During a presentation at the Game Developers Conference earlier this month, Boss Fight Entertainment’s Damion Schubert suggested the industry to drop the term “whales,” calling it disrespectful to the heavy spenders that make the free-to-play business model possible. As an alternative, he proposed calling them “patrons,” as their largesse allows the masses to enjoy these works that otherwise could not be made and maintained.
After his talk, Schubert spoke with GamesIndustry.biz about his own experiences with heavy spending customers. During his stint at BioWare Austin, Schubert was a lead designer on Star Wars: The Old Republic as it transitioned from its original subscription-based business model to a free-to-play format.
“I think the issue with whales is that most developers don’t actually psychologically get into the head of whales,” Schubert said. “And as a result, they don’t actually empathize with those players, because most developers aren’t the kind of person that would shell out $30,000 to get a cool speeder bike or whatnot… I think your average developer feels way more empathy for the free players and the light spenders than the whales because the whales are kind of exotic creatures if you think about them. They’re really unusual.”
Schubert said whales, at least those he saw on The Old Republic, don’t have uniform behavior patterns. They weren’t necessarily heavy raiders, or big into player-vs-player competition. They were just a different class of customer, with the only common attribute being that they apparently liked to spend money. Some free-to-play games have producers whose entire job is to try to understand those customers, Schubert said, setting up special message boards for that sub-community of player, or letting them vote on what content should be added to a game next.
“When you start working with these [customers], there’s a lot of concern that they are people who have gambling problems, or kids who have no idea of the concept of money,” Schubert said.
But from his experience on The Old Republic, Schubert came to understand that most of that heavy spending population is simply people who are legitimately rich and don’t have a problem with devoting money to something they see as a hobby. Schubert said The Old Republic team was particular mindful of free-to-play abuse, and had spending limits placed to protect people from credit card fraud or kids racking up unauthorized charges. If someone wanted to be a heavy spender on the game, they had to call up customer service and specifically ask for those limits to be removed.
“If you think about it, they wanted to spend money so much that they were willing to endure what was probably a really annoying customer service call so they could spend money,” Schubert said.
The Old Republic’s transition from a subscription-based model to free-to-play followed a wider shift in the massively multiplayer online genre. Schubert expects many of the traditional PC and console gaming genres like fighting games and first-person shooters to follow suit, one at a time. That said, free-to-play is not the business model of the future. Not the only one, at least.
“I think the only constant in the industry is change,” Schubert said when asked if the current free-to-play model will eventually fall out of favor. “So yeah, it will shift. And it will always shift because people find a more effective billing model. And the thing to keep in mind is that a more effective billing model will come from customers finding something they like better… I think there is always someone waiting in the wings with a new way of how you monetize it. But I do think that anything we’re going to see in the short term, at least, is probably going to start with a great free experience. It’s just so hard to catch fire; there are too many competitive options that are free right now.”
Two upstart business models Schubert is not yet sold on are crowdfunding and alpha-funding. As a consumer, he has reservations about both.
“The Wild West right now is the Kickstarter stuff, which is a whole bunch of companies that are making their best guess about what they can do,” Schubert said. “Many of them are doing it very, very poorly, because it turns out project management in games is something the big boys don’t do very well, much less these guys making their first game and trying to do it on a shoestring budget. I think that’s a place where there’s a lot more caveat emptor going on.”
Schubert’s golden rule for anyone thinking of supporting a Kickstarter is to only pledge an amount of money you would be OK losing forever with nothing to show for it.
“At the end of the day, you’re investing on a hope and a dream, and by definition, a lot of those are just going to fail or stall,” Schubert said. “Game development is by definition R&D. Every single game that gets developed is trying to find a core game loop, trying to find the magic, trying to find the thing that will make it stand out from the 100 other games that are in that same genre. And a lot of them fail. You’ve played 1,000 crappy games. Teams didn’t get out to make crappy games; they just got there and they couldn’t find the ‘there’ there.”
He wasn’t much kinder to the idea of charging people for games still in an early stage of development.
