Flash drives in mobile devices are set to become faster and secure thanks to a new standard signed off by the JEDEC Solid State Technology Association.
eMMC version 5.1, will allow for a new mobile storage that will provide faster access. Flash drives based on eMMC 5.1 can handle 4K streaming and more data-intensive tasks.
Samsung has started making 64GB, 32GB and 16GB drives based on the new standard and is shipping units to customers, but has not said whether those drives will be used in the Galaxy S6 smartphone, which will be announced early next month at the Mobile World Congress trade show.
Samsung’s 64GB eMMC 5.1 has a random read performance of 11,000 IOPS (input/output operations per second) and write performance of 13,000 IOPS, compared to a rough performance of 7,000 IOPS for 64GB drives based on the previous eMMC 5.0 standard.
The speed improvements comes through some cache and data-streaming improvements.
There is also something called Secure Write Protection ensures only specific entities are able to access files and lock or unlock storage.
Google said on its official blog that its Android for Work program will provide improved security and management features for corporations that want to give their employees Android smartphones. Smartphones supported by the new initiative will be able to keep an employee’s work and personal apps separate, and a special Android for Work app will allow businesses to oversee key tools such as email, calendar and contacts.
Google said it is partnering with more than two dozen companies including Blackberry Ltd, Citrix Systems Inc, Box Inc.
Google’s Android software is the world’s most popular mobile operating system, but many corporations, which have significant security and device management requirements, give their employees smartphones made by Blackberry or Apple Inc.
Chinese PC and mobile phone maker Lenovo Group Ltd acknowledged that its website was hacked, its second security blemish days after the U.S. government advised consumers to remove software called “Superfish” pre-installed on its laptops.
Hacking group Lizard Squad claimed credit for the attacks on microblogging service Twitter. Lenovo said attackers breached the domain name system associated with Lenovo and redirected visitors to lenovo.com to another address, while also intercepting internal company emails.
Lizard Squad posted an email exchange between Lenovo employees discussing Superfish. The software was at the center of public uproar in the United States last week when security researchers said they found it allowed hackers to impersonate banking websites and steal users’ credit card information.
In a statement issued in the United States on Wednesday night, Lenovo, the world’s biggest maker of personal computers, said it had restored its site to normal operations after several hours.
“We regret any inconvenience that our users may have if they are not able to access parts of our site at this time,” the company said. “We are actively reviewing our network security and will take appropriate steps to bolster our site and to protect the integrity of our users’ information.”
Lizard Squad has taken credit for several high-profile outages, including attacks that took down Sony Corp’s PlayStation Network and Microsoft Corp’s Xbox Live network last month. Members of the group have not been identified.
Starting 4 p.m. ET on Wednesday, visitors to the Lenovo website saw a slideshow of young people looking into webcams and the song “Breaking Free” from the movie “High School Musical” playing in the background, according to technology publication The Verge, which first reported the breach.
Although consumer data was not likely compromised by the Lizard Squad attack, the breach was the second security-related black eye for Lenovo in a matter of days.
Lenovo and adware maker Superfish were subjected to more legal action as two new lawsuits were filed in California federal courts taking the firms to task for putting consumers at risk of hacker spying and information theft.
The two complaints — the second and third since the China-based computer OEM (original equipment manufacturer) admitted it had pre-loaded adware on its consumer PCs in the second half of 2014 — named both Lenovo and Superfish, and each lawsuit requested class-action status so that others could join the case.
Last week’s first lawsuit covered much of the same ground as the two lodged Monday.
David Hunter of North Carolina, the plaintiff in one of the lawsuits, alleged that Lenovo and Superfish violated the U.S. Electronic Communications Privacy Act and other laws, and asked that the court force the firms to surrender any revenue generated by the sale of consumers’ browsing data and monies earned from the advertising produced by the adware.
Hunter said he bought a Lenovo Y50 laptop — one of dozens of models Lenovo said it had pre-installed Superfish on from September through December 2014 — via the OEM’s website in October.
In the second complaint, filed by Sterling International Consulting Group (SICG) of Statesville, NC, Lenovo and Superfish were charged with breaking the U.S. Wiretapping Act, state and federal anti-fraud regulations and other laws.
