The Chinese company said the data center will span over 10 cloud services including Elastic Compute Service, offering scalable computing services, an Analytic Database Service that provides real-time, high-concurrency online analytical processing, and a Cloud Monitor System using an open platform for the real-time monitoring of sites and servers.
Alibaba did not respond to a request for more information on the new data center.
The company said earlier this year that it was investing US$1 billion in its cloud computing business. It launched its first data center in Silicon Valley in March, confirming its ambitions to enter the U.S. market.
The new data center is designed to accommodate the cloud and big data requirements of customers in the U.S. West Coast for the next three to five years, the company said. Alibaba has been targeting Chinese enterprises in the U.S, but it eventually wants to also attract U.S. firms there.
The launch of a data center in Silicon Valley enables Internet companies in China to expand their businesses in North America, Simon Hu, president of Alibaba cloud computing, said in May. Beyond that, the strategy would be predicated on consumer demand, the executive said ahead of the launch of the second data center in California.
Although smaller than some of its peers like Amazon Web Services, the company is rated by analysts as the largest cloud services provider in China, and has the opportunity to expand its business in Asia and other markets as some of its Chinese customers expand their operations outside China.
A problem with Cisco VPN systems could be exposing enterprise passwords to the sort of people who use them for bad things.
Yesterday we had Cisco warning about someone else’s problem, but today we have a company called Volexity volleying a shot in Cisco’s direction. Volexity said that it has found two exploitable vulnerabilities that can be used to drain details from databases. It reckons that this represents an upscaling in attacks, their means and their methods.
The problems exist in the web-based Cisco Clientless SSL VPN (Web VPN) that connects users to Cisco Adaptive Security Appliance devices. A screenshot shows this as a typical log-in box that asks for a username and password.
“As the industry is learning, firewalls, network devices and anything else an attacker might be able to gain access to should be scrutinised just as much as any workstation or server in an organisation.
“Having your own devices turned against you can make for a bad week. This represents yet another way attackers are taking credential theft and network persistence to the next level.”
We have asked Cisco to comment on the Volexity report, and are waiting for a response. Volexity has plenty to say, and explained that even two-factor authentication would have quailed in the face of the threat because of its positioning on the network.
The vulnerability has been present for at least a year, according to the study, and has been addressed by Cisco in the past. However, hackers moved fast and got a foot in the door.
“While Cisco provided updated software to address the vulnerability, attackers were already off to the races. Vulnerable organisations that were slow to update may have received an unwelcome addition to the source of their logon.html file,” added Volexity.
“Victim organisations effectively had their Cisco Web VPN devices turned into credential collectors for the attackers. This particular round of attacks appears to have compromised several organisations around the globe.”
This is the second time in a month that Cisco has had the insecurity finger pointed at its hardware. In September Mandiant warned about Synful Knock. Then Cisco released prophylactic tools, and thanked the messenger.
The tried and tested fake application threat has been felt again in the Android Play store, according to security research outfit ESET.
ESET is not new to this, nor is the Play store. The security firm said that the aim of the latest infections and attack is to take over a handset and flood it with advertising.
The infected applications are piggybacking on two popular games called Pou and Subway Surfers, both of which have been downloaded over 200,000 times.
“The apps pose as Cheats for Pou, Guide for Subway and Cheats For Subway, claiming to offer the same application functionality in apps. The payload of these applications is to deliver ads to users at regular intervals,” ESET said.
This sort of thing is common in a lot of apps, and is traditionally called advertising.
ESET said in a We Live Security blog post that this is much worse, explaining that once installed the application will resist all efforts at removal and will be a very stubborn presence and persistent marketing mouthpiece.
“While ad-supported applications are common in the Android ecosystem, there’s a clear boundary of behaviours that ESET cannot condone. These particular AdDisplay POUs [potentially unwanted applications] contain specialised self-protection functionalities that not only make the removal of the app from the Android device more difficult, but help it evade detection by Google Bouncer in the first place,” the firm said.
“When users realise that the apps are exhibiting very unusual behaviour and try to uninstall them, they will find that this is far from easy. The apps will ask the user to activate the device’s administrator rights. Thus, users may have difficulty removing this AdDisplay threat.”