“I’m not a huge fan of Early Access, although ironically, I think the MMO genre invented it,” Schubert said. “But on the MMOs, we needed it because there are things on an MMO that you cannot test without a population. You cannot test a 40-man raid internally. You cannot test large-scale political systems. You cannot test login servers with real problems from different countries, server load and things like that. Early Access actually started in my opinion, with MMOs, with the brightest of hopes and completely and totally clean ideals.”
Schubert has funded a few projects in Early Access, but said he wound up getting unfinished games in return. Considering he works on unfinished games for a living, he doesn’t have much patience for them in his spare time, and has since refrained from supporting games in Early Access.
“I genuinely think there are very few people in either Kickstarter or Early Access that are trying to screw customers,” Schubert said. “I think people in both those spaces are doing it because they love games and want to be part of it, and it’s hard for me to find fault in that at the end of the day.”
Oracle and Intel have teamed up for the first demonstration of carrier-grade network function virtualization (NFV), which will allow communication service providers to use a virtualized, software-defined model without degradation of service or reliability.
The Oracle-led project uses the Intel Open Network Platform (ONP) to create a robust service over NFV, using intelligent direction of software to create viable software-defined networking that replaces the clunky equipment still prevalent in even the most modern networks.
Barry Hill, Oracle’s global head of NFV, told The INQUIRER: “It gets us over one of those really big hurdles that the industry is desperately trying to overcome: ‘Why the heck have we been using this very tightly coupled hardware and software in the past if you can run the same thing on standard, generic, everyday hardware?’. The answer is, we’re not sure you can.
“What you’ve got to do is be smart about applying the right type and the right sort of capacity, which is different for each function in the chain that makes up a service.
“That’s about being intelligent with what you do, instead of making some broad statement about generic vanilla infrastructures plugged together. That’s just not going to work.”
Oracle’s answer is to use its Communications Network Service Orchestration Solution to control the OpenStack system and shrink and grow networks according to customer needs.
Use cases could be scaling out a carrier network for a rock festival, or transferring network priority to a disaster recovery site.
“Once you understand the extent of what we’ve actually done here, you start to realize just how big an announcement this is,” said Hill.
“On the fly, you’re suddenly able to make these custom network requirements instantly, just using off-the-shelf technology.”
The demonstration configuration optimizes the performance of an Intel Xeon E5-2600 v3 processor designed specifically for networking, and shows for the first time a software-defined solution which is comparable to the hardware-defined systems currently in use.
In other words, it can orchestrate services from the management and orchestration level right down to a single core of a single processor, and then hyperscale it using resource pools to mimic the specialized characteristics of a network appliance, such as a large memory page.
“It’s kind of like the effect that mobile had on fixed line networks back in the mid-nineties where the whole industry was disrupted by who was providing the technology, and what they were providing,” said Hill.
“Suddenly you went from 15-year business plans to five-year business plans. The impact of virtualization will have the same level of seismic change on the industry.”
Today’s announcement is fundamentally a proof-of-concept, but the technology that powers this kind of next-generation network is already evolving its way into networks.
Hill explained that carrier demand had led to the innovation. “The telecoms industry had a massive infrastructure that works at a very slow pace, at least in the past,” he said.
“However, this whole virtualization push has really been about the carriers, not the vendors, getting together and saying: ‘We need a different model’. So it’s actually quite advanced already.”
NFV appears to be the next gold rush area for enterprises, and other consortium are expected to make announcements about their own solutions within days.
The Oracle/Intel system is based around OpenStack, and the company is confident that it will be highly compatible with other systems.
The ‘Oracle Communications Network Service Orchestration Solution with Enhanced Platform Awareness using the Intel Open Network Platform’ – or OCNSOSWEPAUTIONP as we like to think of it – is currently on display at Oracle’s Industry Connect event in Washington DC.
The INQUIRER wonders whether there is any way the marketing department can come up with something a bit more catchy than OCNSOSWEPAUTIONP before it goes on open sale.
At the WinHEC conference Microsoft revealed that Windows 10 will support 8K (7680*4320) resolution for monitors, which is unlikely show up on the market this year or next.
It also showed off minimum and maximum resolutions supported by its upcoming Windows 10. It looks like the new operating system will support 6″+ phone and tablet screens with up to 4K (3840*2160) resolution, 8″+ PC displays with up to 4K resolution and 27″+ monitors with 8K (7680*4320) resolution.
