Subscribe to:

Subscribe to :: TheGuruReview.net ::

Microsoft Updates Office Online

April 16, 2014 by mphillips  
Filed under Computing

Microsoft is updating its Web-based Office Online suite, closing the features gap with the main Office 365 and Office 2013 suites installed on users’ devices.

“We know you want features that allow you to move as seamlessly as possible between Office Online and the desktop,” wrote Kaberi Chowdhury, an Office Online technical product manager, in a blog post Monday.

Improvements to Excel Online include the ability to insert new comments, edit and delete existing comments, and properly open and edit spreadsheets that contain Visual Basic for Applications (VBA) code.

Meanwhile, Word Online has a new “pane” where users can see all comments in a document, and reply to them or mark them as completed. It also has a refined lists feature that is better able to recognize whether users are continuing a list or starting one. In addition, footnotes and end notes can now be added more conveniently inline.

PowerPoint Online has a revamped text editor that offers a layout view that more closely resembles the look of finished slides, according to Microsoft. It also has improved performance and video functionality, including the ability to play back embedded YouTube videos.

For users of OneNote Online, Microsoft is now adding the ability to print out the notes they’ve created with the application.

Microsoft is also making Word Online, PowerPoint Online and OneNote Online available via Google’s Chrome Web Store so that Chrome browser users can add them to their Chrome App launcher. Excel Online will be added later.

The improvements in Office Online will be rolled out to users this week, starting Monday.

Office Online, which used to be called Office Web Apps, competes directly against Google Docs and other browser-based office productivity suites. It’s meant to offer users a free, lightweight, Web-based version of these four applications if they don’t have the desktop editions on the device they’re using at that moment.

 

Google Reveals Email Scanning Practices In Revised Terms Of Service

April 16, 2014 by mphillips  
Filed under Around The Net

Google Inc updated its terms of service earlier this week, informing users that their incoming and outgoing emails are automatically analyzed by software to create targeted ads.

The revisions more explicitly spell out the manner in which Google software scans users’ emails, both when messages are stored on Google’s servers and when they are in transit, a controversial practice that has been at the heart of litigation.

Last month, a U.S. judge decided not to combine several lawsuits that accused Google of violating the privacy rights of hundreds of millions of email users into a single class action.

Users of Google’s Gmail email service have accused the company of violating federal and state privacy and wiretapping laws by scanning their messages so it could compile secret profiles and target advertising. Google has argued that users implicitly consented to its activity, recognizing it as part of the email delivery process.

Google spokesman Matt Kallman said in a statement that the changes “will give people even greater clarity and are based on feedback we’ve received over the last few months.”

Google’s updated terms of service added a paragraph stating that “our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.

 

Mt. Gox Founder Refuses To Appear In U.S. Regarding Bankruptcy

April 16, 2014 by mphillips  
Filed under Around The Net

Mark Karpeles, the founder of Mt. Gox, has refused to come to the United States to answer questions about the Japanese bitcoin exchange’s U.S. bankruptcy case, Mt. Gox lawyers told a federal judge on Monday.

In the court filing, Mt. Gox lawyers cited a subpoena from the U.S. Department of Treasury’s Financial Crimes Enforcement Network, which has closely monitored virtualcurrencies like bitcoin.

“Mr. Karpeles is now in the process of obtaining counsel to represent him with respect to the FinCEN Subpoena. Until such time as counsel is retained and has an opportunity to ‘get up to speed’ and advise Mr. Karpeles, he is not willing to travel to the U.S.”, the filing said.

The subpoena requires Karpeles to appear and provide testimony in Washington, D.C., on Friday.

The court papers also said a Japanese court had been informed of the issue and that a hearing was scheduled on Tuesday in Japan.

Bitcoin is a digital currency that, unlike conventional money, is bought and sold on a peer-to-peer network independent of central control. Its value has soared in the last year, and the total worth of bit coins minted is now about $7 billion.

Mt. Gox, once the world’s biggest bitcoin exchange, filed for bankruptcy protection in Japan last month, saying it may have lost nearly half a billion dollars worth of the virtual coins due to hacking into its computer system.

