The craze for connecting anything and everything and controlling it over the internet will result in a major disaster without better built-in security, according to security expert Bruce Schneier.
Furthermore, if secret services really are trying to influence elections by hacking the systems of political parties and releasing embarrassing emails, they will almost certainly attempt to hack into the increasing number of internet-connected voting machines for the same ends.
Schneier is the author of multiple encryption algorithms, founder of security company Counterpane, and former chief technology officer of BT Managed Security Solutions.
“It’s one thing if your smart door lock can be eavesdropped on to know who is home. It’s another thing entirely if it can be hacked to allow a burglar to open the door or prevent you opening your door,” Schneier wrote in an article published by Motherboard.
“A hacker who can deny you control of your car, or take over control, is much more dangerous than one who can eavesdrop on your conversations or track your car’s location.
“With the advent of the Internet of Things [IoT] and cyber-physical systems in general, we’ve given the internet hands and feet: the ability to directly affect the physical world. What used to be attacks against data and information have become attacks against flesh, steel and concrete.”
Schneier explained that many of the devices now being connected to the internet, including industrial systems controlling major facilities, have security only as an afterthought, and that the IoT “will allow for attacks we can’t even imagine”.
The key weaknesses come from software control systems, the connections between systems and autonomous systems. Schneier highlighted a lack of security patching in control systems, the ability to compromise networks via insecure devices connected to them, especially IoT devices, and the security dangers of increased automation.
“Security engineers are working on technologies that can mitigate much of this risk, but many solutions won’t be deployed without government involvement. This is not something that the market can solve,” he said.
Schneier also suggested that if Russian security services were indeed behind the attack on the systems of the US Democratic National Committee there is no reason why they wouldn’t target internet-connected voting machines.
“Over the years, more and more states have moved to electronic voting machines and have flirted with internet voting. These systems are insecure and vulnerable to attack,” Schneier warned.
Paper allows teams to work on documents together in the cloud. It makes it easy to add text, images and embedded videos from YouTube, Google, or Dropbox itself. Users can also add programming code, which gets formatted automatically. And they can create to-do lists and assign tasks on those lists using the @ symbol.
Since its unveiling in private beta, Paper has been used to create more than a million documents for tasks like brainstorming ideas and capturing meeting notes, Dropbox said. Based on lessons learned along the way, Dropbox has improved the software with better tables and image galleries, more powerful search, and notifications via desktop and mobile.
The new apps for Android and iOS, meanwhile, let users get project updates, make edits, and respond to feedback from their mobile devices.
“As Dropbox tries to expand the concept of what it is, it’s only natural that they dig deeper into the productivity tool bag,” said T.J. Keitt, a senior analyst with Forrester Research. “Paper gives them a collaborative content engine that lets teams work collectively on lists and notes — a useful tool given information workers have scooped up note-taking tools like Evernote and OneNote for similar purposes.”
Competitors like Box, Google and Microsoft offer similar tools, so Dropbox needed Paper to keep up, Keitt said. “I don’t think this will be a great point of differentiation for them.”
Paper is “definitely a cool product,” said Melissa Webster, a program vice president with IDC.
It’s essentially Dropbox’s answer to Google Docs but designed to be more visually appealing, Webster said.
“Word processors have historically been poor at supporting creative teams and concept work that is visual,” she said. “Dropbox Paper should appeal to marketers, creative folks, product teams and others who find traditional text-oriented word processors and note-taking apps somewhat confining.”
The beta program for Dropbox Paper is now open online. The associated mobile apps are available in the U.S. from the iOS App Store and Android Play Store, and are coming soon for users in the EU.
A bunch of tech firms including ARM and Symantec have joined forces to create a security protocol designed to protect Internet of Things (IoT) devices.
The group, which also includes Intercede and Solacia, has created The Open Trust Protocol (OTrP) that is now available for download for prototyping and testing from the IETF website.
The OTrP is designed to bring system-level root trust to devices, using secure architecture and trusted code management, akin to how apps on smartphones and tablets that contain sensitive information are kept separate from the main OS.
This will allow IoT manufacturers to incorporate the technology into devices, ensuring that they are protected without having to give full access to a device OS.
Marc Canel, vice president of security systems at ARM, explained that the OTrP will put security and trust at the core of the IoT.
“In an internet-connected world it is imperative to establish trust between all devices and service providers,” he said.
“Operators need to trust devices their systems interact with and OTrP achieves this in a simple way. It brings e-commerce trust architectures together with a high-level protocol that can be easily integrated with any existing platform.”