Of the two new complaints, Hunter’s was the more interesting as it relied not only on press reports about Superfish’s vulnerability and Lenovo’s actions both before and after last week’s explosion of information, but also dug a bit deeper and offered insights into the adware’s operation.
Lenovo today declined to respond to the new lawsuits, with its head of corporate communications, Brion Tingler, saying, “We do not comment on pending legal matters,” in an email.
Superfish also declined comment on the lawsuits’ specifics, like Lenovo citing the pending litigation. But in a statement, company CEO Adi Pinhas said, “Superfish takes these matters seriously and is reviewing the allegations in the complaints.”
Nearly half of all security breaches come from vulnerabilities that are between two and four years old, according to this year’s HP Cyber Risk Report entitled The Past Is Prologue.
The annual report found that the most prevalent problems came as a result of server misconfiguration, and that the primary causes of commonly exploited software vulnerabilities are defects, bugs and logic flaws.
But perhaps most disturbing of all was the news that Internet of Things (IoT) devices and mobile malware have introduced a significant extra security risk.
The entire top 10 vulnerabilities exposed in 2014 came from code written years, and in some cases decades, previously.
The news comes in the same week that HP took a swipe at rival Lenovo for knowingly putting Superfish adware into its machines.
“Many of the biggest security risks are issues we’ve known about for decades, leaving organisations unnecessarily exposed,” said Art Gilliland, senior vice president and general manager for enterprise security products at HP.
“We can’t lose sight of defending against these known vulnerabilities by entrusting security to the next silver bullet technology. Rather, organisations must employ fundamental security tactics to address known vulnerabilities and, in turn, eliminate significant amounts of risk.”
The main recommendations of report are that network administrators should employ a comprehensive and timely patching strategy, perform regular penetration testing and variation of configurations, keep equipment up to date to mitigate risk, share collaboration and threat intelligence, and use complementary protection strategies.
The threat to security from the IoT is already well documented by HP, which released a study last summer revealing that 90 percent of IoT devices take at least one item of personal data and 60 percent are vulnerable to common security breaches.
The new alert pops up in Chrome when a user aims the browser at a suspect site but before the domain is displayed. “The site ahead contains harmful programs,” the warning states.
Google emphasized tricksters that “harm your browsing experience,” and cited those that silently change the home page or drop unwanted ads onto pages in the warning’s text.
The company has long focused on those categories, and for obvious, if unstated, reasons. It would prefer that people — much less, shifty software — not alter the Chrome home page, which features the Google search engine, the Mountain View, Calif. firm’s primary revenue generator. Likewise, the last thing Google wants is to have adware, especially the most irritating, turn off everyone to all online advertising.
The new alert is only the latest in a line of warnings and more draconian moves Google has made since mid-2011, when the browser began blocking malware downloads. Google has gradually enhanced Chrome’s alert feature by expanding the download warnings to detect a wider range of malicious or deceitful programs, and using more assertive language in the alerts.
In January 2014, for example, Chrome 32 added threats that posed as legitimate software and tweaked with the browser’s settings to the unwanted list.
The browser’s malware blocking and suspect site warnings come from Google’s Safe Browsing API (application programming interface) and service; Apple’s Safari and Mozilla’s Firefox also access parts of the API to warn their users of potentially dangerous websites.
Chrome 40, the browser’s current most-polished version, can be downloaded for Windows, OS X and Linux from Google’s website.
A proposed class-action lawsuit was filed late last week against Lenovo and Superfish, charging both companies with “fraudulent” business practices and of making Lenovo PCs vulnerable to malware and malicious attacks by pre-loading the adware.
Plaintiff Jessica Bennett said her laptop was damaged as a result of Superfish, which was called “spyware” in court documents. She also accused Lenovo and Superfish of invading her privacy and making money by studying her Internet browsing habits.
The lawsuit was filed after Lenovo admitted to pre-loading Superfish on some consumer PCs. The laptops affected by Superfish include non-ThinkPad models such as G Series, U Series, Y Series, Z Series, S Series, Flex, Miix, Yoga and E Series.