According to Monday’s court filings, the subpoena did not specify topics for discussion.

In the court filings, Karpelès’ lawyers asked the court to delay the bankruptcy deposition to May 5, 2014 but said that Mt. Gox could not guarantee that Karpeles would attend that either.

 

Are Deep Discounts Good For Gaming?

April 16, 2014 by Michael  
Filed under Gaming

Double Fine has warned indies of the dangers of devaluing their products, citing its new publishing initiative as a way of protecting against that outcome.

In an interview with USgamer, COO Justin Bailey expressed concern over the harmful side-effects of low price-points and deep discounting for indie games. By giving away too much for too little, he warned, indie developers could reach a similar situation as that found in the casual market.

“I think what indies really need to watch out for is not becoming the new casual games,” he said. “I don’t think that’s a problem from the development side. Indies are approaching it as an artform and they’re trying to be innovative, but what’s happening in the marketplace is indies are being pushed more and more to have a lower price or have a bunch of games bundled together.”

Double Fine is publishing MagicalTimeBean’s Escape Goat 2, the first occasion it has assisted another developer in that way, and it won’t be the last. According to Bailey, what seems to be a purely business decision on the surface has a strong altruistic undercurrent.

“Double Fine wants to keep indies premium. You see that in our own games and how we’re positioning them. We fight the urge to just completely drop the price. That’s one of the things we want to encourage in this program. Getting people to stick to a premium price point and to the platforms that allow you to do that.”

“We’re not looking to replace… we’re trying to augment the system,” he replies. “We’re making small strides right now. Costume Quest 2 is a high-budget game. It’s one that I thought it was best to have a publishing partner who can also spend some marketing funds around it.”

Double Fine is not the first developer to express concern over the tendency among indies to drastically lower prices.

In January, Jason Rohrer published an article imploring developers to consider the loyal fans who buy their games full-price only to see them on sale at a huge discount just a few weeks or months later. Last month, Positech Games’ Cliff Harris went further, suggesting that low price-points actually change the way players see and interact with the games they purchase.

Courtesy-GI.biz

 

Intel Shows Off New Hybrid Laptop Geared Towards Schools

April 15, 2014 by mphillips  
Filed under Computing

Intel unveiled a laptop-tablet hybrid with Windows 8.1 for the education market, where Chromebooks and tablets are also vying for customers.

The Intel Education 2-in-1 hybrid has a 10.1-inch screen that can detach from a keyboard base to turn into a tablet. Intel makes reference designs, which are then replicated by device makers and sold to educational institutions.

The 2-in-1 has a quad-core Intel Atom processor Z3740D, which is based on the Bay Trail architecture. The battery lasts about eight hours in tablet mode, and three more hours when docked with the keyboard base, which has a second battery.

Intel did not immediately return requests for comment on the estimated price for the hybrid or when it would become available.

Education is a hotly contested market among computer makers, as Apple pushes its iPads and MacBooks while PC makers like Dell, Hewlett-Packard and Lenovo hawk their Chromebooks.

Some features in the Intel 2-in-1 are drawn from the company’s Education tablets, which also run on Atom processors, but have the Android OS.

The 2-in-1 hybrid has front-facing and rear-facing cameras, and a snap-on magnification lens that allows students to examine items at a microscopic level.

The computer can withstand a drop of 70 centimeters, a feature added as protection for instances in which children mishandle laptops and let them fall. The keyboard base also has a handle.

The screen can be swiveled and placed on the keyboard, giving it the capability of a classic convertible laptop. This feature has been drawn from Intel’s Classmate series of education laptops.

The 2-in-1 has software intended to make learning easier, including tools for the arts and science. Intel’s Kno app provides access to 225,000 books. Typically, some of the books available via Kno are free, while others are fee-based.

 

 

BlackBerry Plans To Release Patch For ‘Heartbleed’ Vulnerability

April 15, 2014 by mphillips  
Filed under Mobile

BlackBerry Ltd said it will release security updates for messaging software for Android and iOS devices by Friday to address vulnerabilities in programs related to the “Heartbleed” security threat.

Researchers last week warned they uncovered Heartbleed, a bug that targets the OpenSSL software commonly used to keep data secure, potentially allowing hackers to steal massive troves of information without leaving a trace.