Brian Witten, senior director of IoT security at Symantec, echoed this sentiment. “The IoT and smart mobile technologies are moving into a range of diverse applications and it is important to create an open protocol to ease and accelerate adoption of hardware-backed security that is designed to protect onboard encryption keys,” he said.
The next stage is for the OTrP to be further developed by a standards-defining organisation after feedback from the wider technology community, so that it can become a fully interoperable standard suitable for mass adoption.
Shares in Japan’s Softbank have fallen 10 per cent after it agreed a controversial $30 billion deal to buy UK chip designer ARM.
Part of the reason that shareholders greeted the idea with horror was that it would dump a pile of debt on the company, but the other reason was the value of the company was expected to plummet after Brexit causes the UK economy to collapse.
It was for this reason that the UK Chancellor Philip Hammond welcomed the deal saying that despite the vote to leave the EU, Britain “has lost none of its allure to international investors”. Of course sending profits overseas is just the sort of thing that is good for the British economy under Hammond’s new glorious economic plan.
Common sense, as expressed by ARM co-founder Hermann Hauser, said it represented a “sad day” for the UK’s technology sector. ARM was a golden child which emerged from the days when the UK used to actually make computers.
Analysts had been hoping that Softbank, which has raised nearly 19 billion in cash through sales of some of its assets, was going to use some of that cash to reduce its debt or reward shareholders.
Instead it has secured a $10 billion bridge loan to finance part of its ARM purchase.
SoftBank has pledged to preserve ARM’s existing management team, maintain its headquarters in Cambridge, at least double the number of employees in the UK over the next five years and increase its overseas workforce.
The Intel Security business came largely from the company’s acquisition for $7.7 billion of security software company McAfee. Intel announced plans to bake some of the security technology into its chips to ensure higher security for its customers.
With the surge in cyberthreats, providing protection to the variety of Internet-connected devices — such as PCs, mobile devices, medical gear and cars — requires a fundamentally new approach involving software, hardware and services, the company said in February 2011, when announcing the completion of the McAfee acquisition.
Intel has been talking to bankers about the future of its cybersecurity business for a deal that would be one of the largest in the sector, reported The Financial Times, citing people close to the discussions. It said a group of private equity firms may join together to buy the security business if it is sold at the same price or higher than what Intel paid for it.
“I could see them selling a piece of the service, but not all security capabilities,” said Patrick Moorhead, president and principal analyst at Moor Insights & Strategy.
“Intel has a decent security play right now and security is paramount to the future of IoT,” Moorhead said. “Hardware-based security is vital to the future of computing.”
Intel is declining to comment on the report, a company spokeswoman wrote in an email.
Trailing its competitors after past mistakes on wireless technology standards, Samsung Electronics Co Ltd aims to become a global top-three player in 5G mobile networks by moving quickly in markets like the United States, an executive said.
The world’s top smartphone maker ranks well behind peers such as Nokia Corp, Huawei Technologies Co Ltd and Ericsson in the networks business, after backing CDMA and WiMax wireless technologies that never caught on globally.
The South Korean giant now sees an opportunity to catch up by moving fast and early on 5G, the wireless technology that telecom equipment makers are rushing to develop as the next-generation standard.
“We plan to move quickly and want to be at least among the top three with 5G,” Kim Young-ky, Samsung’s network business chief, told Reuters in an interview.
“It’s important to get in early.”
5G wireless networks could offer data speeds tens of times faster than 4G technology, enabling futuristic products such as self-driving cars and smart-gadgets that tech firms expect to become ubiquitous in the homes of tomorrow.
Major network firms are targeting the United States as it moves rapidly ahead with plans to open spectrum for 5G wireless applications. Some U.S. officials expect to see the first large-scale commercial deployments by 2020.
Samsung is targetting more than 10 trillion won ($8.6 billion) in annual sales of 5G equipment by 2022, a spokeswoman said.
This would be a big step up for a networks business that generated less than 3 trillion won in revenue last year, compared with 100.5 trillion won in mobile device sales.
Crucial to its plans is a partnership with New York-based Verizon Communications Inc to commercialize the technology. Other firms working with Verizon on 5G include Nokia, Ericsson, Qualcomm and Intel Corp.
Verizon conducts field tests this year and aims to begin deploying 5G trials on home broadband services in 2017 in the United States, likely the first 5G application commercially available before a broader mobile network standard is agreed.
Samsung – which was a distant fifth player in the global 4G infrastructure market in January-March, according to researcher His – declined to comment on what clients it expected to receive 5G equipment orders from.
They are vulnerable because they connect to things, and anything that can be connected can also be interrupted and interfered with.
