Mobile malware is a growing problem, but researchers from University of Alabama at Birmingham (UAB) have developed a new way of detecting when suspicious mobile apps start trouble, such as trying to call premium-rate numbers unbeknowst to a phone’s owner.
The technique relies on using the phone’s motion, position and ambient sensors to learn the gestures that users typically make when they initiate phone calls, take pictures or use the phone’s NFC reader to scan credit cards.
Some mobile malware programs already abuse these services and security researchers expect their number will only increase.
The technology developed by the UAB researchers can monitor those three services and can check whether attempts to access them are accompanied by the natural gestures users are expected to make. If they’re not, they were likely initiated by malware.
The research, which involved collecting data from real-life scenarios to train the technology, showed that detecting different gestures and using them to differentiate between user-initiated actions and automated ones can be done with a high degree of accuracy. As such, the technique can be a viable malware defense.
The technology doesn’t require root access on the device and it’s better than the signature-based approach used by most mobile antivirus programs, according to Nitesh Saxena, director of UAB’s Security and Privacy In Emerging computing and networking Systems Lab.
Canonical and Ericsson have announced their arrival into the cloud telecoms market after signing a three-year collaboration to develop network Function Virtualization (NFV) products for software-defined communications networks.
The deal will see Ericsson deploying the Ubuntu Server operating system as the host for all its cloud offerings.
John Zannos, VP of cloud alliances and channels at Canonical, told The INQUIRER: “It’s actually a very exciting time to be alive, with the pace of change in the marketplace. As we move toward software-defined solutions more and more, we’re going to see the accelerating pace of change more than ever.”
By working together, the companies hope to drive adoption of NVF products and accelerate research.
The news comes just a day after Oracle and Intel announced a similar deal based on an Oracle hypervisor to control expansion and contraction of communication network nodes at an intelligent level.
As with that announcement, the Canonical-Ericsson arrangement is based on the interoperability provided by OpenStack, meaning that the alignment between the two projects is set to be much closer than one might expect.
“What is most exciting for us is not just the chance to work with Ericsson, which already carries nearly 40 percent of the world’s mobile traffic, but the opportunities that working together brings for us to take these concepts to the next level,” said Zannos.
Ubuntu is used in 80 percent of OpenStack cloud deployments worldwide. Using Ubuntu Server means that the partnership should be able to bring the newest ideas in open platform NVF.
“Our ability to offer scale-out solutions means that for the first time we can help meet the massive demand on telecoms in the future,” said Zannos.
“I don’t want to speculate on ‘infinite scalability’ because infinite is a pretty big number, but we’re certainly able to create solutions without the restraints of traditional hardware.”
The rollout of open platform NFV acts as a natural next step after the arrival of cloud communication. Virtualizing the workload of global communications, and reducing the natural lag of hardware controllers, allows providers to offer cheaper running costs, lower energy use and greater flexibility to grow and contract the network according to customer need.
Zannos added: “Organizations are struggling to keep pace with data, complexity, cost and compliance demands, so this partnership will help customers overcome many of these challenges.”
The Ericsson name disappeared from the consumer market after Sony acquired the joint Sony-Ericsson venture in 2012, but the Swedish company’s reach remains vast. A venture into virtual telecoms, alongside the biggest single Linux distribution, is bound to disrupt the market.
Ericsson recently became the latest company to join the alliance of Canonical’s Snappy Ubuntu Core for the Internet of Things.
Zannos also confirmed that there will be room for cross-fertilization between the two alliances in the coming months and years, particularly with the opportunities for the silent, seamless firmware upgrades that underpin the technology.
Germany’s BMG music rights company announced that it has signed a music digital distribution deal with China’s Alibaba Group Holding Ltd, as the world’s largest e-commerce giant firms up its bid to become a digital media empire.
The deal, one of the first in China made by a major music publisher rather than a label, will bring more than 2.5 million copyrights to Alibaba, whose music platforms already had many of the songs from artists including Kylie Minogue, the Rolling Stones and Jean-Michael Jarre, an Alibaba spokeswoman said.