Security experts initially told companies to focus on securing vulnerable websites, but have since warned about threats to technology used in data centers and on mobile devices running Google Inc’s Android software and Apple Inc’s iOS software.

Scott Totzke, BlackBerry senior vice president, told Reuters on Sunday that while the bulk of BlackBerry products do not use the vulnerable software, the company does need to update two widely used products: Secure Work Space corporate email and BBM messaging program for Android and iOS.

He said they are vulnerable to attacks by hackers if they gain access to those apps through either WiFi connections or carrier networks.

Still, he said, “The level of risk here is extremely small,” because BlackBerry’s security technology would make it difficult for a hacker to succeed in gaining data through an attack.

“It’s a very complex attack that has to be timed in a very small window,” he said, adding that it was safe to continue using those apps before an update is issued.

Google spokesman Christopher Katsaros declined comment. Officials with Apple could not be reached.

Security experts say that other mobile apps are also likely vulnerable because they use OpenSSL code.

Michael Shaulov, chief executive of Lacoon Mobile Security, said he suspects that apps that compete with BlackBerry in an area known as mobile device management are also susceptible to attack because they, too, typically use OpenSSL code.

He said mobile app developers have time to figure out which products are vulnerable and fix them.

“It will take the hackers a couple of weeks or even a month to move from ‘proof of concept’ to being able to exploit devices,” said Shaulov.

Technology firms and the U.S. government are taking the threat extremely seriously. Federal officials warned banks and other businesses on Friday to be on alert for hackers seeking to steal data exposed by the Heartbleed bug.

Companies including Cisco Systems Inc, Hewlett-Packard Co, International Business Machines Corp, Intel Corp, Juniper Networks Inc, Oracle Corp Red Hat Inc have warned customers they may be at risk. Some updates are out, while others, like BlackBerry, are rushing to get them ready.

 

Wi-Fi Problems Plague Apple-Samsung Trial

April 15, 2014 by mphillips  
Filed under Around The Net

There’s a new sign on the door to Courtroom 1 at the federal courthouse in San Jose, the location of the Apple v. Samsung battle that’s playing out this month: “Please turn off all cell phones.”

For a trial that centers on smartphones and the technology they use, it’s more than a little ironic. The entire case might not even be taking place if the market wasn’t so big and important, but the constant need for connectivity of everyone is causing problems in the court, hence the new sign.

The problems have centered on the system that displays the court reporter’s real-time transcription onto monitors on the desks of Judge Lucy Koh, the presiding judge in the case, and the lawyers of Apple and Samsung. The system, it seems, is connected via Wi-Fi and that connection keeps failing.

“We have a problem,” Judge Koh told the courtroom on April 4, soon after the problem first appeared. Without the system, Koh said she couldn’t do her job, so if people didn’t shut off electronics, she might have to ban them from the courtroom.

In many other courts, electronic devices are routinely banned, but the Northern District of California and Judge Koh have embraced technology more than most. While reporters and spectators are limited to a pen and paper in courts across the country, the court here permits live coverage through laptops and even provides a free Wi-Fi network.

On Monday, the problems continued and Judge Koh again asked for all cellphones to be switched off.

But not everyone listened. A scan of the courtroom revealed at least one hotspot hadn’t been switched off: It was an SK Telecom roaming device from South Korea, likely used by a member of Samsung’s team.

The hotspot was switched off by the end of the day, but on Tuesday there were more problems.

“You. Ma’am. You in the front row,” Judge Koh said sternly during a break. She’d spotted an Apple staffer using her phone and made the culprit stand, give her name and verbally agree not to use the handset again in court.

As a result of all the problems, lawyers for Apple and Samsung jointly suggested using a scheduled two-day break in the case to hardwire the transcription computers to the court’s network.

The cable wasn’t installed.

“I believe there were some issues, We’re attempting to install it,” one of the attorneys told IDG News Service during the court lunch break.

So for now, the problems continue.

The clerk opened the day with an appeal to switch phones off, “not even airplane mode.”

That still didn’t help.