The firm has announced workarounds for anyone suffering from the malware. We have, of course, asked Google for its own information and statements.
This isn’t the first time that Google Bouncer has been evaded for malicious gain. Perhaps the system is having some personal problems that are distracting it from work.
The Obama administration will not pursue legislation at this point to ban the encryption of communications by many technology services and product vendors, but will work on a compromise with industry, a senior U.S. official said.
“The administration is not seeking legislation at this time,” Federal Bureau of Investigation Director James Comey said in a statement before a Senate Committee on Homeland Security and Governmental Affairs.
Comey had previously asked for a “robust debate” on encryption of communications, saying that the technology could come in the way of his doing his job to keep people safe.
In his testimony, he said that the government is “actively engaged with private companies to ensure they understand the public safety and national security risks that result from malicious actors’ use of their encrypted products and services.”
Civil rights groups and the tech industry have asked President Barack Obama to take a stand against any dilution of encryption, including mandating the creation of backdoors for law enforcement, citing the right of individuals to use encryption for their privacy and security.
In a recent letter to Obama, Ed Black, president and CEO of industry body Computer & Communications Industry Association wrote that he was aware of an ongoing discussion within the administration regarding the growing availability of strong encryption in consumer products and communications systems, and its implications for criminal and counter-terrorism investigations.
“Technical and legislative policy proposals, from mandates to incentives, are being debated by a variety of stakeholders,” Black wrote.
The midsole can be tailored to the shape and the cushioning needs of an individual’s foot.
Linked with existing data sourcing and foot-scan technologies, it opens unique opportunities for immediate in-store fittings, Adidas said in a statement.
“Imagine walking into an Adidas store, running briefly on a treadmill and instantly getting a 3D-printed running shoe – this is the ambition of the Adidas 3D-printed midsole,” the company said.
Adidas said with 3D printing using CAD software, it can create a flexible, fully breathable carbon copy of the a runner’s footprint, matching exact contours and pressure points. The midsole with be printed using a modified thermoplastic polyurethane (TPU).
“It’s brand-new in the marketplace and convinced us with its durable elasticity as well as high tear strength and abrasion resistance,” Adidas’s footwear development manager, Daniel Cocking, wrote in a recently published blog post.
Adidas is partnering with Materialise, a 3D printing service provider that will be creating the midsoles for the sports equipment company.
Cocking did not mention when the company will begin offering the custom-printed midsole.
Materialise will use a 3D printing process called Laser Sintering, which uses a light beam to melt together powdered material on a print bed layer by layer.
Cocking said since 3D printing is so fast in prototyping stages, within 2 weeks “I had run in the shoe myself.” But there were other hurdles, he added.
“We found that stiffness of the midsole varied significantly as a result of very minor process or design changes,” Cocking stated. “We began a thorough investigation into the process parameters required to achieve the perfect cushioning.”
Adidas involved 15 of its development teams, adding a complex range of test methods and technical support that Cocking said created the world’s first running shoe that is “impossible to create in any other way.”
Soitec’s CEO and board chairman has raised an eyebrow or two when he said that the iPhone 6s has multiple RF chips built on silicon-on-insulator (SOI) substrates and that Intel and IBM are using the tech for their silicon photonics push.
According to EETimes Paul Boudre, who claimed that SOI is already being used by Apple and Intel even though neither company is broadcasting it. SOI appears to be on track to major market penetration even while the rest of the industry is talking FinFETs.
GlobalFoundries general manager Rutger Wijburg told the SEMICON Europa 2015 that his outfit’s 22-nanometer “22FDX” SOI platform delivers FinFET-like performance but at a much lower power point and at a cost comparable to 28-nanometer planar technologies.
The 300-millimeter $250 million FD-SOI foundry here in the “Silicon Saxony” area of Germany, builds on 20 years of GlobalFoundries’ investments in Europe’s largest semiconductor fabs.
GlobalFoundries said it will extend Moore’s Law by using fully-deleted silicon-on-insulator (FD-SOI) transistors on wafers bought from Soitec.
Many had thought that if GloFlo’s FD-SOI gamble paid off then it would be a while before FinFET would have a serious rival. But Boudre’s claims suggests that SOI is already being used.