Alibaba has set its eyes on becoming an online-media powerhouse, with music, film and television. The $210-billion firm has touted the potential for selling digital products as well as physical products in China, despite the country’s track record of users not paying for media content.
In the process, it is vying with Tencent Holdings Ltd, China’s biggest social networking and online entertainment firm, and search leader Baidu Inc and its online video unit, iQiyi.
For BMG, the tie-up is both a chance to boost earnings by its artists in China and part of its attempt to “grow the legitimate music market in China”, the company said.
BMG last November linked up with Chinese independent company Giant Jump to manage publishing and recording rights both at home and overseas.
Alibaba’s Digital Entertainment arm will “promote BMG writers and artists through channels such as its streaming apps Xiami and TTPod” and “monitor and take action against digital and mobile services who may infringe the rights of BMG clients,” the subsidiary of Bertelsmann AG, Europe’s largest media company, said in a statement.
“Internet and particular mobile media are quickly providing an answer to the music industry’s long-time challenge of how to monetize the vast untapped potential of the Chinese market,” BMG Chief Executive Hartwig Masuch said in Monday’s statement.
Finding GPS unreliable in certain situations, the U.S. government is focusing on developing a more reliable real-time position tracking technology whose signals won’t disappear in blind spots and can’t be jammed.
The Defense Advanced Research Projects Agency is developing “radically” new technologies to deliver a more advanced position- and navigation-tracking system that is more reliable and accurate than GPS, according to a document on DARPA research projects recently released.
DARPA — which is a part of the U.S. Department of Defense — thinks that new real-time positioning technology would give the U.S. military an advantage over rivals. GPS technology has provided a strategic advantage, but it isn’t foolproof, as it can be jammed by opponents or also be inaccessible in some parts of the world.
“The need to be able to operate effectively in areas where GPS is inaccessible, unreliable or potentially denied by adversaries has created a demand for alternative precision timing and navigation capabilities,” DARPA said in the document.
Beyond the military, GPS has had a significant impact on individuals, business and economies. GPS has helped deliver customized content and services to mobile users, and also helped in the timely delivery of goods. But GPS isn’t flexible, and DARPA wants to make its alternative more flexible and customizable with the help of algorithms.
New types of self-contained instruments are under development that could better track position, time and direction of motion, which are critical aspects of GPS. DARPA is developing high-precision clocks, self-calibrating gyroscopes and accelerometers, and high-precision navigation instruments that can track position for long periods without relying on external sources.
DARPA is also researching new technologies that could make real-time tracking possible through a number of sources. DARPA is developing sensors that “use signals of opportunity” such as television, radio, cell towers, satellites, and even lightning, for real-time tracking. The effort, called ASPN (All Source Positioning and Navigation) alleviates issues related to fixing locations in buildings, deep foliage, underwater or underground, where GPS access can be limited.
The ultimate goal is to develop a compact navigation system that could be given to soldiers, put on tanks or implemented in guidance systems.
Amazon.com is holding discussions to acquire online luxury retailer Net-a-porter in what could be the biggest acquisition yet for the e-commerce giant, but the negotiations are in early stages and could fall apart, Forbes reported, citing a person familiar with the matter.
The potential deal, first reported by Women’s Wear Daily, could value Net-a-Porter lower than the valuation of 2 billion euros ($2.16 billion) reported by the fashion industry trade journal, Forbes reported last Thursday, citing the person.
Seattle-based Amazon has long eyed the high-end fashion retail sector and any deal for Net-a-Porter would mean a new commitment in an area where the company lacks a strong presence, Forbes said.
“It’s Day 1 in the category,” Amazon Chief Executive Jeff Bezos told the New York Times in an interview in 2012, saying the company was making a “significant” investment in fashion to convince top brands that it wanted to work with them, not against them.
Media reports in 2014 said Amazon was in talks to buy Indian fashion retailer Jabong.com for $1.2 billion.
