It shipped smartphone 34.3 million units, boosted by sales of flagship phones the Ascend Mate 2 and the Ascend P7, it said on Tuesday. In the second quarter alone it shipped 20.6 million units, an 85% year-over-year increase.
Much of that growth is coming from emerging markets in the Middle East, Africa and Latin America, where its smartphone shipments are doubling or even tripling compared to the previous year, the company added.
Other Chinese vendors are also reporting booming smartphone sales, but Huawei ships a higher proportion of its production to foreign markets, said Melissa Chau, an analyst with research firm IDC.
“It has the most number of shipments outside of China, roughly 40%,” she estimated. “If you look at Lenovo, ZTE, or Xiaomi, they are nowhere near that.”
In this year’s second quarter, Huawei will hold on to its ranking as the world’s third-largest smartphone vendor, behind leader Samsung Electronics and second place Apple, Chau added.
In foreign markets, Huawei is driving growth by selling low-end models, while flagship products such as the Ascend P7 find most of their buyers in mainland China, Chau said.
Huawei has ambitions to rival Apple and Samsung in the smartphone arena, so is spending more on marketing and raising brand awareness. But its market share in this year’s first quarter was only 4.7%, still far away from second place Apple, which had a 15.2% share.
“They are making some progress, but they are still not anywhere near being a super top-tier player,” Chau said. Android smartphones are also becoming commoditized, which risks dampening Huawei’s attempts to stand out from the rest of the competition, she added.
A bill that allows consumers to unlock their mobile phones for use on other carriers passed its last hurdle in Congress last week, opening the way for it to become law once it is signed by President Barack Obama.
Senate Bill 517 overturns a January 2013 decision by the Library of Congress that ruled the unlocking of phones by consumers fell afoul of the Digital Millennium Copyright Act (DMCA). It had previously been permitted under an exception to the anti-circumvention provisions of the DMCA, which are generally aimed at cracking of digital rights management technology.
Cellphones and smartphones are typically supplied to consumers with a software lock that restricts their use to a single wireless carrier. Removing that lock — the process of “unlocking” the phone — means it can be used on the networks of competing carriers. In the U.S., this is most often done with handsets that work on the AT&T or T-Mobile networks, which share a common technology, but is also popular with consumers who want to take their phones overseas and use foreign networks rather than roaming services.
The Unlocking Consumer Choice and Wireless Competition Act has made fast progress through Congress. It was passed by the Senate on July 16, just a week after it was passed by the Senate Judiciary Committee, and on Friday by unanimous vote in the House of Representatives. It now waits to be signed into law.
In addition to making the unlocking process legal under copyright law, the bill also directs the librarian of Congress to determine whether other portable devices with wireless capability, such as tablets, should be eligible for unlocking.
“It took 19 months of activism and advocacy, but we’re finally very close to consumers regaining the right to unlock the phones they’ve legally bought,” said Sina Khanifar, who organized an online petition that kicked off the push to have the Library of Congress decision overturned. The petition attracted more than 114,000 signatures on the White House’s “We The People” site.
“I’m looking forward to seeing this bill finally become law — it’s been a long road against powerful, entrenched interests — but it’s great to see citizen advocacy work,” he said in a statement.
Microsoft’s Internet Explorer (IE) has seen a 100 percent explosion of reported security vulnerabilities in just six months, according to security firm Bromium labs.
Bromium has studied the security vulnerability market intensely and found that in the last six months Microsoft released more security patches than it had during the entire last decade. Internet Explorer also leads in publicly reported exploits.
“Internet Explorer took the cap for historic high number of security patches in over a decade, and that feat was accomplished in the first six months of 2014,” it said. “As timelines to the next version of the latest Internet Explorer shrink, times to the next security patches have also shrunk.”
It is not all bad news for Microsoft, though, and the report said that Adobe Flash is the most targeted in-browser software product, adding that this often gives attackers new vectors into IE.
“End users remain a primary concern for information security professionals because they are the most targeted and most susceptible to attacks,” said Bromium chief security architect Rahul Kashyap.
“Web browsers have always been a favorite avenue of attack, but we are now seeing that hackers are not only getting better at attacking Internet Explorer, they are doing it more frequently.”
There’s good news for Oracle, however. While its Java platform was “the notorious king” of malware and zero-day attacks in 2013, there have been no reported zero-day exploits targeting Java so far in 2014.
Bromium Labs’ report (PDF) is called “Endpoint Exploitation Trends H1 2014″ and is available now.
