by the WSJ, the number of US returns is now outnumbering sales in some cases.
It is something of a first, Detwiler analyst Jeff Johnston told the WSJ. However, the claims have not sat well with those in Canada, and the firm has issued a robust response.
"Return rate statistics show that we are at or below our forecasts and right in line with the industry," fumed BlackBerry boss Thorsten Heins.
"To suggest otherwise is either a gross misreading of the data or a willful manipulation. Such a conclusion is absolutely without basis and BlackBerry will not leave it unchallenged."
BlackBerry got their chief legal officer, Steve Zipperstein, involved, no doubt to underline how seriously they're taking this incident.
"These materially false and misleading comments about device return rates in the United States harm BlackBerry and our shareholders, and we call upon the appropriate authorities in Canada and the United States to conduct an immediate investigation," he said.
"Everyone is entitled to their opinion about the merits of the many competing products in the smartphone industry, but when false statements of material fact are deliberately purveyed for the purpose of influencing the markets a red line has been crossed."
BlackBerry said it would ask the Securities and Exchange Commission and Ontario Securities Commission for a review of the "false and misleading report" as well.
Clearly, BlackBerry is determined to ensure the market knows the firm is here to stay and intends to go on fighting, whether that's against rival manufacturers or the number crunchers.
12 Apr 2013
The Cyber Intelligence Sharing and Protection Act (CISPA) is back again. Rising from the ashes of a failed Senate vote, the bill has found renewed life thanks to the House Intelligence Committee.
Committee members approved the bill by an 18 to two vote. This go-around includes amendments which supporters say resolve issues with the bill.
Of course, opponents once again disagree. Advocacy groups and the White House continue to express alarm over the bill's failure to address privacy concerns.
Opponents' issues with the bill are the same ones they had last year when the original CISPA bill died on the Senate floor. They fear that a lack of governmental oversight will cause defence agencies to use personal user data for the wrong reasons.
The issues remained unresolved because of proponents of CISPA who say the government needs to be able to handle whatever data they do receive with as little bureaucratic interference as possible.
Both sides have their points and both sides will be fighting for a compromise. CISPA, or something like it, will keep cropping up because both the government and private enterprise have too much riding on some sort of data-sharing initiative.
With reports of state-sponsored cyber-attacks on the rise and the constant threat of local hackers, CISPA is an important piece of legislation for the tech lobby.
Unlike SOPA, which didn't have the support of Silicon Valley, CISPA is technology company approved. SOPA was made for the entertainment industry and its bid to fight piracy. CISPA (and new-CISPA) isn't really about piracy. It's about cyber attacks.
The bill lays the ground work so private industry can share cyber-threat intelligence without the possibility of getting sued. With CISPA, Facebook can send data about a local cyber-attack to the DOD so it can be informed and alert other tech companies of the threat.
In its current form, the DOD can also use that data in broad strokes. For example, it can pick up personal information that was received from a Facebook security data dump and use it for non-cyber threat purposes.
New-CISPA discourages that sort of tactic. However, what exactly constitutes a cyber-threat is currently an expansive definition.
The bill is making its rounds to Congress next week. It may get passed their but will most likely fail in the Senate. From that point it will either revive itself with amendments or its ideas will be reinterpreted in another bill.
Some sort of data-sharing act will keep coming and with the right opponents may come out with stronger privacy protections. How a data-sharing bill turns out will be determined by who ends up fighting for and against it.
Over the course of the coming year it will be interesting to see how bills like CISPA evolve. It will be interesting to see how the public debate grows and changes. Theirs no telling how it's going to turn out, but its becoming obvious that it isn't going away.