Net-a-Porter is owned by luxury goods group Richemont, which bought the London-based company for 392 million euros in 2010.
A spokeswoman for Net-a-Porter said the company does not comment on industry speculation.
Amazon.com and Richemont could not be immediately reached for comment outside regular business hours.
Japanese electronics giant Panasonic Corp said it is gearing up to spend 1 trillion yen ($8.4 billion) on acquisitions over the next four years, bolstered by a stronger profit outlook for its automotive and housing technology businesses.
Chief Executive Kazuhiro Tsuga said at a briefing on Thursday that Panasonic doesn’t have specific acquisition targets in mind for now. But he said the firm will spend around 200 billion yen on M&A in the fiscal year that kicks off in April alone, and pledged to improve on Panasonic’s patchy track record on big deals.
“With strategic investments, if there’s an opportunity to accelerate growth, you need funds. That’s the idea behind the 1 trillion yen figure,” he said. Tsuga has spearheaded a radical restructuring at the Osaka-based company that has made it one of the strongest turnaround stories in Japan’s embattled technology sector.
Tsuga previously told Reuters that company was interested in M&A deals in the European white goods market, a sector where Panasonic has comparatively low brand recognition.
The firm said on Thursday it’s targeting operating profit of 430 billion yen in the next fiscal year, up nearly 25 percent from the 350 billion yen it expects for the year ending March 31.
Panasonic’s earnings have been bolstered by moving faster than peers like Sony Corp and Sharp Corp to overhaul business models squeezed by competition from cheaper Asian rivals and caught flat-footed in a smartphone race led by Apple Inc and Samsung Electronics. Out has gone reliance on mass consumer goods like TVs and smartphones, and in has come a focus on areas like automotive technology and energy-efficient home appliances.
Tsuga also sought to ease concerns that an expensive acquisition could set back its finances, which took years to recover from the deal agreed in 2008 to buy cross-town rival Sanyo for a sum equal to about $9 billion at the time.
Oracle and Intel have teamed up for the first demonstration of carrier-grade network function virtualization (NFV), which will allow communication service providers to use a virtualized, software-defined model without degradation of service or reliability.
The Oracle-led project uses the Intel Open Network Platform (ONP) to create a robust service over NFV, using intelligent direction of software to create viable software-defined networking that replaces the clunky equipment still prevalent in even the most modern networks.
Barry Hill, Oracle’s global head of NFV, told The INQUIRER: “It gets us over one of those really big hurdles that the industry is desperately trying to overcome: ‘Why the heck have we been using this very tightly coupled hardware and software in the past if you can run the same thing on standard, generic, everyday hardware?’. The answer is, we’re not sure you can.
“What you’ve got to do is be smart about applying the right type and the right sort of capacity, which is different for each function in the chain that makes up a service.
“That’s about being intelligent with what you do, instead of making some broad statement about generic vanilla infrastructures plugged together. That’s just not going to work.”
Oracle’s answer is to use its Communications Network Service Orchestration Solution to control the OpenStack system and shrink and grow networks according to customer needs.
Use cases could be scaling out a carrier network for a rock festival, or transferring network priority to a disaster recovery site.
“Once you understand the extent of what we’ve actually done here, you start to realize just how big an announcement this is,” said Hill.
“On the fly, you’re suddenly able to make these custom network requirements instantly, just using off-the-shelf technology.”
The demonstration configuration optimizes the performance of an Intel Xeon E5-2600 v3 processor designed specifically for networking, and shows for the first time a software-defined solution which is comparable to the hardware-defined systems currently in use.
In other words, it can orchestrate services from the management and orchestration level right down to a single core of a single processor, and then hyperscale it using resource pools to mimic the specialized characteristics of a network appliance, such as a large memory page.
“It’s kind of like the effect that mobile had on fixed line networks back in the mid-nineties where the whole industry was disrupted by who was providing the technology, and what they were providing,” said Hill.
“Suddenly you went from 15-year business plans to five-year business plans. The impact of virtualization will have the same level of seismic change on the industry.”