Intel has announced the Drive Pro 2500 series of solid state disk (SSD) drives that are “self encrypting”, which the firm says makes them more secure against data breaches.
Aimed at businesses, the Intel SSD Pro 2500 series will come in a 2.4in 7mm form factor with 120GB, 180GB, 240GB, 360GB and 480GB capacities, M.2 80mm size with 180GB, 240GB and 360GB capacities, and M.2 60mm size with 180GB or 240GB capacities.
Intel promises that each form factor type will provide random input/output operations per second (IOPS) of up to 48K/80K and sequential read/write data transfer speeds of up to 540/490MBps.
“[The] Solid State Drive Pro 2500 series [has] over [six times] higher performance with new advanced low power modes yielding an optimized user experience and longer battery life,” Intel said in a press briefing.
In terms of power, the drives will have an active wattage of 195mW, idle 55mW and devsleep of 5mW. The drives will also ship with Intel vPro-capable remote manageability features.
Intel said that the reason behind the launch of the self encrypting SSDs is due to rise of data breaches affecting businesses having “significant financial consequences”.
Intel said the average cost of data breach incident is in the region of $3.4m (£2m), with malicious attacks being the main cause. The firm also said that lost laptops are a concern and the average cost of a lost unencrypted device is $50,000 (£30,000) including intellectual property loss, data breaches, lost productivity, replacement and legal costs, so the need for businesses to encrypt data is more pressing than ever.
Data breaches are also becoming a bigger concern on a personal level, too, as it has emerged that cyber crooks are increasingly turning to “sextortion” attacks in which they blackmail victims with the threat of exposing explicit photographs or messages.
Security experts warned that cyber criminals might try to befriend victims and trick them into sharing pictures, or may use malware to target victims’ webcams and take pictures themselves in order to acquire blackmail material.
Lenovo on Friday said it would continue selling sub-10-in. Windows tablets in the U.S., backing away from statements it made the day before, when it said it was pulling the ThinkPad 8 from the North American market and had discontinued offering a model of the Miix 2.
“We will continue to bring new Windows devices to market across different screen sizes, including a new 8-inch tablet and 10-inch tablet coming this holiday,” Lenovo said in a press release published on its website Friday.
“Our model mix changes as per customer demand, and although we are no longer selling ThinkPad 8 in the U.S., and we have sold out of Miix 8-inch, we are not getting out of the small-screen Windows tablet business as was reported by the media (emphasis in original),” the statement continued.
On Thursday, the IDG News Service — like Computerworld, owned and operated by IDG – reported the withdrawal of the ThinkPad 8 and the 8-in. Miix from the U.S. market. The ThinkPad 8 had debuted in January at prices starting at $449, and the similarly-sized Miix had launched in October 2013.
Lenovo told IDG News that it was diverting remaining stocks of the ThinkPad 8 to other countries, including Brazil, China, and Japan, where demand was stronger for smaller Windows 8.1-powered tablets.
The China-based company, which has made impressive gains in the global market — it was the world’s largest personal computer seller during the second quarter, ahead of Hewlett-Packard and Dell, according to IDC — did not say exactly when it would return with an 8-in. device. If it begins selling the unnamed device in October, typical of OEMs that seed the channel then for the holiday sales season, it will have been absent from the market for two or more months.
Mobile GPU designer Imagination Technologies has announced the world’s smallest mobile GPU.
The PowerVR GX5300 takes up just 0.55mm2 on a 28nm die, which means it’s as small as a grain of salt. It operates at 250MHz and the company says it can handle everyday tasks with ease.
The GPU features full OpenGL ES 2.0 compatibility PVRTC texture compression technology and of course the emphasis is on ultra-low power consumption. The company is not saying anything about the actual consumption, but the tiny die size sounds very encouraging.
Imagination Technologies says the GX5300 sets the standard for efficient mobile GPUs, making it an ideal choice for entry level smartphones, but more importantly for wearables and IoT gadgets.
Tony King-Smith, EVP marketing, Imagination, said the new GPU demonstrates the company’s leadership in the entry-level market.
“We see many compelling opportunities such as low-cost smartphones and tablets, wearables and IoT devices,” said King-Smith.
He added that Imagination IP will end up in many wearables.
The company looked at the top 50 free apps in Google’s Play Store and then searched Google’s app store and others to see if fake versions existed. It found fake versions existed for 77 percent of the apps. The fake apps are often made to look like the real ones and have the same functions, but carry a dangerous extra payload.