The transcription screens failed at 9:09 a.m., just minutes into the first session of the morning.

 

IRS Missed Windows XP Deadline, To Pay Microsoft Millions

April 14, 2014 by mphillips  
Filed under Computing

The U.S. Internal Revenue Service (IRS) confirmed that it missed the April 8 cut-off for Windows XP support, and will be shelling out Microsoft millions for an extra year of security patches.

Microsoft terminated Windows XP support on Tuesday when it shipped the final public patches for the nearly-13-year-old operating system. Without patches for vulnerabilities discovered in the future, XP systems will be at risk from cyber criminals who hijack the machines and plant malware on them.

During an IRS budget hearing Monday before the House Financial Services and General Government subcommittee, the chairman, Rep. Ander Crenshaw (R-Fla.) wondered why the agency had not wrapped up its Windows XP-to-Windows 7 move.

“Now we find out that you’ve been struggling to come up with $30 million to finish migrating to Windows 7, even though Microsoft announced in 2008 that it would stop supporting Windows XP past 2014,” Crenshaw said at the hearing. “I know you probably wish you’d already done that.”

According to the IRS, it has approximately 110,000 Windows-powered desktops and notebooks. Of those, 52,000, or about 47%, have been upgraded to Windows 7. The remainder continue to run the aged, now retired, XP.

John Koskinen, the commissioner of the IRS, defended the unfinished migration, saying that his agency had $300 million worth of IT improvements on hold because of budget issues. One of those was the XP-to-7 migration.

“You’re exactly right,” Koskinen said of Crenshaw’s point that everyone had fair warning of XP’s retirement. “It’s been some time where people knew Windows XP was going to disappear.”

But he stressed that the migration had to continue. “Windows XP will no longer be serviced, so we are very concerned if we don’t complete that work we’re going to have an unstable environment in terms of security,” Koskinen said.

According to Crenshaw, the IRS had previously said it would take $30 million out of its enforcement budget to finish the migration.

Part of that $30 million will be payment to Microsoft for what the Redmond, Wash. developer calls “Custom Support,” the label for a program that provides patches for critical vulnerabilities in a retired operating system.

Analysts noted earlier this year that Microsoft had dramatically raised prices for Custom Support, which previously had been capped at $200,000 per customer for the first year. Instead, Microsoft negotiates each contract separately, asking for an average of $200 per PC for the first year of Custom Support.

Using that average — and the number of PCs the IRS admitted were still running XP — the IRS would pay Microsoft $11.6 million for one year of Custom Support.

The remaining $18.4 million would presumably be used to purchase new PCs to replace the oldest ones running XP. If all 58,000 remaining PCs were swapped for newer devices, the IRS would be spending an average of $317 per system.

 

 

Amazon Rumored To Launch Smartphone In Time For Christmas Season

April 14, 2014 by mphillips  
Filed under Mobile

Amazon.com Inc is making plans to unveil its long-rumored smartphone in the second half of the year, the Wall Street Journal reported on Friday, citing people briefed on the company’s plans.

The Internet retailer would jump into a crowded market dominated by Apple Inc and Samsung Electronics Co Ltd.

The company has recently been demonstrating versions of the handset to developers in San Francisco and Seattle. It intends to announce the device in June and ship to stores around the end of September, the newspaper cited the unidentified sources as saying.

Amazon has made great strides into the hardware arena as it seeks to boost sales of digital content and puts its online store in front of more users. Amazon recently launched its $99 Fire TV video-streaming box and its Kindle e-readers and Fire tablets already command respectable U.S. market share after just a few years on the market.

Rumors of an Amazon-designed smartphone have circulated for years, though executives have previously played down ambitions to leap into a heavily competitive and increasingly saturated market.

Apple and Samsung, which once accounted for the lion’s share of the smartphone market, are struggling to maintain margins as new entrants such as Huawei and Lenovo target the lower-income segment.

To stand out from the crowd, Amazon intends to equip its phones with screens that display three-dimensional images without a need for special glasses, the Journal said.

Amazon officials were not immediately available for comment.