Today’s announcement is fundamentally a proof-of-concept, but the technology that powers this kind of next-generation network is already evolving its way into networks.
Hill explained that carrier demand had led to the innovation. “The telecoms industry had a massive infrastructure that works at a very slow pace, at least in the past,” he said.
“However, this whole virtualization push has really been about the carriers, not the vendors, getting together and saying: ‘We need a different model’. So it’s actually quite advanced already.”
NFV appears to be the next gold rush area for enterprises, and other consortium are expected to make announcements about their own solutions within days.
The Oracle/Intel system is based around OpenStack, and the company is confident that it will be highly compatible with other systems.
The ‘Oracle Communications Network Service Orchestration Solution with Enhanced Platform Awareness using the Intel Open Network Platform’ – or OCNSOSWEPAUTIONP as we like to think of it – is currently on display at Oracle’s Industry Connect event in Washington DC.
The INQUIRER wonders whether there is any way the marketing department can come up with something a bit more catchy than OCNSOSWEPAUTIONP before it goes on open sale.
MSI recently announced a 970A SLI Krait motherboard that will support the AMD processors and the USB 3.1 protocol. Motherboards with USB 3.1 ports have also been released by Gigabyte, ASRock and Asus, but those boards support Intel chips.
USB 3.1 can shuffle data between a host device and peripheral at 10Gbps, which is two times faster than USB 3.0. USB 3.1 is also generating excitement for the reversible Type-C cable, which is the same on both ends so users don’t have to worry about plug orientation.
The motherboards with USB 3.1 technology are targeted at high-end desktops. Some enthusiasts like gamers seek the latest and greatest technologies and build desktops with motherboards sold by MSI, Asus and Gigabyte. Many of the new desktop motherboards announced have the Type-C port interface, which is also in recently announced laptops from Apple and Google.
New technologies like USB 3.1 usually first appear in high-end laptops and desktops, then make their way down to low-priced PCs, said Dean McCarron, principal analyst of Mercury Research.
PC makers are expected to start putting USB 3.1 ports in more laptops and desktops starting later this year.
At the WinHEC conference Microsoft revealed that Windows 10 will support 8K (7680*4320) resolution for monitors, which is unlikely show up on the market this year or next.
It also showed off minimum and maximum resolutions supported by its upcoming Windows 10. It looks like the new operating system will support 6″+ phone and tablet screens with up to 4K (3840*2160) resolution, 8″+ PC displays with up to 4K resolution and 27″+ monitors with 8K (7680*4320) resolution.
To put this in some perspective, the boffins at the NHK (Nippon H?s? Ky?kai, Japan Broadcasting Corp.) think that 8K ultra-high-definition television format will be the last 2D format as the 7680*4320 resolution (and similar resolution) is the highest 2D resolution that the human eye can process.
This means that 8K and similar resolutions will stay around for a long time and it makes sense to add their support to hardware and software.
NHK is already testing broadcasting in 8K ultra-high-definition resolutions, VESA has ratified DisplayPort and embedded DisplayPort standards to connect monitors with up to 8K resolution to graphics adapters and a number of upcoming games will be equipped for textures for 8K UHD displays.
However monitors that support 8K will not be around for some time because display makers will have to produce new types of panels for them.
Redmond will be ready for the advanced UHD monitors well before they hit the market. Many have criticized Microsoft for poor support of 4K UHD resolutions in Windows 8.
By making Parse available for IoT, Facebook hopes to strengthen its ties to a wider group of developers in a growing industry via three new software development kits aimed specifically at IoT, unveiled Wednesday at the company’s F8 developer conference in San Francisco.
The tools are aimed at making it easier for outside developers to build apps that interface with Internet-connected devices. Garage door manufacturer Chamberlain, for example, uses Parse for its app to let people open and lock their garage door from their smartphones.
Or, hypothetically, the maker of a smart gardening device could use Parse to incorporate notifications into their app to remind the user to water their plants, said Ilya Sukhar, CEO of Parse, during a keynote talk at F8.