“We’ve been tracking the activity of malicious or high-risk apps for nearly five years,” said JD Sherry, vice president of technology and solutions at Trend Micro. “The potential for people to slip things past the gate and appear legitimate is much easier.”
Tokyo-based Trend Micro, which makes antivirus and antimalware software that guard against such risks, said it cataloged 890,482 fake apps in a survey conducted in April this year. More than half were judged to be malicious of which 59,185 were aggressive adware and 394,263 were malware.
The most common type of fake app purports to be antivirus software — targeting users who think they are protecting themselves from such problems. In some cases, the apps ask users to approve administrator privileges, which allow the app wider access to the phone’s software and data and make it more difficult to remove.
While many of the fake apps exist on forums or third-party app stores where security is either weaker than Google’s Play Store or nonexistent, fake apps can also invade the official Google store.
“A more recent example of a rogue antivirus app known as “Virus Shield” received a 4.7-star rating after being downloaded more than 10,000 times, mostly with the aid of bots,” Trend Micro said in its report.
Cheekily, scammers charged $3.99 for the fake app, which promised to prevent harmful apps from being installed. It was removed by Google after a few days, but not before it fooled thousands of users and even became a “top new paid app” in the Play Store. Trend said it was “perplexing” how the app achieved “top” status.
Attackers sometimes play on hype for apps.
When the “Flappy Bird” game was taken off the Play Store, fake versions appeared, some of which sent premium text messages. And before BlackBerry released its BBM messenger app for Android, a number of fake versions appeared that were downloaded more than 100,000 times.
Trend Micro’s report was published on the same day Google said it had formed a security team to go after so-called “zero-day” exploits in software that allow attackers to target users before software companies issue patches.
Sherry said he thought Google’s announcement was “ironic” considering the large number of problems Trend Micro found in Google’s own backyard.
The announcement, just days before IBM releases its second quarter earnings, comes as the company attempts to shift its focus to software and services as its hardware unit continues to slump, and follows a string of mobile software acquisitions. The company hopes software sales will contribute half of its total profit by 2015.
The company will release more than 100 apps targeting industry specific issues in retail, healthcare, banking, travel, transportation and telecommunications IBM said on Tuesday.
“We wanted to focus on creating an absolutely irresistible workflow and processes and a design of apps that can be used by every user in the organization,” Bridget van Kralingen, IBM’s senior vice president of global business services told Reuters from Apple headquarters in Cupertino, California.
“We wanted to remove some of the existing barriers of mobile in enterprise,” she said adding that chief information officers worry about security, utilizing cloud and installing apps in mobile devices.
The partnership, which was six months in the making, will offer services geared at security, mobile device management and big data and analytics. The company also plans to develop cloud services optimized for Apple’s mobile operating system, iOS. The devices will operate through wireless carriers chosen by the client, she said.
BlackBerry Ltd shares were down 3 percent following the announcement. The Canadian smartphone maker has increasingly targeted its secure software at businesses as part of an effort to turn the company around after losing ground to Apple’s iPhone and Samsung Electronics Co.
Apple and Samsung have steadily expanded their share of the mobile enterprise market in recent years, mostly at Blackberry’s expense, while Microsoft Windows phones have made little headway.
Increasingly, Apple’s expansion has been driven by employees bringing in their own devices and requesting corporate support, the so-called bring-your-own-IT trend.
Hooking up with IBM may help address lingering concerns about smartphone software security and data privacy, in the form of a veteran partner that’s led in enterprise IT for decades.
“This deal is a very targeted attempt by Apple with the help from IBM to focus on the enterprise, corporate market which has really been the main business of Blackberry,” said Tim Ghriskey, chief investment officer at Solaris Group in Bedford Hills, New York.
Started by a group of Google security researchers with the mission of ridding the world of security dangers such as zero-day attacks, Project Zero will hire “the best practically-minded security researchers”, Google said, promising to contribute all of their time “toward improving security across the internet”.
The group was put together after certain Googlers started spending “some of their time on research that makes the internet safer, leading to the discovery of bugs like Heartbleed,” said Google researcher Chris Evans in a blog post.
“We’re not placing any particular bounds on this project and will work to improve the security of any software depended upon by large numbers of people, paying careful attention to the techniques, targets and motivations of attackers,” Evans explained. “We’ll use standard approaches such as locating and reporting large numbers of vulnerabilities.”
Evans said that Project Zero will also conduct new research into mitigations, exploitation, program analysis, and anything else that the researchers decide is a worthwhile investment.