To put this in some perspective, the boffins at the NHK (Nippon H?s? Ky?kai, Japan Broadcasting Corp.) think that 8K ultra-high-definition television format will be the last 2D format as the 7680*4320 resolution (and similar resolution) is the highest 2D resolution that the human eye can process.
This means that 8K and similar resolutions will stay around for a long time and it makes sense to add their support to hardware and software.
NHK is already testing broadcasting in 8K ultra-high-definition resolutions, VESA has ratified DisplayPort and embedded DisplayPort standards to connect monitors with up to 8K resolution to graphics adapters and a number of upcoming games will be equipped for textures for 8K UHD displays.
However monitors that support 8K will not be around for some time because display makers will have to produce new types of panels for them.
Redmond will be ready for the advanced UHD monitors well before they hit the market. Many have criticized Microsoft for poor support of 4K UHD resolutions in Windows 8.
The service, dubbed Pony Express, would ask users to provide personal information, including credit card and Social Security numbers, to a third-party company that would verify their identity, according to a Re/code report on Tuesday.
Google also would work with vendors that distribute bills on behalf of service providers like insurance companies, telecom carriers and utilities, according to the article, which was based on a document seen by Re/code that describes the service.
It’s not clear whether Pony Express is the actual name of the service or if Google will change the name once it launches. It’s planned to launch by the end of the year, according to the report.
A Google spokeswoman declined to comment.
A handful of vendors such as Intuit, Invoicera and BillGrid already offer e-billing payment and invoicing software. Still, a Google service, especially one within Gmail, could be useful and convenient to consumers if the company is able to simplify the online payment process.
A benefit for Google could be access to valuable data about people’s e-commerce activities, although there would be privacy issues to sort out. Google already indexes people’s Gmail messages for advertising purposes.
Plus, the service could give Google an entry point into other areas of payment services. The company has already launched a car insurance shopping servicefor California residents, which it plans to expand to other states.
It’s unclear who Google’s partners would be for the service, but screen shots published by Re/Code show Cascadia Financial, a financial planning company, and food delivery service GreatFoods.
HP has announced its first off-the-shelf configured private cloud based on OpenStack and Cloud Foundry.
HP Helion Rack continues the Helion naming convention for HP’s cloud offerings, and will, it is hoped, help enterprise IT departments speed up cloud deployment by offering a solid template system and removing the months of design and build.
Helion Rack is a “complete” private cloud with integrated infrastructure-as-a-service and platform-as-a-service capabilities that mean it should be a breeze to get it working with cloud-dwelling apps.
“Enterprise customers are asking for private clouds that meet their security, reliability and performance requirements, while also providing the openness, flexibility and fast time-to-value they require,” said Bill Hilf, senior vice president of product management for HP Helion.
“HP Helion Rack offers an enterprise-class private cloud solution with integrated application lifecycle management, giving organisations the simplified cloud experience they want, with the control and performance they need.”
HP cites the key features of its product as rapid deployment, simplified management, easy scaling, workload flexibility, faster native-app development and, of course, the open architecture of OpenStack and Cloud Foundry, providing a vast support network for implementation, use cases and customisation.
The product is built on HP ProLiant DL servers, and is assembled by HP and configured with the HP Helion OpenStack and Development Platform. HP and its partners can then work alongside customers to find the best way to exploit the product knowing that it is up and running from day one.
HP Helion Rack will be available in April with prices varying by configuration. Finance is available for larger configurations.
Suse launched its own OpenStack Cloud 5 with Sahara data processing earlier this month, just one of many other implementations of OpenStack designed to help roll out the cloud revolution quickly to enterprises, but offering a complete 360 package is something that HP is pioneering.
Cisco has revealed details of a new point of sale (PoS) attack that could part firms from money and users from personal data.
The threat has been called PoSeidon by the Cisco team and comes at a time when eyes are on security breaches at firms like Target.
Cisco said in a blog post that PoSeidon is a new threat that has the ability to breach machines and scrape them for credit card information.
Credit card numbers and keylogger data is sent to an exfiltration server, while the mechanism is able to update itself and presumably evade some detection.