Customers like Intel and OEMs supplying fully-deleted silicon-on-insulator (FD-SOI) RF transistors to Apple proves that SOI and Soitec are past the cusp of the growth curve, destined to ramp up exponentially.
The problem for Soitec is no one is really talking about it. Chipzilla is committed to the FinFET, because it is higher performance than FD-SOI, even though it is higher power too.
Boudre said that it was supplying SOI wafers to Intel for other applications that don’t require high-performance. For instance, our wafers are very good for their silicon photonics projects.
Apple is already using SOI for several radio frequency (RF) chips in their front-ends, because they use 20-times less power. The iPhone is still using gallium arsenide (GaAs) for its power amplifier (PA) because it needs the high-power device for good connections, but for other RF front-end chips, and in fact for all the chips that they want to keep “always on,” the lower power consumption of FD-SOI is pushing the smartphone makers to Soitec, Boudre said.
SOI wafers cost three-times as much as bulk silicon but the cost per die is less because of the simplified processing steps including fewer masks.
Normally GPS chips run on 0.8 volts and consume over 20 milliamps, so they must be turned off most of the time. But when they are made with SOI wafers, they can run on 0.4 volts and consume only 1 milliamp. The mobile device to leave them on all the time and new and more accurate location sensing and new kinds of location-based applications can be developed.
What is amusing then is that Intel’s reason for going with FinFETs was that SOI wafers were too expensive but it did find a use for it.
GlobalFoundries’ Saxony fab will offer four varieties of its 22FDX process.
FDX-ulp for the mainstream and low-cost smartphone market. This will use body-biasing to beat FinFETs on power, but equal them in performance.
FDX-uhp for networking applications using analogue integration to match FinFETs while minimizing energy consumption
FDX-ull for ultra-low power required by wearables and Internet of Things applications. This will have a 1 picoamp per micron leakage
DDX-rfa for radio frequency (RF) analogue applications delivering 50 percent lower power and reduced system costs for LTE-A cellular transceivers, high-order multiple-input/multiple-output (MIMO) WiFi combo chips and millimeter wave radar.
Wi-Fi Calling helps users get better connections indoors where cellular service can be spotty. Where permitted by a carrier, it can also eliminate international calling costs of up to $1 a minute.
T-Mobile and Sprint already offer Wi-Fi calls on certain devices, and T-Mobile started the practice as early as 2007 without securing the same permission from the FCC that AT&T received.
AT&T said the iPhone 6S, iPhone 6S Plus, iPhone 6 and iPhone 6 Plus will support Wi-Fi Calling if they have iOS 9 installed.
To add Wi-Fi calling to an eligible iPhone, according to Apple’s website, go to Settings> Phone> Wi-Fi Calling. You will then be prompted to answer a few questions.
With AT&T’s announcement, Verizon Wireless is expected to follow suit.
T-Mobile allows customers on certain devices to make Wi-Fi calls “virtually anywhere” there is Wi-Fi access. However, AT&T said its Wi-Fi Calling service will be available only when calling or texting from the U.S., Puerto Rico and the U.S. Virgin Islands.
AT&T didn’t offer an explanation for its restriction to those geographies.
In a blog post AT&T bemoaned that T-Mobile and Sprint were allowed to move ahead so much earlier, without receiving the same permission in the form of a waiver that AT&T sought and received.
“We are left scratching our heads as to why the FCC still seems intent on excusing the behavior of T-Mobile and Sprint who have been offering these services without a waiver for quite some time,” said Jim Cicconi, senior executive vice president of external affairs at AT&T.
The FCC waiver permits AT&T to begin offering Wi-Fi calling without also offering teletypewriter (TTY) communications for the deaf, hard of hearing and speech-impaired.
AT&T wants to set up RTT (Real Time Texting) instead, arguing it works better over the Internet. Once implemented, RTT would be backward compatible with TTY, AT&T said in a blog in July.
Roger Entner, an analyst at Recon Analytics, said AT&T probably sought and received the waiver to avoid an FCC fine for proceeding without permission.