Lenovo has since issued fixes to remove Superfish applications and certificates from PCs. Microsoft’s Windows Defender and McAfee’s security application also remove Superfish since Friday.
Lenovo earlier admitted it “messed up” by preloading Superfish on computers. The software plugs product recommendations into search results, but can hijack connections and open major security holes, thus leaving computers vulnerable to malicious attacks.
The first complaints of Superfish on Lenovo’s laptops emerged in September last year, but it became a real security issue when a hacker Marc Rogers pointed it out in a blog post.
Bennett, a blogger, purchased a Yoga 2 laptop to conduct business and communicate with clients. She noticed “spam advertisements involving scantily clad women” appearing on her client’s website when writing a blog post for the customer. After seeing pop-ups on other websites, she assumed her computer had spyware or had been hacked, but then scoured the forums to notice similar behavior on other Lenovo laptops. She then rooted out the problem to be Superfish, which could intercept secure communication and leave computers vulnerable.
Superfish also used memory resources and took up Internet bandwidth, according to the court document.
Damages from Lenovo and Superfish are being sought as part of the lawsuit filed in the U.S. District Court for the Southern District of California.
A federal judge has dismissed an antitrust lawsuit that alleged Google harmed consumers by forcing Android mobile phone makers to use its apps by default. The plaintiffs were given three weeks to amend their complaint.
The two consumers who filed the suit failed to show that Google’s allegedly illegal restrictive contracts on manufacturers of Android devices resulted in higher prices on phones, U.S. District Judge Beth Labson Freeman said in a Feb. 20 ruling.
The complainants, who were seeking class-action status for the lawsuit, said that Google required manufacturers, including Samsung Electronics, to set the search giant’s own apps as default options on Android-based phones, restricting access to competing software such as Microsoft’s Bing search engine. The complaint alleged that this practice limited competition in the search engine market, stifled innovation and resulted in higher prices for phones.
But Freeman ruled that the complainants failed to establish a link between software requirements and phone pricing, also noting that “there are no facts alleged to indicate that defendant’s conduct has prevented consumers from freely choosing among search products or prevented competitors from innovating.”
She gave the plaintiffs three weeks to amend the antitrust complaint, filed in U.S. District Court, Northern District of California.
Gemalto said its initial investigations into a reports that U.S. and British spies had gained unauthorized access to it systems showed its products were secure and it thus did not expect a significant financial impact.
Gemalto’s shares fell sharply late last week after news website Intercept reported a hack by the U.S. National Security Agency (NSA) and Britain’s Government Communications Headquarters (GCHQ).
The hack into the world’s biggest maker of phone SIM cards allowed the spies to potentially monitor the calls, texts and emails of billions of mobile users around the world, the investigative news website reported.
Gemalto said it would communicate on the results of its investigations on Wednesday, Feb. 25 through a press release and a press conference that will be held in Paris at 0930 GMT.
Gemalto makes smart chips for mobile phones, bank cards and biometric passports and counts Verizon, AT&T Inc and Vodafone among its 450 wireless network provider customers around the world.
Security vendor AVG has spotted a malicious program that fakes the sequence a user sees when they shut off their phone, giving it freedom to move around on the device and steal data.
When someone presses the power button on a device, a fake dialog box is shown. The malware then mimics the shutdown animation and appears to be off, AVG’s mobile malware research team said in a blog post.
“Although the screen is black, it is still on,” they said. “While the phone is in this state, the malware can make outgoing calls, take pictures and perform many other tasks without notifying the user.”
The malware requires an Android device to be “rooted,” or modified to allow deep access to its software. That may eliminate a lot of Android owners who don’t modify their phones.
But some vendors of Android phones ship their devices with that level of access, potentially making it easier for the malware to get onto a device.
This malware is unlikely to show up in Google’s Play Store, since Google tries to block applications that have malicious functions. But it could be a candidate for one of the many third-party app stores with looser restrictions.
A year and a half ago, Apple Inc applied for eight patents related to car batteries. Recently, it has added a slew of engineers, just one of whom had already filed for 17 in his former career, according to a Thomson Reuters.
The recent spate of hires and patent filings shows that Apple is fast building its industrial lithium-ion battery capabilities, adding to evidence the iPhone maker may be developing a car.