The one in 10 number comes from a panel of senior security professionals interviewed by IOActive about the rise of the IoT. These people are concerned that security is lacking in everything from wearables to household appliances.
Half of respondents believe that under 10 per cent of IoT products offer adequate ass coverage, while a staggering 85 per cent believe that less than half of products are secure.
Around two thirds felt that the security was probably better than you get on other products, but we don’t care about them right now.
“Consensus is that more needs to be done to improve the security of all products, but the exponential rate at which IoT products are coming to market, compounded by the expansive risk network created by their often open connectivity, makes IoT security a particular concern and priority,” said Jennifer Steffens, chief executive of IOActive.
“According to Gartner, 21 billion connected things will be in use by 2020. It’s important for the companies that develop these products to ensure security is built in. Otherwise hackers are provided with opportunities to break into not only the products, but potentially other systems and devices they’re connected to.”
The problem is that security is not considered early enough in the design process so it has to be dealt with later, or presumably not at all. Steffens explained that a security stitch in time saves nine.
“Companies often rush development to get products to market in order to gain competitive edge, and then try to engineer security in after the fact,” she said.
“This ultimately drives up costs and creates more risk than including security at the start of the development lifecycle.”
ARM’s collaboration with TSMC has finally born some fruit with the tapeout of a 10nm test chip to show off the company’s readiness for the new manufacturing process.
The new test chip contains ARM’s yet-to-be-announced “Artemis” CPU core which is named after a goddess who will turn you into deer and tear you apart with wild dogs if you ever see her. [The NDA must have been pretty tough on this chip.ed]
In fact things have been ticking along on this project for ages. ARM discloses that tapeout actually took place back in December last year and is expecting silicon to come back from the foundry in the following weeks.
ARM actually implemented a full four-core Artemis cluster on the test chip which should show vendors what is possible for their production designs. The test chip has a current generation Mali GPU implementation with 1 shader core to show vendors what they will get when they use ARM’s POP IP in conjunction with its GPU IP. There is also a range of other IP blocks and I/O interfaces that are used to validation of the new manufacturing process.
TSMC’s 10FF manufacturing process is supposed to increase density with scaling’s of up to 2.1x compared to the previous 16nm manufacturing node. It also brings about 11-12 per cent higher performance at each process’ respective nominal voltage, or a 30 per cent reduction in power.
ARM siad that comparing a current Cortex A72 design on 16FF+ and an Artemis core on 10FF on the new CPU and process can halve the dynamic power consumption. Currently clock frequencies on the new design are still behind the older more mature process and IP, but ARM expects this to improve as it optimizes its POP and the process stabilizes.
British chip maker ARM has acquired Apical which is an imaging and embedded computer Vision Company in a $350 million cash deal.
Apical’s products are used in more than 1.5 billion smartphones and 300 million other devices, all over the world, including IP cameras, digital stills cameras and tablets.
Its products will be used in ARM’s ‘next generation vehicles’, security systems, robotics, mobile and other consumer, smart building, industrial or retail application. These devices will be able to ‘understand and act intelligently on information from their environment,’ the press release claims.
It also said Apical’s technology will complement the ARM Mali graphics, display and video processor roadmap.
ARM CEO Simon Segars said that the computer vision is in the early stages of development:
“The world of devices powered by this exciting technology can only grow from here. Apical is at the forefront of embedded computer vision technology, building on its leadership in imaging products that already enable intelligent devices to deliver amazing new user experiences. The ARM partnership is solving the technical challenges of next generation products such as driverless cars and sophisticated security systems. These solutions rely on the creation of dedicated image computing solutions and Apical’s technologies will play a crucial role in their delivery.”
There are three products being looked at: Spirit (computer-vision technology), Assertive Display (screens which adapt to changes in light) and Assertive Camera (new performance advances, including dynamic range, noise reduction and colour management).
Mozilla is taking legal action to find out whether its code was affected during an FBI investigation into Tor, the privacy browser that shares a lot of Firefox code.
Mozilla has concerns that the FBI has found a vulnerability that it will not disclose. The firm wants to know what it might be so that it can apply a fix. The FBI has not helped out, so the software company has taken its case to the courts.
“User security is paramount. Vulnerabilities can weaken security and ultimately harm users. We want people who identify security vulnerabilities in our products to disclose them to us so we can fix them as soon as possible,” said Mozilla lawyer Denelle Dixon-Thayer in a blog post as she explained that this is not a political action.
“Today, we filed a brief in an ongoing criminal case asking the court to ensure that, if our code is implicated in a security vulnerability, the government must disclose the vulnerability to us before it is disclosed to any other party.