Cisco’s advice is for the industry to keep itself in order and network admins to keep systems up to date.
“PoSeidon is another malware targeting PoS systems that demonstrates the sophisticated techniques and approaches of malware authors. Attackers will continue to target PoS systems and employ various obfuscation techniques in an attempt to avoid detection,” said the firm.
“As long as PoS attacks continue to provide returns, attackers will continue to invest in innovation and development of new malware families. Network administrators will need to remain vigilant and adhere to industry best practices to ensure coverage and protection against advancing malware threats.”
The security industry agrees that PoS malware is a cash cow for cyber thieves, highlighting the importance of vigilance and keeping systems up to date.
“PoS malware has been extremely productive for criminals in the last few years, and there’s little reason to expect that will change anytime soon,” said Tim Erlin, director of product management at Tripwire.
“It’s no surprise that, as the information security industry updates tools to detect this malicious software, the authors will continue to adjust and innovate to avoid detection.
“Standards like the PCI Data Security Standard can only lay the groundwork for protecting retailers and consumers from these threats. A standard like PCI can specify a requirement for malware protection, but any specific techniques included may become obsolete as malware evolves.
“Monitoring for new files and changes to files can detect when malware installs itself on a system, as PoSeidon does.”
The issues were found in SAP’s Electronic Medical Records (EMR) Unwired, which stores clinical data about patients including lab results and images, said Alexander Polyakov, CTO of ERPScan, a company based in Palo Alto, Calif., that specializes in enterprise application security.
Researchers with ERPScan found a local SQL injection flaw that could allow other applications on a mobile device to get access to an EMR Unwired database. That’s not supposed to happen, as mobile applications are usually sandboxed to prevent other applications from accessing their data.
“For example, you can upload malware to the phone, and this malware will be able to get access to this embedded database of this health care application,” Polyakov said in a phone interview.
The company also found another issue in EMR Unwired, where an attacker could tamper with a configuration file and then change medical records stored on the server, according to an ERPScan advisory.
“You can send fake information about the medical records, so you can imagine what can be done after that,” Polyakov said. “You can say, ‘This patient is not ill’.”
SAP fixed both of the issues about a month ago, Polyakov said.
The German software giant also fixed another flaw about a week ago found by ERPScan researchers, which affected its mobile device management software, a mobile client that allows access to the company’s other business applications.
The two companies have signed an engineering partnership that the companies believe will lead to a reliable, scalable software-defined networking solution.
Mirantis OpenStack will now inter-operate with Juniper Contrail Networking, as well as OpenContrail, an open source software-defined networking system.
The two companies have published a reference architecture for deploying and managing Juniper Contrail Networking with Mirantis OpenStack to simplify deployment and reduce the need for third-party involvement.
Based on OpenStack Juno, Mirantis OpenStack 6.0 will be enhanced by a Fuel plugin in the second quarter that will make it even easier to deploy large-scale clouds in house.
However, Mirantis has emphasized that the arrival of Juniper to the fold is not a snub to the recently constructed integration with VMware.
Nick Chase of Mirantis explained, “…with this Juniper integration, Mirantis will support BOTH VMware vCenter Server and VMware NSX AND Juniper Networks Contrail Networking. That means that even if they’ve got VMware in their environment, they can choose to use NSX or Contrail for their networking components.
“Of course, all of that begs the question, when should you use Juniper, and when should you use VMware? Like all great engineering questions, the answer is ‘it depends’. How you choose is going to be heavily influenced by your individual situation, and what you’re trying to achieve.”
Juniper outlined its goals for the tie-up as:
- Reduce cost by enabling service providers and IT administrators to easily embrace SDN and OpenStack technologies in their environments
- Remove the complexity of integrating networking technologies in OpenStack virtual data centres and clouds
- Increase the effectiveness of their operations with fully integrated management for the OpenStack and SDN environments through Fuel and Juniper Networks® Contrail SDN Controller
The company is keen to emphasise that this is not meant to be a middle finger at VMware, but rather a demonstration of the freedom of choice offered by open source software. However, it serves as another demonstration of how even the FOSS market is growing increasingly proprietary and competitive.