Facebook bought Parse in 2013, putting itself in the business of selling application development tools. Parse provides a hosted back-end infrastructure to help third party developers build their apps. Over 400,000 developers have built apps with Parse, Sukhar said on Wednesday.
Parse’s new SDKs are available on GitHub as well as on Parse’s site.
HP has announced its first off-the-shelf configured private cloud based on OpenStack and Cloud Foundry.
HP Helion Rack continues the Helion naming convention for HP’s cloud offerings, and will, it is hoped, help enterprise IT departments speed up cloud deployment by offering a solid template system and removing the months of design and build.
Helion Rack is a “complete” private cloud with integrated infrastructure-as-a-service and platform-as-a-service capabilities that mean it should be a breeze to get it working with cloud-dwelling apps.
“Enterprise customers are asking for private clouds that meet their security, reliability and performance requirements, while also providing the openness, flexibility and fast time-to-value they require,” said Bill Hilf, senior vice president of product management for HP Helion.
“HP Helion Rack offers an enterprise-class private cloud solution with integrated application lifecycle management, giving organisations the simplified cloud experience they want, with the control and performance they need.”
HP cites the key features of its product as rapid deployment, simplified management, easy scaling, workload flexibility, faster native-app development and, of course, the open architecture of OpenStack and Cloud Foundry, providing a vast support network for implementation, use cases and customisation.
The product is built on HP ProLiant DL servers, and is assembled by HP and configured with the HP Helion OpenStack and Development Platform. HP and its partners can then work alongside customers to find the best way to exploit the product knowing that it is up and running from day one.
HP Helion Rack will be available in April with prices varying by configuration. Finance is available for larger configurations.
Suse launched its own OpenStack Cloud 5 with Sahara data processing earlier this month, just one of many other implementations of OpenStack designed to help roll out the cloud revolution quickly to enterprises, but offering a complete 360 package is something that HP is pioneering.
PC and printer makers have struggled in the recent past as companies reduced printing to cut costs and consumers shifted to mobile devices from PCs.
Hewlett-Packard Co plans to separate its computer and printer businesses from its corporate hardware and services operations this year.
Xerox Corp has also increasingly focused on IT services to make up for the falling sales of its copiers and printers.
Lexmark divested its inkjet printer business in 2013 and has since boosted its enterprise software business.
The Kofax deal will help the company’s Perceptive Software business achieve its revenue target of $500 million in 2016, Lexmark said.
The business makes software to scan everything from spreadsheets to medical images and provides services to banking, healthcare, insurance and retail companies. It contributed about 8 percent to Lexmark’s revenue in 2014 and has grown at more than 30 percent in the past two years.
Kofax provides data services to the financial, insurance and healthcare companies such as Citigroup Inc, Metlife Inc and Humana Inc.
Lexmark said it expects the deal to “significantly” expand operating margins in its enterprise software business, which would now be worth about $700 million. It will also add about 10 cents per share to the company’s adjusted profit in 2015.
Several U.S. broadband providers have filed lawsuits against the Federal Communications Commission’s recently approved net neutrality rules, launching what is a expected to be a series of legal entanglements.
Broadband industry trade group USTelecom filed a lawsuit against the FCC in the U.S. Court of Appeals for the District of Columbia, which has in the past twice rejected the FCC’s net neutrality regulations.
The group argues the new rules are “arbitrary, capricious, and an abuse of discretion” and violate various laws, regulations and rulemaking procedures.
Texas-based Internet provider Alamo Broadband Inc challenged the FCC’s new rules in the U.S. Court of Appeals for the Fifth Circuit in New Orleans, making a similar argument.
The rules, approved in February and posted online on March 12, treat both wireless and wireline Internet service providers as more heavily regulated “telecommunications services,” more like traditional telephone companies.
Broadband providers are banned under the rules from blocking or slowing any traffic and from striking deals with content companies for smoother delivery of traffic to consumers.