 

HP To Shell Out $108M In Corruption And Bribery Case

April 11, 2014 by mphillips  
Filed under Around The Net

Hewlett-Packard will pay $108 million in penalties after subsidiaries in Russia, Poland and Mexico were found to have given out bribes to gain business, the U.S. Department of Justice said.

An international subsidiary of HP has agreed to plead guilty to violating the U.S. Foreign Corrupt Practices Act and admit to its role in bribing Russian officials to secure a big contract there, the U.S. Department of Justice said.

The U.S. is also entering into “criminal resolutions” with HP subsidiaries in Poland and Mexico, relating to contracts with Poland’s national police agency and Mexico’s state-owned petroleum company, the DOJ said.

The HP entities will pay a total of $77 million in criminal penalties and forfeiture related to those dealings. HP has also reached a deal with the U.S. Securities and Exchange Commission that will cost it a further $31 million.

The subsidiaries created a “slush fund” for bribe payments and set up “an intricate web of shell companies and bank accounts” to launder money, Deputy Assistant Attorney General Bruce Swartz said in a statement.

HP said it had cooperated with the investigations.

“The misconduct described in the settlement was limited to a small number of people who are no longer employed by the company,” John Schultz, HP’s general counsel, said in a statement.

The investigation had been ongoing for some time, and HP said last month it was close to resolving the matter.

The Russian dealings date back to 1999, when the government there announced a project to automate the IT systems at the Office of the Prosecutor General of the Russian Federation — essentially Russia’s equivalent of the DOJ.

The project was worth more than $100 million, and employees at HP Russia structured the deal to include a fund of several million dollars, at least part of which was intended as bribes for Russian officials, the DOJ said.

The DOJ acknowledged HP’s “extensive cooperation,” and HP said it would set up certain compliance and reporting programs.

It’s not the only company to have run into trouble doing business overseas. IBM and Oracle in the past have also reported potential violations of the Foreign Corrupt Practices Act.

 

Can AMD’s A1 Challenge Intel’s Bay Trail?

April 11, 2014 by Michael  
Filed under Computing

AMD has released its first “system in a socket” single accelerated processor unit (APU) that aims to reduce the cost of entry-level PCs.

Based on the firm’s Kabini system on chip (SoC), the APU is named the “AM1 Platform”, combining most system functions into one chip, with the motherboard and APU together costing around between $39 and $59.

Launched at the beginning of March and released today in North America, AMD’s AM1 Platform is aimed at markets where entry-level PCs are competing against other low-cost devices.

“We’re seeing that the market for these lower-cost PCs is increasing,” said AMD desktop product marketing manager Adam Kozak. “We’re also seeing other devices out there trying to fill that gap, but there’s really a big difference between what these devices can do versus what a Windows PC can do.”

The AM1 Platform combines an Athlon or Sempron processor with a motherboard based on the FS1b upgradable socket design. These motherboards have no chipset, as all functions are integrated into the APU, and only require additional memory modules to make a working system.

The AM1 SoC has up to four Jaguar CPU cores and an AMD Graphics Core Next (GCN) GPU, an on-chip memory controller supporting up to 16GB of DDR3-1600 RAM, plus all the typical system input and output functions, including SATA ports for storage, USB 2.0 and USB 3.0 ports, as well as VGA and HDMI graphics outputs.

AMD’s Jaguar core is best known for powering both Microsoft’s Xbox One and Sony’s Playstation 4 (PS4) games consoles. The AM1 Platform supports Windows XP, Windows 7 and Windows 8.1 in 32-bit or 64-bit architectures.

AMD said that it is going after Intel’s Bay Trail with the AM1 Platform, and expects to see it in small form factor desktop PCs such as netbooks and media-streaming boxes.

“We see it being used for basic computing, some light productivity and basic gaming, and really going after the Windows 8.1 environment with its four cores, which we’ll be able to offer for less,” Kozak added.

AMD benchmarked the AM1 Platform against an Intel Pentium J2850 with PC Mark 8 v2 and claimed it produced double the performance of the Intel processor. See the table below.

The FS1b upgradable socket means that users will be able to upgrade the system at a later date, while in Bay Trail and other low-cost platforms the processor is mounted directly to the motherboard.