Quiet, clean electric cars are viewed in Silicon Valley and elsewhere as a promising technology for the future, but high costs and “range anxiety”, the concern that batteries will run out of power and cannot be recharged quickly, remain obstacles. Those challenges could also be seen as opportunities to find solutions to take the technology mainstream.
The number of auto-related patents filed by Apple, Google Inc, Korea’s Samsung, electric carmaker Tesla Motors Inc and ride-sharing startup Uber tripled from 2011 to 2014, according to an analysis by Thomson Reuters IP & Science of public patent filings.
Apple has filed far fewer of these patents than rivals, perhaps adding impetus to its recent hiring binge as it seeks to get up to speed in battery technologies and other car-building related expertise.
As of 18 months ago, Apple had filed for 290 such patents. By contrast, Samsung, which has been providing electric vehicle batteries for some years, had close to 900 filings involving auto battery technology alone.
The U.S. government makes patent applications public only after 18 months, so the figures do not reflect any patents filed in 2014.
Earlier this month, battery maker A123 Systems sued Apple for poaching five top engineers. A search of LinkedIn profiles indicates Apple has hired at least another seven A123 employees and at least 18 employees from Tesla since 2012.
The former A123 employees have expertise primarily in battery cell design, materials development and manufacturing engineering, according to the LinkedIn profiles and an analysis of patent applications.
A123, which filed for bankruptcy in 2012 but has since reorganized, supplied batteries for Fisker Automotive’s now-discontinued hybrid electric car.
“Looking at the people Apple is hiring from A123 and their backgrounds, it is hard not to assume they’re working on an electric car,” said Tom Gage, Chief Executive of EV Grid and a longtime expert in batteries and battery technology.
Apple is building its own battery division, according to the A123 lawsuit. Apple did not immediately respond to a request for comment.
Microsoft will double the per-PC price of support for enterprises still holding onto Windows XP systems when the anniversary of the aged OS’s retirement rolls around in April, according to a licensing expert familiar with the situation.
The per-PC price for what Microsoft calls “custom support agreements” (CSAs) will increase to $400, the expert said after requesting anonymity.
CSAs provide critical security updates for an operating system that’s been officially retired, as Windows XP was on April 8, 2014. CSAs are negotiated on a company-by-company basis and also require that an organization has adopted a top-tier support plan, dubbed Premier Support, offered by Microsoft.
The CSA failsafe lets companies pay for security patches beyond the normal support lifespan while they finish their migrations to newer editions of Windows. Most enterprises have shifted — and are continuing to do so — to Windows 7 rather than adopt Windows 8.1.
Last year, just days before Microsoft retired Windows XP, the company slashed the price of CSAs to $200-per-device with a cap of $250,000.
Because a CSA is an annual-only program — and Microsoft limits each organization to just three years of post-retirement support — agreements must be renewed each year. The first renewals come due in less than two months.
Ideally, companies that signed up for a CSA last year will have retired large numbers of Windows XP machines in the interim. If a firm reduced the number of Windows XP PCs by half, it will pay the same as last year if it renews the agreement at the higher per-device price.
It’s difficult to gauge the persistence of Windows XP in commercial settings, but the operating system, which debuted in 2001, continues to appear in analytics firms’ tracking.
According to U.S.-based Net Applications, for example, the global user share of XP stood at 20.7% of all Windows-powered PCs in January, representing more than 300 million machines. Meanwhile, Irish metrics company StatCounter pegged XP’s usage share at 12% for January.
Mobile payments have been slow to catch on in the United States and elsewhere, despite strong backing. Apple, Google, and eBay Inc’s PayPal have all launched services to allow users to pay in stores via smartphones.
The weak uptake is partly because many retailers have been reluctant to adopt the hardware and software infrastructure required for these new mobile payment options to work. These services also fail to offer much more convenience than simply swiping a credit card, Samsung executives said on Wednesday.
LoopPay’s technology differs because it works off existing magnetic-stripe card readers at checkout, changing them into contactless receivers, they said. About 90 percent of checkout counters already support magnetic swiping.