USTelecom President Walter McCormick said in a statement that the group’s members supported enactment of “open Internet” principles into law but not using the new regulatory regime that the FCC chose.
“We do not believe the Federal Communications Commission’s move to utility-style regulation … is legally sustainable,” he said.
Industry sources have previously told Reuters that USTelecom and two other trade groups, CTIA-The Wireless Association and the National Cable and Telecommunications Association, were expected to lead the expected legal challenges.
Verizon Communications Inc, which won the 2010 lawsuit against the FCC, is likely to hold back from filing an individual lawsuit this time around, an industry source familiar with Verizon’s plan has told Reuters.
FCC officials have said they were prepared for lawsuits and the new rules were on much firmer legal ground than previous iterations. The FCC said Monday’s petitions were “premature and subject to dismissal.”
Cisco has revealed details of a new point of sale (PoS) attack that could part firms from money and users from personal data.
The threat has been called PoSeidon by the Cisco team and comes at a time when eyes are on security breaches at firms like Target.
Cisco said in a blog post that PoSeidon is a new threat that has the ability to breach machines and scrape them for credit card information.
Credit card numbers and keylogger data is sent to an exfiltration server, while the mechanism is able to update itself and presumably evade some detection.
Cisco’s advice is for the industry to keep itself in order and network admins to keep systems up to date.
“PoSeidon is another malware targeting PoS systems that demonstrates the sophisticated techniques and approaches of malware authors. Attackers will continue to target PoS systems and employ various obfuscation techniques in an attempt to avoid detection,” said the firm.
“As long as PoS attacks continue to provide returns, attackers will continue to invest in innovation and development of new malware families. Network administrators will need to remain vigilant and adhere to industry best practices to ensure coverage and protection against advancing malware threats.”
The security industry agrees that PoS malware is a cash cow for cyber thieves, highlighting the importance of vigilance and keeping systems up to date.
“PoS malware has been extremely productive for criminals in the last few years, and there’s little reason to expect that will change anytime soon,” said Tim Erlin, director of product management at Tripwire.
“It’s no surprise that, as the information security industry updates tools to detect this malicious software, the authors will continue to adjust and innovate to avoid detection.
“Standards like the PCI Data Security Standard can only lay the groundwork for protecting retailers and consumers from these threats. A standard like PCI can specify a requirement for malware protection, but any specific techniques included may become obsolete as malware evolves.
“Monitoring for new files and changes to files can detect when malware installs itself on a system, as PoSeidon does.”
Online video platform Vessel officially debuted its paid subscription service on Tuesday, offering programming at least three days before other websites in a bid to reshape an industry dominated by free content on Google Inc’s YouTube.
Vessel, which costs viewers $3 a month, was founded by former Hulu Chief Executive Jason Kilar and Chief Technology Officer Richard Tom. They aim to create an early window for a selection of web video, similar to the way movies are released in theaters before they arrive on cable TV or the Internet.
“Early access is very valuable,” Kilar said in an interview. “There are a lot of consumers who would love to see something early.”
More than 130 creators will provide early access to content on Vessel. After the exclusive period ends, videos can go to YouTube, Vimeo, Vevo or other free, ad-supported sites, and are free on Vessel.
YouTube stars such as Ingrid Nilsen, Rhett & Link and Shane Dawson are among creators whose videos will make their debut on Vessel. Other programming comes from online networks such as food-oriented Tastemade and celebrities such as Alec Baldwin.
Video creators on Vessel keep 70 percent of ad revenue, compared with 55 percent that is typical on YouTube, plus 60 percent of Vessel subscription revenue.
With those incentives, the new service will be an easier sell to creators than offering viewers who are used to watching videos for free, said Brett Sappington, director of research at Parks Associates.
“Vessel must rely on content creators’ popularity and self-marketing to entice their loyal viewers into paying a monthly fee,” he said.
The service is free for one year for viewers who sign up within the first three days.
It is unlikely YouTube will lose significant revenue from a migration to Vessel, Sappington said. YouTube made its debut a decade ago and has more than 1 billion users.