He said Verizon has also proceeded slowly on Wi-Fi calling, hoping also to avoid a fine for the same reason.
“Verizon has not launched Wi-Fi calling but now that AT&T has the waiver, I would expect Verizon to launch shortly,” Entner said. “Sprint and T-Mobile didn’t bother to get a waiver and apparently they are less afraid of the FCC. Historically, they have gotten nicer treatment from the FCC.”
Qualcomm has continued its friendship with Microsoft by extending its latest LTE-Advanced modem, the X12, to Windows 10 notebooks and tablets.
The chipmaker was the only major chip provider to optimize its architecture for Windows Phone, and Microsoft’s Lumia devices, which run on Snapdragon 808 and 810 chips.
The Windows 10 devices which come to market later this year will have the option to integrate cellular connectivity with the X12, X7 or X5 LTE modems, which support the Microsoft operating system’s native Mobile Broadband Interface Model (MBIM).
Qualcomm said this would give business users, in particular, a similar experience on their large-screened devices as on their smartphones, giving the particular examples of location-based services and security driving LTE usage on PCs and tablets.
Integrated cellular connectivity has not been so important for notebook users, outside of a few scenarios such as WiFi-less trains, most wireless access from notebooks, and even tablets, is over a WLAN.
Qualcomm makes WiFi chips for portable devices but it does not have such a big market share. Working with Microsoft means it could have a higher presence and a far better chance of delivering mass sales. The Surface Pro and its new Surface Book, is getting good reviews and might even be popular.
Eight months after admitting a major data breach, ride service Uber is focusing its legal efforts on obtaining more information about an internet address that it has persuaded a court could lead to identifying the hacker. That address, two sources familiar with the matter say, can be traced to the chief of technology at its main U.S. rival, Lyft.
In February, Uber revealed that as many as 50,000 of its drivers’ names and license numbers had been improperly downloaded, and the company filed a lawsuit in San Francisco federal court in an attempt to unmask the perpetrator.
Uber’s court papers claim that an unidentified person using a Comcast IP address had access to a security key used in the breach. The two sources said the address was assigned to Lyft’s technology chief, Chris Lambert.
The court papers draw no direct connection between the Comcast IP address and the hacker. In fact, the IP address was not the one from which the data breach was launched.
However, U.S. Magistrate Judge Laurel Beeler ruled that the information sought by Uber in a subpoena of Comcast records was “reasonably likely” to help reveal the “bad actor” responsible for the hack.
On Monday, Lyft spokesman Brandon McCormick said the company had investigated the matter “long ago” and concluded “there is no evidence that any Lyft employee, including Chris, downloaded the Uber driver information or database, or had anything to do with Uber’s May 2014 data breach.”
McCormick declined to comment on whether the Comcast IP address belongs to Lambert. He also declined to describe the scope of Lyft’s internal investigation or say who directed it.
Lambert declined to comment in person or over email.
Smartphone owners running Google’s Android operating system in more than 20 countries have been infected with a particularly aggressive malware program that bombards devices with unwanted advertisements.
Researchers from FireEye found that the malicious component, nicknamed Kemoge, has been seeded inside what appear to be legitimate apps offered on third-party application stores.
“This is another malicious adware family, possibly written by Chinese developers or controlled by Chinese hackers, spreading on a global scale that represents a significant threat,” wrote Yulong Zhang, a staff research scientist with FireEye.
Whomever created Kemoge repackaged legitimate apps with the malware and then promoted them on websites and through in-app ads to persuade people to download them.
Zhang listed a dozed affected apps: Sex Cademy, Assistive Touch, Calculator, Kiss Browser, Smart Touch, Shareit, Privacy Lock, Easy Locker, 2048kg, Talking Tom 3, WiFi Enhancer and Light Browser.
Third-party apps stores are considered risky places to download Android apps, as hackers frequently upload malicious apps to them. Google performs a security check on apps in its Play store, although harmful ones occasionally sneak in.
Kemoge not only displays unwanted ads, but it’s also loaded with eight root exploits that target a wide range of Android devices, Zhang wrote. A successful attack using those exploits means an attacker would have complete control over the device.