On-body detection uses the accelerometer in the phone to detect when it’s being held or carried. If enabled, the feature requires a passcode the first time the phone is accessed but then keeps the device unlocked until it is placed down.
That means, for example, that users walking down the street won’t have to unlock the phone every time they take their phones out of their pockets.
The feature wasn’t widely announced by Google, but it began operating in some phones on Friday.
Like the other elements of smart lock, it should be used with caution as it can’t detect who is carrying the phone.
“If you unlock your device and hand it to someone else, your device also stays unlocked as long as the other person continues to hold or carry it,” reads a message displayed on phones with the new feature.
The smart lock feature was introduced with Android 5.0 KitKat and allows users to set zones around trusted places, such as a home or office, and Wi-Fi or Bluetooth devices, such as a computer or car radio. When the phone is in those zones it will remain unlocked once it’s been unlocked the first time.
It can also recognize faces and remain unlocked when it sees a trusted face.
“Hackers will go after anyone with health care information,” said John Pescatore, director of emerging security trends at the SANS Institute, adding that in recent years hackers have increasingly set their sights on EHRs (electronic health records).
With medical data, “there’s a bunch of ways you can turn that into cash,” he said. For example, Social Security numbers and mailing addresses can be used to apply for credit cards or get around corporate antifraud measures.
This could explain why attackers have recently targeted U.S. health insurance providers. Last Tuesday, Premera Blue Cross disclosed that the personal details of 11 million customers had been exposed in a hack that was discovered in January. Last month, Anthem, another health insurance provider, said that 78.8 million customer and employee records were accessed in an attack.
Both attacks exposed similar data, including names, Social Security numbers, birth dates, telephone numbers, member identification numbers, email addresses and mailing addresses. In the Premera breach, medical claims information was also accessed.
If the attackers try to monetize this information, the payout could prove lucrative.
Credentials that include Social Security numbers can sell for a couple of hundred dollars since the data’s lifetime is much longer compared to pilfered credit card numbers, said Matt Little, vice president of product development at PKWARE, an encryption software company with clients that include health care providers. Credit card numbers, which go for a few dollars, tend to work only for a handful of days after being reported stolen.
Security researchers who participated in the Pwn2Own hacking contest have demonstrated remote code execution exploits against the top four browsers, and also hacked the widely used Adobe Reader and Flash Player plug-ins.
South Korean security researcher and serial browser hacker Jung Hoon Lee, known online as lokihardt, single-handedly popped Internet Explorer 11 and Google Chrome on Microsoft Windows, as well as Apple Safari on Mac OS X.
He walked away with US$225,000 in prize money, not including the value of the brand new laptops on which the exploits are demonstrated and which the winners get to take home.
The Pwn2Own contest takes place every year at the CanSecWest security conference in Vancouver, Canada, and is sponsored by Hewlett-Packard’s Zero Day Initiative program. The contest pits researchers against the latest 64-bit versions of the top four browsers in order to demonstrate Web-based attacks that can execute rogue code on underlying systems.
Lee’s attack against Google Chrome earned him the largest payout for a single exploit in the history of the competition: $75,000 for the Chrome bug, an extra $25,000 for a privilege escalation to SYSTEM and another $10,000 for also hitting the browser’s beta version — for a total of $110,000.
The IE11 exploit earned him an additional $65,000 and the Safari hack $50,000.
Lee’s accomplishment is particularly impressive because he competed alone, unlike other researchers who teamed up, HP’s security research team said in a blog post.
Also on Thursday, a researcher who uses the hacker handle ilxu1a popped Mozilla Firefox on Windows for a $15,000 prize. He also attempted a Chrome exploit, but ran out of time before he managed to get his attack code working.
Mozilla Firefox was also hacked, during the first day of the competition, by a researcher named Mariusz Mlynski. His exploit also leveraged a Windows flaw to gain SYSTEM privileges, earning him a $25,000 bonus on top of the standard $30,000 payout for the Firefox hack.
Most of the attacks demonstrated at Pwn2Own this year required chaining of several vulnerabilities together in order to bypass all defense mechanisms put in place in operating systems and browsers to prevent remote code execution.