The Googlers at Project Zero will commit to doing their work transparently, with every bug discovered being filed in an external database. They will also report bugs only to the software’s vendor and no third parties.
“Once the bug report becomes public, typically once a patch is available, you’ll be able to monitor vendor time-to-fix performance, see any discussion about exploitability, and view historical exploits and crash traces,” Evans said. “We also commit to sending bug reports to vendors in as close to real-time as possible, and to working with them to get fixes to users in a reasonable time.”
Not to long before the announcement of Project Zero on Tuesday, Google came under fire from European Union courts, which have forced the firm to forget certain people’s irrelevant or outdated online histories. Within days of the court order going into effect, EU citizens were begging Google to have their pasts expunged, at the rate of 10,000 requests per day.
However, it has since emerged that the buried webpages haven’t been technically disabled, nor have they been erased, security Firm Sophos reports.
“Regardless of what the directive is being called, courts technically didn’t grant Europeans the right to be forgotten. Rather, it gave them the right to be relatively obscured, by having eligible pages flagged so they don’t show up in search results,” said Sophos in a blog post.
“The data is still out there. And now, a newly launched site is archiving the forcibly de-indexed pages, in the name of opening up to the internet as a whole the discussion regarding what should or should not be ‘forgotten’.”
Microsoft Corp is said to be planning its biggest round of job cuts in five years as the software giant moves to integrate Nokia Oyj’s handset unit, Bloomberg reported, citing people with knowledge of the company’s plans.
The reductions, expected to be announced as soon as this week, could be in the Nokia unit and the parts of Microsoft that overlap with that business, as well as in marketing and engineering, Bloomberg reported.
Since absorbing the handset business of Nokia this spring, Microsoft has 127,000 employees, far more than rivals Apple Inc and Google Inc. Wall Street is expecting Chief Executive Satya Nadella to make some cuts, which would represent Microsoft’s first major layoffs since 2009.
The restructuring may end up being the biggest in Microsoft history, topping the 5,800 jobs cut in 2009, the report said.
Some of the job cuts will be in marketing departments for businesses such as the global Xbox team, and among software testers, while other job cuts may result from changes Nadella is making to the engineering organization, Bloomberg reported.
Last week, Nadella circulated a memo to employees promising to “flatten the organization and develop leaner business processes” but deferred any comment on widely expected job cuts at the software company.
Nadella said he would address detailed organizational and financial issues for the company’s new financial year, which started at the beginning of this month, when Microsoft reports quarterly results on July 22.
TrapX says infected scanners made by an unnamed Chinese manufacturer located in Shandong province have been sold to eight unnamed firms including a large robotics company. The manufacturer denied knowledge that its scanners and website-hosted software were infected.
Sixteen of the 48 scanners deployed at one firm were infected, TrapX found. They all successfully sought out and compromised host names containing the word finance and siphoning off the logistical and financial data. The report Anatomy of the Attack: Zombie Zero said:
“Exfiltration of all financial data and ERP data was achieved, providing the attacker complete situational awareness and visibility into the logistic/shipping company’s worldwide operations,”.
TrapX suspected the attacks dubbed Zombie Zero were backed by the Chinese government and were a bid to gain intelligence on either logistics firms or their customers.
The IdeaPad Y50 UHD laptop starts at $1,299.99 and is targeted at gamers. The 4K screen can display images at 3840 x 2160 pixels, which is the highest resolution available in laptops today.
The Y50 is cheaper than Toshiba’s Satellite P50T, which starts at $1,499.99. The P50T started shipping in April, but was temporarily pulled from Toshiba’s website, and is now available again.
Laptop screens have so far topped out at 3200 x 1800 pixels in Samsung’s Ativ Book 9 Plus, Lenovo’s Yoga 2 Pro and Razer’s Blade gaming laptop. TVs, monitors and cameras with support for 4K are already available.
Lenovo in January announced two 4K laptops — the Y50 and the 14-inch Y40 — but the initial units that shipped in May were missing 4K screens and instead came with HD screens. The Y40 model is not yet available with a 4K screen. Lenovo was having issues acquiring 4K displays, which delayed some laptops and monitors.
The Y50 has some of the latest PC technologies, pushing it into the class of a true gaming laptop. The $1,299.99 model has a Core i7 i7-4710HQ processor, an Nvidia GeForce GTX 860M graphics chip with 2GB of video memory, 8GB of DRAM and 1TB of hard-drive storage. The $1,599.99 model has the same Core i7 CPU, the GeForce GTX 860M with 4GB of video memory, 16GB of DRAM and 512GB solid-state drive storage.