Kemoge will collect a device’s IMEI (International Mobile Station Equipment Identity) and IMSI (International Mobile Subscriber Identity) numbers, information on storage and apps, and send the information to a remote server.
That command-and-control server was still running, Zhang wrote. An analysis of traffic exchanged between an infected device and the server showed Kemoge also tries to uninstall antivirus apps.
FireEye came across an app called Shareit in Google’s Play store that was signed by the same digital certificate as the malicious one found on the third-party source.
The Google Play version of ShareIt did not have the eight root exploits or contact the command-and-control server, but it did have some of the same Kemoge code libraries. It now appears to be gone from Google Play.
Samsung is not doing that well in smartphones. To be fair, no one is, but Samsung has the ability to become something much more interesting – it could replace AMD as Intel’s rival.
Actually AMD is pretty cheap right now and if it was not for the pesky arrangement that prevents AMD’s buyer getting its x86 technology then it would have been snapped up a while ago. But with, or without AMD, Samsung could still make a good fist of chipmaking if it put its mind to it. At the moment its chipmaking efforts are one of the better things on its balance sheet.
Its high-margin semiconductor business is more than making up for the shortfall in smartphones. Selling chips to rivals would be more lucrative if they were not spinning their own mobile business. The products it have are worth $11.7 billion this year, more than half the company’s total.
Growing demand for chips and thin-film displays is probably the main reason that Samsung now expects operating profit to have reached $6.3 billion. After applying Samsung’s 16 percent corporate tax rate, its chip division is likely to bring in net income of slightly less than $10 billion.
To put this figure into perspective Intel expects to earn $10.5 billion in this year. Samsung is also sitting on a $48 billion net cash pile. Samsung could see its handset and consumer electronics business as a sideline and just focus on bumping off Intel.
The two sides of such a war would be fascinating. Intel has its roots in the PC chip market which is still suffering while Samsung is based in the mobile chip market which is growing. Intel has had no luck crossing into the mobile market, but Samsung could start looking at server and PC chips.
AMD is still dying and unable to offer Intel any challenge but there is a large market for those PC users who do not want to buy Intel. What Samsung should have done is use its huge cash pile to buy its way into the PC market. It might have done so with the IBM tech which went to Lenovo. It is still not out of the running on that front. Lenovo might be happy to sell IBM tech to Samsung.
Another scenario is that it might try to buy an x86 licence from Intel. With AMD dying, Intel is sitting on a huge monopoly for PC technology. It is only a matter of time before an anti-trust suit appears. Intel might think it is worthwhile to get a reliable rival to stop those allegations taking place. Samsung would be a dangerous rival, but it would take a while before it got itself established. Intel might do well to consider it. Of course Samsung might buy AMD which could sweeten that deal for Intel.
Samsung could try adapting its mobile chip technology for the PC/server market – it has the money to do it. Then it has a huge job marketing itself as the new Intel.
It might just work.
Distributed Denial-of-Service (DDoS) attacks continue to plague companies and have spiked in numbers in the past three months, according to security firm and interested party Corero Network Security.
Some poor companies were hit with an average of 4.5 DDoS attacks a day in the past three months, an increase of about a third against the previous quarter.
While the attacks increased, they softened a bit, and Corero said that studies of its customer network found a number of low-bandwidth attacks, under 10Gbps, that lasted for less than 30 minutes. In fact, these attacks accounted for 95 percent of all those during the period.
Corero reckons that these quick fire DDoS attacks have been enabled by the ease of access to cheap, sometimes even free, attack tools that are easy to launch and easy to execute.
“Attackers are continuing to leverage DDoS attacks as part of their cyber threat arsenal to disrupt business operations or access sensitive corporate information, and they’re doing it in increasingly creative ways that circumvent traditional security solutions or nullify the previous effectiveness of scrubbing centres,” said Dave Larson, CTO and VP for product at Corero.
“In order to effectively protect their networks, prevent disruptions to customer operations, and better protect against data theft and financial loss, companies need real-time visibility and mitigation of all DDoS attack traffic targeting their networks, regardless of size or duration.”
Corero’s findings differ from predictions by Akamai, which reported a rise in mega DDoS attacks that are large in size and scale. Akamai has previously warned that big attacks with a 100Gbps hammer blow are likely to affect companies during the quarter and in the future.