The final count for vulnerabilities exploited this year stands as follows: five flaws in the Windows OS, four in Internet Explorer 11, three each in Mozilla Firefox, Adobe Reader, and Flash Player, two in Apple Safari and one in Google Chrome.
Microsoft’s Xbox division is in a much healthier state today than it was a year ago. It’s had a tough time of it; forced to reinvent itself in an excruciating, public way as the original design philosophy and marketing message for the Xbox One transpired to be about as popular as breaking wind in a crowded lift, resulting in executive reshuffles and a tricky refocus of the variety that would ordinarily be carried out pre-launch and behind closed doors. Even now, Xbox One remains lumbered with the fossilised detritus of its abortive original vision; Kinect 2.0 has been shed, freeing up system resources and marking a clear departure for the console, but other legacy items like the expensive hardware required for HDMI input and TV processing are stuck right there in the system’s hardware and cannot be extracted until the inevitable redesign of the box rolls around.
All the same, under Phil Spencer’s tenure as Xbox boss, the console has achieved a better turnaround than any of us would have dared to expect – but that, perhaps, speaks to the low expectations everyone had. In truth, despite the sterling efforts of Spencer and his team, Xbox One is still a console in trouble. A great holiday sales season was widely reported, but actually only happened in one territory (the USA, home turf that was utterly dominated by Xbox in the previous generation), was largely predicated on a temporary price-cut and was somewhat marred by serious technical issues that dogged the console’s headline title for the season, the Master Chief Collection.
Since the start of 2015, things have settled down to a more familiar pattern once more; PS4 consistently outsells Xbox One, even in the USA, generally racking up more than double the sales of its competitor in global terms. Xbox One sells better month-on-month than the Wii U, but that’s cold comfort indeed given that Nintendo’s console is widely seen as an outright commercial failure, and Nintendo has all but confirmed that it will receive an early bath, with a replacement in the form of Nintendo NX set to be announced in 2016. Microsoft isn’t anywhere near that level of crisis, but nor are its sales in 2015 thus far outside the realms of comparison with Wii U – and their installed bases are nigh-on identical.
The odd thing about all of this, and the really positive thing that Microsoft and its collaborators like to focus on, is that while the Xbox One looks like it’s struggling, it’s actually doing markedly better than the Xbox 360 was at the same point in its lifespan – by my rough calculations, Xbox One is about 2.5 million units north of the installed base of Xbox 360 at the same point. Oddly, that makes it more comparable with PS3, which was, in spite of its controversy-dogged early years, a much faster seller out the door than Microsoft’s console. The point stands, though, that in simple commercial terms Xbox One is doing better than Xbox 360 did – it just happens that PS4 is doing better than any console has ever done, and casting a long shadow over Microsoft’s efforts in the process.
The problem with this is that I don’t think very many people are under the impression that Microsoft, whose primary businesses lie in the sale of office and enterprise software, cloud services and operating systems, is in the videogames business just in order to turn a little profit. Ever since the departure of Steve Ballmer and the appointment of the much more business-focused Satya Nadella as CEO, Xbox has looked increasingly out of place at Microsoft, especially as projects like Surface and Windows Phone have been de-emphasised. If Xbox still has an important role, it’s as the flag-bearer for Microsoft’s brand in the consumer space; but even at that, the “beach-head in the living room” is far less important now that Sony no longer really looks like a competitor to Microsoft, the two companies having streamlined themselves to a point where they don’t really focus on the same things any more. Besides, Xbox One is being left behind in PS4′s dust; even if Microsoft felt like it needed a beach-head in the living room, Xbox wouldn’t exactly be doing the job any more.
But wait, we’ve been here before, right? All those rumours about Microsoft talking to Amazon about unloading the Xbox division came to nothing only a few short months ago, after all. GDC saw all manner of talk about Xbox One’s place in the Windows 10 ecosystem; Spencer repeatedly mentioned the division having Nadella’s backing, and then there’s the recent acquisition of Minecraft, which surely seems like an odd thing to take place if the position of Xbox within the Microsoft family is still up in the air. Isn’t this all settled now?