“We aren’t taking sides in the case, but we are on the side of the hundreds of millions of users who could benefit from timely disclosure.”
The situation arose after an FBI investigation into a Tor-based child abuse site. The site was closed down, and the FBI reportedly installed malware to trace the users.
This suggests that the FBI has a decent way into the software, which raises concerns for Mozilla.
“The relevant issue in this case relates to a vulnerability allegedly exploited by the government in the Tor Browser,” said Dixon-Thayer.
“The Tor Browser is partially based on our Firefox browser code. Some have speculated, including members of the defence team, that the vulnerability might exist in the portion of the Firefox browser code relied on by the Tor Browser.
“At this point, no one (including us) outside the government knows what vulnerability was exploited and whether it resides in any of our code base.
“The judge in this case ordered the government to disclose the vulnerability to the defence team but not to any of the entities that could actually fix the vulnerability. We don’t believe that this makes sense because it doesn’t allow the vulnerability to be fixed before it is more widely disclosed.”
Mozilla would like the FBI to follow the same disclosure procedures as the technology industry and do the decent thing by letting the company know as soon as possible.
“Court-ordered disclosure of vulnerabilities should follow the best practice of advance disclosure that is standard in the security research community,” she said.
“In this instance, the judge should require the government to disclose the vulnerability to the affected technology companies first, so it can be patched quickly.
“Governments and technology companies both have a role to play in ensuring people’s security online. Disclosing vulnerabilities to technology companies first allows us to do our job to prevent users being harmed and to make the web more secure.”
Google is quietly working on a competitor to the Amazon Echo, a wireless speaker controlled by voice command, according to a report in The Information.
Google has not replied to a request for comment.
The Echo, which has proven to be a popular and well-reviewed product for Amazon, plays music and podcasts, sets alarms and to-do lists, and offers weather and traffic reports on demand.
Google, which dominates the online search market and owns the popular Android platform, has the pieces necessary to put together its own version of Echo, according to industry analysts.
And, they say, it would be a smart move for the company.
“Google has all the capabilities that Amazon Echo has,” said Patrick Moorhead, an analyst with Moor Insights & Strategy. However, Google’s been focused on smartphones and tablets right now. “I believe Google will build a plugged-in device that does what Echo can do — and more,” Moorhead added.
Ezra Gottheil, an analyst with Technology Business Research, noted that while it makes sense for mobile device users to be able to control their systems by voice, it also makes sense to do the same with home devices.
“Why not be able to do that when your hands are full of food or baby or puppy?” he asked. “Whatever Google builds will have to be better than Echo, but I don’t think that will be hard. Google’s current voice-based product, Google Voice Search, is available in a bunch of languages, while Echo is English-only. Echo does interface with Gmail but I would be surprised if Google can’t come up with deeper integration.”
While Gottheil said it wouldn’t actually hurt Google to not have an Echo-like product for a while, launching one would contribute to the company’s core business.
Contract prices of NAND flash memory chips fell by nine to 10 per cent in the fourth quarter due to oversupply conditions.
Beancounters at analyst outfit TrendForce report that the prices of eMMC and SSD products also fell by 10 to 11 per cent quarterly due to weaker-than-expected shipments of OEM devices such as smartphones, tablets and notebooks.
Overall fourth-quarter worldwide NAND flash sales were down 2.3% sequentially, the research group added.
Sean Yang, research director at DRAMeXchange, a division of TrendForce said that besides facing rapidly falling prices, the manufacturers have also reached a bottleneck in their process technology migration.
Memory makers that are developing or producing 3D-NAND flash are encountering yield rate issues, with Samsung being the sole exception. As the cost reduction advantage associated with technology migration diminishes, branded NAND flash suppliers posted significant quarterly declines in both their revenues and operating margins for the fourth quarter of last year.
Samsung was one of the few manufacturers that experienced revenue growth in the fourth quarter of 2015 on account of its lead in 3D-NAND flash development and the rising sales of its high-density eMMC, eMCP and SSD products. In the fourth quarter, Samsung’s NAND flash business registered a quarterly bit shipment growth of 15% and a 10 to15% quarterly slide in the average selling price. The memory maker thus saw a quarterly revenue growth of 4.2 per cent as well as a slight decrease in its operating margin.
Toshiba’s NAND flash business was affected by market oversupply as well. Compared with the prior quarter, the memory maker’s average selling price was 13 to 14 per cent lower in the fourth quarter of last year. Toshiba only recently began the trial production of 3D-NAND flash. Moreover, the Japanese memory maker has found that its 15nm process offers limited cost reduction advantage. Thus, the company’s NAND flash business registered a decline in its operating margin for the fourth quarter.