AMD lifted the lid on its Kabini APU for tablets and mainstream laptops last May. AMD’s A series branded Kabini chips are quad-core processors, with the 15W A4-5000 and 25W A6-5200 clocked at 1.5GHz and 2GHz, respectively.

Courtesy-TheInq

Are Cyber-crimes Taxing Security Vendors?

April 11, 2014 by Michael  
Filed under Computing

A surge in cybercrime is forcing security vendors to release security updates every 40 minutes, according to security firm Symantec.

Senior manager for Symantec Security Response, Orla Cox, reported the development during a briefing attended by The INQUIRER.

“We’re seeing more sophisticated attacks than ever before and people want security,” she said. “Nowadays we are rolling out virus signature upgrades around every 40-50 minutes. They are rapid response upgrades that go through partial vetting. We then follow them up with three upgrades per day that are fully certified.”

Cox said Symantec began rolling out the rapid updates to help mitigate the growing number of malware variants and active cyber campaigns targeting its customers.

“It’s been about shaving off minutes for the last couple of years. If you came to us a few years ago it was one [update] and before that it would have taken hours. The rapid updates are for people that need a rapid response, like those suffering an infection.”

She said Symantec blocked 568,700 web attacks on its customers and detected a massive 1.6 million malware variants per day in 2013. But despite helping customers, Cox said the company’s rapid update cycle has increased the risk of pushing out an update with a false positive signature.

“The biggest quality issue we face is the danger of false positive definitions. There’s a risk of detecting something clean as malicious, that’s the big no no in our industry, so it’s as much about building definitions libraries about legit files as malicious,” she said.

False positives are updates from security providers that list legitimate files as malware and block them from running. In the past the faulty updates have caused damage to many companies. In 2013, Malwarebytes crippled thousands of its customers’ machines when it issued a false positive update.

Cox said the influx of new threats has also forced Symantec to expand its analysis procedures in recent years. “We’ve had to evolve how we work, it’s not just about providing protection and moving on any more. Threats and the landscape have changed and to address this we’ve begun doing intelligence work,” she said.

“We do bespoke research on occasion, with both customers and law enforcement. These situations are ones where we have the skills they don’t – that’s the benefit of us being here every day, reverse-engineering malware.

“Doing this over the years we’ve had to develop a number of systems and now we’re trying to understand the individual attacks in the context of who did them and why.”

Symantec is one of many technology firms to begin adopting an intelligence-based approach to cyber defence. Facebook unveiled a new automated ThreatData security service designed to detect and catalogue new malware families earlier in March.

Courtesy-TheInq

 

Lenovo Says More Low-priced Android Tablets Coming In May

April 10, 2014 by mphillips  
Filed under Consumer Electronics

More lower priced Android tablets ranging from $129 to $249 are coming from Lenovo.

The new Tab A-series tablets, which will ship next month, have screen sizes ranging from 7-10 inches and are designed for Web surfing and home entertainment, Lenovo said. Other than screen sizes and weight, the tablets have mostly identical features.

The cheapest tablet in the lineup is the Tab A7-50, which weighs 320 grams and starts at $129. The TAB A8 weighs 360 grams and is priced starting at $179. The Tab A10 is much heftier at 560 grams, but has a larger battery that offers a Wi-Fi browsing time of eight hours, Lenovo said in a specification sheet.

All the tablets have screens that can display images at a resolution of 1280 x 800 pixels. The tablets have Android 4.2, code-named Jelly Bean, which will be upgradeable to version 4.4, code-named KitKat.

Common features also include Wi-Fi b/g/n, 1GB of RAM, 16GB of storage, and an SD card slot for up to 32GB of expandable storage. The tablets have a 2-megapixel front-facing camera and a 5-megapixel rear camera. Another feature is integrated 3G mobile broadband, though Lenovo did not say whether it was included in the price or is optional.

The tablets will ship in the U.S. Lenovo did not immediately provide information about shipment plans for other countries.

Lenovo offers a range of tablets for Android and Windows 8.1, with models starting at $99. The company is trying to create brands around Android-based Yoga tablets, which are being promoted by actor Ashton Kutcher, and ThinkPad tablets, which run on Windows.