“If you can’t solve the problem of merchant acceptance…, of being able to use the vast majority of your cards, then it can’t really be your wallet,” said David Eun, head of Samsung’s Global Innovation Center.
Injong Rhee, who is leading Samsung’s as-yet-unannounced payments project, said the Asian giant will soon reveal more details of its envisioned service. He would not be drawn on speculation the company may do so during the Mobile World Congress in Barcelona.
He said new phones such as the upcoming, latest Galaxy would support the service.
Apple Pay, launched in September, allows iPhone users to pay at the tap of a button. Executives have lauded its rapid rollout so far, including the fact that more than 2,000 banks now support it and the U.S. government will accept Apple Pay later this year.
But Apple Pay requires retailers to install near-field communication and some have been reluctant. In addition, many retailers such as Wal-Mart Stores Inc and CVS Health Corp, back their own system, CurrentC.
Samsung had invested in LoopPay, along with Visa Inc and Synchrony Financial, before its acquisition. Terms of the deal, which Samsung negotiated over several months, were not disclosed.
It’s unclear how else Samsung could differentiate its service versus Apple’s or other rivals.
Cable TV and internet service provider Cox Communications Inc, working alongside the Cleveland Clinic medical center announced a new venture to develop in-home healthcare services, stepping into a market that is poised to grow as medical care goes digital.
The joint venture in Atlanta called Vivre Health is designed to help Cox expand its reach into healthcare beyond its current services such as providing broadband for hospitals.
The plan is to foster in-home monitoring and treatment, such as video consultation via broadband and home use of equipment to monitor and manage recovery from surgery, Cox executives said. That could cut down on costly in-person visits to doctors and hospitals.
The Cleveland Clinic, a world-renowned academic medical center based in Ohio, will offer expertise to help create new services for patients.
Cox also made an investment in HealthSpot, a company that provides walk-in kiosks where patients can interact with doctors through videoconferencing and take measurements with medical equipment such as blood pressure cuffs. The kiosks are being tested in several states at pharmacies and retailers. The amount of the investment was not disclosed.
“Home health is an area that will see tremendous growth over time,” Asheesh Saksena, chief strategy officer for Cox Communications, said in an interview. “It will require more and more broadband capability.”
Cable TV providers such as Cox are seeking new revenue in areas such as healthcare and home security as their traditional business of selling TV services to residential clients matures.
Cox, the third-largest broadband and cable provider in the United States with about 6 million customers, already provides Internet and other capabilities to hospitals as part of its business services.
Healthcare customers represent about 10 percent of Cox’s business services clients. Business services are the company’s biggest growth engine with more than $1.8 billion in annual revenue.
With its investment in HealthSpot, Cox hopes to get patients used to the idea that they do not always have to visit a doctor, clinic or hospital for treatment.
The Raspberry Pi Foundation has announced that its pint-sized computer has now sold a whopping five million units.
The announcement came via Twitter, where the official Raspberry Pi account boasted that the five million milestone makes it the big-selling computer manufacturer in the UK of all time.
Just confirmed the big news we’ve all been waiting for: we’ve now sold more than 5 million Raspberry Pis.
— Raspberry Pi (@Raspberry_Pi) February 17, 2015
We think that this means that in just under 3 years, we’ve gone from zero to being the biggest selling UK computer manufacturer ever. Yowza.
— Raspberry Pi (@Raspberry_Pi) February 17, 2015
This comes just two weeks after the firm announced sales of 4.5 million Raspberry Pi computers, suggesting that its latest model, the Raspberry Pi 2 Model B, has proved popular since it went on sale on 2 February.
Raspberry Pi said previously that it aims to ship three million units of the new model within 12 months, and Tuesday’s announcement suggests that it’s on track to smash that target.
The firm has yet to announce exactly how many Raspberry Pi 2 models have shipped, but we are likely to hear official figures in the next few weeks.
The second-generation device was unveiled at the beginning of this month, improving on the original Raspberry Pi with 1GB RAM and support for Microsoft’s Windows 10 operating system.
It also boasts expanded GPIO pins and advanced power management and connectivity, making it possible to connect up to four USB devices, including powered devices such as hard drives.