SanDisk’s product mix adjustments have paid off as client and enterprise grade SSD sales make up an increasing share of the company’s total revenue. SanDisk also saw a 10 per cent quarterly drop in both the average selling price and the average unit cost of its NAND flash chips in the fourth quarter of 2015. As a result, SanDisk’s gross margin reached 43% in the fourth quarter – on par with the previous quarter.
Compared with the third quarter, SK Hynix’s fourth-quarter NAND flash revenue fell by 9.3 per cent to $841 million. The South Korean memory supplier also saw a 4 per cent bit shipment growth and a 15 oer cent slide in the average selling price. As tablet and smartphone shipments from strategic clients are expected to suffer a huge drop in the first quarter, DRAMeXchange projects SK Hynix to post a 10 per cent quarterly decline in bit shipments as well.
Set against the previous fiscal period, Micron’s bit shipments for the first fiscal quarter of 2016 (from September to November last year) registered a 6% quarterly increase, while its average selling price dropped by 7 per cent and unit cost fell by 6 per cent. Micron’s revenue for the first fiscal quarter of 2016 therefore arrived at $1.15 billion, up 1.9 per cent from the prior fiscal quarter.
Intel’s major Enterprise-SSD customers pulled inventory in advance during the third quarter. Consequently, Intel’s bit sales grew 10 per cent quarterly in the fourth quarter of 2015. However, the oversupply in the fourth quarter resulted in a steeper decrease in the average selling price, causing Intel’s revenue fall slightly by 0.2 per cent quarterly to $662 million.
Besides the fact that chip is pretty good, since the Qualcomm has been seen at all the fashionable places and all the right people promoting the chip heavily. As a result it will be adopted by Samsung, LG, Sony, HTC, Xiaomi, Vivo and LeTV.
Qualcomm senior vice president for global marketing Tim McDonough has confirmed that more than 100 mobile devices powered by Snapdragon 820 chips are currently under development.
But mobile is only the tip of the iceberg for the Snapdragon 820 platform. It has been earmarked for VR (virtual reality) devices, robots and commercial drones. There will also be a Snapdragon 820A to enable automakers to develop driving assistance systems and telematics/entertainment systems for connected car applications.
All up this means that this year will be Qualcomm’s and more than make up for the embarrassment of last year’s over heating 810 fiasco.
The Cortex-A32 is a 32-bit processor built on the ARMv8-A architecture, and the company claims that it’s 25% more efficient than the Cortex-A7, the firm’s current leader in terms of the embedded 32-bit core.
Not only could the new Cortex-A32 could well usher in more efficient and perhaps even smaller boards for enthusiasts who love to tinker but also the power requirement could put it in the front row of the much hyped Internet of things revolution. In its smallest configuration with a 100MHz single-core version it uses less than 4mW, and takes up less than 0.25 mm2 of silicon. ARM claims its Cortex-A32 is highly scalable and can be used in single-core or up to quad-core configurations.
In short it is a more compact Cortex-A35 without the 64-bit support. James McNiven, general manager, CPU group at ARM, told Ars Technica:
“The Cortex-A32 processor, enabled with secure ARM TrustZone technology, builds on the trail blazed by the Cortex-A5 and Cortex-A7 processors in embedded applications such as single-board computing, IoT edge nodes and wearables. “It brings greater performance, efficiency and other benefits of the ARMv8-A architecture for ARM’s silicon partners to innovate on for richer, more secure embedded systems.”
ARM has released the new Cortex-R8 processor design which it says can provide low latency and high performance for modem and storage device chips.
The press release claims that the Cortex chip delivers twice the performance of its predecessor. The Cortex-R7 was released in 2011 so twice the performance over five years is not that impressive, but better than a poke in the eye with a short stick.
The company is targeting the CPU for 5G and LTE modems, as well as next-gen storage devices.
The ARM Cortex-R8 is a quad-core with low-latency memory which can manage 2MB per core. This should make mobile downloading and data transfers faster.
Four cores have superscalar out-of-order execution capabilities to allow code being crunched by the cores to react to interrupts deterministically.
The Cortex-R8 works with existing software which makes it easy for developers to integrate it into single CPU real-time processing products and reduce design cycles.
More than 1.4 billion Cortex-R processors have found their way into data storage devices and on system-on-chip (SoC) hardware used by major hard disk drive and solid state drive makers.
ARM that a few chipmakers have already started using the chip in their SoC.