Perhaps not, because the rumours just won’t stop swirling that Microsoft had quietly put Xbox on the market and is actively hunting for a buyer. During GDC and ever since, the question of who will come to own Xbox has been posed and speculated upon endlessly. The console’s interactions with Windows 10, including the eventual transition of its own internal OS to the Windows 10 kernel; the supposed backing of Nadella; the acquisition of Minecraft; none of these things have really deterred the talk that Microsoft doesn’t see Xbox as a core part of its business any more and would be happy to see it gone. The peculiar shake-up of the firm’s executive team recently, with Phil Harrison quietly departing and Kudo Tsunoda stepping up to share management of some of Microsoft Game Studios’ teams with Phil Spencer, has added fuel to the fire; if you hold it up at a certain angle to the light, this decision could look like it’s creating an internal dividing line that would make a possible divestment easier.
Could it happen? Well, yes, it could – if Microsoft is really determined to sell Xbox and can find a suitable bidder, it could all go far more smoothly than you may imagine. Xbox One would continue to be a part of the Windows 10 vision to some extent, and would probably get its upgrade to the Windows 10 kernel as well, but would no longer be Microsoft hardware – not an unfamiliar situation for a company whose existence has mostly been predicated on selling operating systems for other people’s hardware. Nobody would buy Xbox without getting Halo, Forza and various other titles into the bargain, but Microsoft’s newly rediscovered enthusiasm for Windows gaming would suggest a complex deal wherein certain franchises (probably including Minecraft) remain with Microsoft, while others went off with the Xbox division. HoloLens would remain a Microsoft project; it’s not an Xbox project right now and has never really been pushed as an Xbox One add-on, despite the immediate comparisons it prompted with Sony’s Morpheus. Xbox games would still keep working with the Azure cloud services (Microsoft will happily sell access to that to anyone, on any platform), on which framework Xbox Live would continue to operate. So yes, Xbox could be divorced from Microsoft, maintaining a close and amiable relationship with the requisite parts of the company while taking up residence in another firm’s stable – a firm with a business that’s much more in line with the objectives of Xbox than Microsoft now finds itself to be.
“None of Xbox’ rivals would be in the market to buy such a large division, and no game company would wish to lumber itself with a platform holder business. Neither Apple nor Google make the slightest sense as a new home for Xbox either”
This, I think, is the stumbling block. I’m actually quite convinced that Microsoft would like to sell the Xbox division and has held exploratory talks to that end; I’m somewhat less convinced, but prepared to believe, that those talks are continuing even now. However, I’m struggling to imagine a buyer. None of Xbox’ rivals would be in the market to buy such a large division, and no game company would wish to lumber itself with a platform holder business. Neither Apple nor Google make the slightest sense as a new home for Xbox either; the whole product is distinctly “un-Apple” in its ethos and approach, while Google is broadly wary of hardware and almost entirely disinterested in games.
Amazon was the previously mentioned suitor, and to my mind, remains the most likely purchaser – but it’s seemingly decided to pursue its own strategy for living room devices for now, albeit with quite limited success. I could see Amazon still “exploring options” in this regard with Microsoft, but if that deal was going to happen, I would have expected it to happen last year. Who else is out there, then? Netflix, perhaps, is an interesting outside possibility – the company’s branching out into creating original TV content as well as being a platform for third-party content would be a reasonably good cultural match for the Game Studios aspect of Xbox, but it’s hard to imagine a company that has worked so hard to divorce itself from the entire physical product market suddenly leaping back into it with a large, expensive piece of hardware.
This, I think, is what ultimately convinces me that Xbox is staying at Microsoft – for better or worse. It might be much better for Xbox if it was a centrepiece project for a company whose business objectives matched its strengths; but I don’t think any such company exists to take the division off Microsoft’s hands. Instead, Spencer and his talented team will have to fight to ensure that Xbox remains relevant and important within Microsoft. Building its recognition as a Windows 10 platform is a good start; figuring out other ways in which Xbox can continue to be a great game platform while also bringing value to the other things that Microsoft does is the next challenge. Having turned around public perception of the console to a remarkable degree, the next big task for the Xbox team will be to change perceptions within Microsoft itself and within the investor community – if Xbox is stuck at Microsoft for the long haul, it needs to carve itself a new niche within a business vision that isn’t really about the living room any more.