The laptops have Windows 8, 802.11ac Wi-Fi, Bluetooth 4.0, an HDMI connector and two USB 3.0 ports.
As many as 50,000 Facebook accounts were affected, and as many as 250,000 computers worldwide, primarily in Greece, Poland, Norway, India, Portugal and the U.S., according to a blog post on Tuesday from Facebook’s Threat Infrastructure team.
The social networking site described the difficulties in shutting down the botnet, whose creators taunted Facebook through messages left on servers that were part of its network.
Those behind Lecpetex launched at least 20 spam campaigns between December 2013 and last month, affecting Facebook and other online services. Some of the victims received private messages containing a “.zip” attachment containing a Java JAR file or Visual Basic script.
Those files, if executed, would then retrieve other malware modules stored on remote sites. The modules were either DarkComet, a widely used remote access tool that can harvest login credentials, or variants of software that mines the virtual currency Litecoin, the team wrote.
By frequently refreshing and changing the malicious attachments, Lecpetex defeated Facebook’s filters designed to stop such malware from being distributed. The malware would also automatically update itself to evade antivirus products.
“The operators put significant effort into evading our attachment scanning services by creating many variations of the malformed zip files that would open properly in Windows, but would cause various scanning techniques to fail,” the team wrote.
Facebook said it reached out to other infrastructure providers and law enforcement when it realized security software wasn’t alone going to foil Lecpetex.
“Ultimately, remediating a threat like Lecpetex requires a combination of technical analysis capabilities, industry collaboration, agility in deploying new countermeasures and law enforcement cooperation,” it wrote.
The creators of Lecpetex eventually caught on to Facebook’s efforts. In May, they started leaving notes on command-and-control servers they knew Facebook was investigating, playfully saying they weren’t involved in fraud.
“These changes suggested to us that the authors were feeling the impact of our efforts,” Facebook wrote.
Intel, who is Imagination’s biggest shareholder, announced it was selling overnight a 9 per cent stake in the company held by its venture capital arm. The sale will cut Intel’s holding in Imagination to about 4 per cent. It was not as if Imagination was doing badly. The company announced that it was making a fortune in new licensing deals both for smartphones and new products.
In fact is probably because Imagination is doing so well that Intel felt it was safe to off-load the shares. The shareprice was double what Intel paid for it and the chipmaker was laughing all the way to the bank having lost nothing on the deal. The US chipmaker had built its stake in 2009 as an apparent move to block potential bids from rivals such as Apple, Imagination’s biggest customer, which still has an 8.6 per cent holding.
Intel made it clear that it continues to have a business relationship with the company, having licensed several generations of Imagination Technologies’ graphics and video processing cores.
Apache Spark, a high-speed analytics engine for the Hadoop distributed processing framework, is now available to plug into the YARN resource management tool.
This development means that it can now be easily deployed along with other workloads on a Hadoop cluster, according to Hadoop specialist Hortonworks.
Released as version 1.0.0 at the end of May, Apache Spark is a high-speed engine for large-scale data processing, created with the aim of being much faster than Hadoop’s better-known MapReduce function, but for more specialised applications.
Hortonworks vice president of Corporate Strategy Shaun Connolly told The INQUIRER, “Spark is a memory-oriented system for doing machine learning and iterative analytics. It’s mostly used by data scientists and high-end analysts and statisticians, making it a sub-segment of Hadoop workloads but a very interesting one, nevertheless.”
As a relatively new addition to the Hadoop suite of tools, Spark is getting a lot of interest from developers using the Scala language to perform analysis on data in Hadoop for customer segmentation or other advanced analytics techniques such as clustering and classification of datasets, according to Connolly.
With Spark certified as YARN-ready, enterprise customers will be able to run memory and CPU-intensive Spark applications alongside other workloads on a Hadoop cluster, rather than having to deploy them in separate a cluster.
“Since Spark has requirements that are much heavier on memory and CPU, YARN-enabling it will ensure that the resources of a Spark user don’t dominate the cluster when SQL or MapReduce users are running their application,” Connolly explained.
Meanwhile, Hortonworks is also collaborating with Databricks, a firm founded by the creators of Apache Spark, in order to ensure that new tools and applications built on Spark are compatible with all implementations of it.
“We’re working to ensure that Apache Spark and its APIs and applications maintain a level of compatibility, so as we deliver Spark in our Hortonworks Data Platform, any applications will be able to run on ours as well as any other platform that includes the technology,” Connolly said.