Whatever, any kind of DDoS attack is a bad thing but, as Corero helpfully points out, companies offer protective solutions for the threat. So mega or mini, we can sleep safely knowing that the threat is in safe hands.
Dell Inc, the world’s third largest personal computer maker, is holding discussions to acquire data storage company EMC Corp, a person familiar with the matter said, in what could be one of the biggest technology deals ever.
A deal could be an option for EMC, under pressure from activist investor Elliott Management Corp to spin off majority-owned VMware Inc.
The terms being discussed were not known, but if the deal goes through it would top Avago Technologies’ $37 billion offer for Broadcom. EMC has a market value of about $50 billion.
Dell is also in talks with banks to finance an all-cash offer for EMC, the person told Reuters on condition of anonymity as the talks were confidential.
Dell spokesman David Flink and EMC spokesman Dave Farmer declined to comment.
A deal could further strengthen Dell’s presence among corporate clients at a time when founder Michael Dell has been trying to transform the company he founded in 1984 into a complete provider of enterprise computing services such as Hewlett-Packard Co and IBM.
The talks come two years after Michael Dell and private-equity firm Silver Lake took Dell private for $24.9 billion, ending its decades-long run as one of the world’s largest publicly traded PC makers.
In August, Re/code reported that EMC was contemplating a takeover by VMware. The Wall Street Journal reported last year that EMC was exploring options and had held talks with Dell and HP.
The new prototype solar panel has a solar energy conversion efficiency of 22.5% on a commercial-sized module. The prototype was built using solar cells based on mass-production technology, Panasonic said.
Last year, Panasonic announced it had achieved a photovoltaic cell efficiency rating of 25.6%.
“This new record on module-level efficiency adds to the 25.6% efficiency record achieved last year at cell-level. The new panel efficiency record demonstrates once again Panasonic’s…ongoing commitment to move the needle in advanced solar technology,” Daniel Roca, senior business developer at Panasonic Eco Solutions Europe, said in a statement.
The latest advance, in theory, allows Panasonic to squeak past SolarCity as having the most efficient solar panel in the world. SolarCity announced last week that it had achieved an efficiency rating of 22.04% in panels that it will begin manufacturing this month.
However, Panasonic’s solar panels are based on “thin-layer” solar cells, which are more expensive to produce than the standard solar cells being used by SolarCity.
Panasonic was also unable to give a date for when its panels would be used in commercial solar panels. However, it did say it’s planning for a mid- to late-2016 release time.
The new solar panel test results were confirmed by the Japanese National Institute of Advanced Industrial Science and Technology (AIST), Panasonic said.
The 72-cell, 270-watt prototype solar module incorporates “newly developed enhanced technology” that will eventually be scaled to volume production, Panasonic said.
The move will allow AOL to target ads at visitors to its sites and others using information from Verizon’s databases as well as its own. According to Verizon’s October 2015 privacy notice, the targeting criteria include visitors address, email address, age range, gender, interests, location, mobile web browsing history and app usage. The company can also track some non-mobile web browsing, to sites carrying AOL ads, it said.
Verizon links all this information together using a patchwork of identifiers, including ad IDs from Apple and Google, browser cookies from AOL, and its own Unique Identifier Header (UIDH) which it adds to mobile data traffic on its network. It’s this last item that ads significantly to AOL’s ad targeting power, as it’s easy to delete or change the other identifiers.
It’s also now possible to opt out of Verizon’s UIDH system too, thanks to reporting by ProPublica, which earlier this year revealed that the company was still using the identifier to track users who had deleted it.
Concern about targeted advertising is rising, with an increasing number of Internet users opting out of advertising altogether through the use of ad-blocking software. Apple recently made it possible to download content blockers for its Safari browser on iOS, prompting a flurry of players to enter the market.
Some see such blockers as a tool to force the online advertising industry to change its ways. One, Eyeo, deliberately lets through certain ads, as long as they are unobtrusive. It introduced has its own iOS content blocker — but also taken steps to win over other developers to its platform by making its process for allowing some ads through the blocker more transparent.