Target is reportedly close to paying out $10m to settle a class-action case that was filed after it was hacked and stripped of tens of millions of peoples’ details.
Target was smacked by hackers in 2013 in a massive cyber-thwack on its stores and servers that put some 70 million people’s personal information in harm’s way.
The hack has had massive repercussions. People are losing faith in industry and its ability to store their personal data, and the Target incident is a very good example of why people are right to worry.
As well as tarnishing Target’s reputation, the attack also led to a $162m gap in its financial spreadsheets.
The firm apologized to its punters when it revealed the hack, and chairman, CEO and president Gregg Steinhafel said he was sorry that they have had to “endure” such a thing
Now, according to reports, Target is willing to fork out another $10m to put things right, offering the money as a proposed settlement in one of several class-action lawsuits the company is facing. If accepted, the settlement could see affected parties awarded some $10,000 for their troubles.
We have asked Target to either confirm or comment on this, and are waiting for a response. For now we have an official statement at Reuters to turn to. There we see Target spokeswoman Molly Snyder confirming that something is happening but not mentioning the 10 and six zeroes.
“We are pleased to see the process moving forward and look forward to its resolution,” she said.
Not available to comment, not that we asked, will be the firm’s CIO at the time of the hack. Thirty-year Target veteran Beth Jacob left her role in the aftermath of the attack, and a replacement was immediately sought.
“To ensure that Target is well positioned following the data breach we suffered last year, we are undertaking an overhaul of our information security and compliance structure and practices at Target,” said Steinhafel then.
“As a first step in this effort, Target will be conducting an external search for an interim CIO who can help guide Target through this transformation.”
“Transformational change” pro Bob DeRodes took on the role in May last year and immediately began saying the right things.
“I look forward to helping shape information technology and data security at Target in the days and months ahead,” he said.
“It is clear to me that Target is an organization that is committed to doing whatever it takes to do right by their guests.”
We would ask Steinhafel for his verdict on DeRodes so far and the $10m settlement, but would you believe it, he’s not at Target anymore either having left in the summer last year with a reported $61m golden parachute.
The apps have not yet been patched against the FREAK attack, short for Factoring attack on RSA-EXPORT Keys, which was revealed by researchers on March 3.
The unpatched apps, which were not identified, are in categories including finance, communication, shopping, business and medicine, computer security company FireEye said in a blog post Tuesday.
The findings highlight how even some of the most publicized and severe flaws can take quite a bit of time to get fixed. That poses risks for people using apps whose developers are not quick to patch them.
Researchers revealed earlier this month that many software programs and browsers were vulnerable to FREAK, which is a flaw that can allow an SSL/TLS (Secure Sockets Layer/Transport Security Layer) encryption key to be downgraded to 512 bits — much weaker than the 2,048-bit keys typically used today.
The flaw is a legacy of U.S. government export restrictions in the 1990s that banned selling software products overseas with strong encryption keys. Many products can still be forced into using weaker keys, which can be cracked by running mathematical software on a public cloud service.
FREAK is unique in that a wide variety of products need to be upgraded to fix the problem. Apple and Google have patched their mobile operating systems, but many apps compatible with those devices must also be upgraded. FireEye found many examples where, as of last week, that hadn’t happened.
It found 1,228 Android applications in Google Play that are still vulnerable, of the 10,985 they analyzed. All the apps had been downloaded more than a million times. On the iOS side, FireEye said 771 of 14,079 apps it looked at were vulnerable, though in most cases only if they were running on iOS versions prior to 8.2, which patched the issue. Only seven apps were still vulnerable on iOS 8.2.
Users can tap or click a dollar icon in a new chat window to send money to their friends, after they link a Visa or MasterCard debit card issued by a U.S. bank to their accounts.
The free feature will roll out over the next few months for users in the United States who access Facebook Messenger through desktop computers or Google Inc’s Android and Apple Inc’s iOS operating systems on mobile devices.
Users can create a PIN or enable Touch ID if they have an iPhone to add a level of security to the payments.
Snapchat had launched a similar service last November, called Snapcash.
The mobile messaging company partnered with online payments company Square to allow Snapchat users to link their debit cards to their account and quickly send money to a contact by starting a chat on a smartphone.