 

Security Bug In OpenSSL Leaves Webservers Vulnerable

April 10, 2014 by Michael  
Filed under Computing

A critical security bug in OpenSSL that allows encrypted data to be stolen by hackers has been uncovered by researchers and is believed to have exposed millions to cyber spying.

Dubbed Heartbleed, the bug was discoverd in a software library used in servers, operating systems and email and instant messaging systems and allows anyone to read the memory of systems using vulnerable versions of OpenSSL software.

OpenSSL is an open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols by which email, instant messaging, and some VPNs are kept secure.

The vulnerability is called Heartbleed because it’s in the OpenSSL implementation of the TLS/DTLS heartbeat extension described in RFC6520, and when it is exploited it can lead to leaks of memory contents from the server to the client and from the client to the server.

The researchers from defense security firm Codenomicon said that attackers could take advantage of the bug to eavesdrop on communications, steal data directly from server or client systems, and impersonate users and servers.

“This compromises the secret keys used to identify service providers and to encrypt the traffic, the names and passwords of the users and the actual content,” the researchers wrote on a website dedicated to the bug.

“Without using any privileged information or credentials, we were able to steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication.”

Because such attacks are not traceable, it’s not clear how widespread the bug is or was, but it is thought that at least two-thirds of websites could be affected, as the most notable software using OpenSSL are the open source webservers Apache and nginx.

The researchers pointed out that the combined market share of those two webservers was over 66 percent of the active websites on the internet, according to Netcraft’s Web Server Survey released this month.

“You are likely to be affected either directly or indirectly. OpenSSL is the most popular open source cryptographic library and TLS implementation used to encrypt traffic on the Internet,” the researchers added.

“Your popular social site, your company’s site, commerce site, hobby site, site you install software from or even sites run by your government might be using vulnerable OpenSSL. Furthermore you might have client side software on your computer that could expose the data from your computer if you connect to compromised services.”

Although an updated version of OpenSSL has been released to patch this security vulnerability, it might take time before some operating system developers and software distributions deploy it.

“Recovery from this leak requires patching the vulnerability, revocation of the compromised keys and reissuing and redistributing new keys,” the researchers said. “Even doing all this will still leave any traffic intercepted by the attacker in the past vulnerable to decryption.”

Courtesy-TheInq

 

Intel Laying Off 1500, Shutting Costa Rican Operations

April 10, 2014 by mphillips  
Filed under Computing

Chipmaker Intel, grappling with a dwindling PC market, is shutting its assembly and test operation in Costa Rica and eliminating 1,500 jobs.

The closure of the site, which is a significant contributor to Costa Rica’s exports, falls within a larger plan announced by the chipmaker earlier this year to cut spending as it attempts to grow beyond PCs into the mobile market.

“It’s being closed and consolidated into our other operations throughout the world,” spokesman Chuck Mulloy said of the assembly and test operations in Costa Rica.

During the next two quarters, Intel will move assembly and testing from its site in Heredia, where it has been present since 1997, to existing sites in China, Malaysia and Vietnam, Mulloy said.

Costa Rica President Elect Luis Guillermo Solis met with Intel executives on Tuesday morning and they assured him the decision had nothing to do with the election of his new government on Sunday, according to a statement from Guillermo’s office.

“The decision bears no relation to the election of the new Costa Rica government or the market conditions for…potential foreign investment,” the statement said.

Intel will continue to have over 1,000 engineers, finance and human resources employees in Costa Rica and do some research and development there. The chipmaker expects to add another 200 “high-value positions” in Costa Rica later this year, Mulloy said.

Intel dominates the PC chip industry, but it has been slow to adapt its processors for smartphones and tablets, markets now dominated by rivals such as Qualcomm Inc and Samsung Electronics Co Ltd.

The cuts in Costa Rica are consistent with Intel’s announcement in January that it would reduce its global workforce of 107,000 employees by about 5 percent this year, Mulloy said.

Also in January, Intel said a newly built factory in Chandler, Arizona, originally slated as a $5 billion project that in late 2013 would start producing Intel’s most advanced chips, would remain closed for the foreseeable future while other factories at the same site are upgraded.