×
Security

Flaw In Dropbox SDK For Android Lets Attackers Steal Data Sent To Users' Account 23

Posted by Soulskill from the many-points-of-failure dept.
An anonymous reader writes: Researchers from IBM's security team have discovered an authentication flaw in the Dropbox Software Development Kit (SDK) for Android that can be exploited to capture new data a user saves to its Dropbox account. The flaw has been extensively documented by the researchers in a blog post, but the things you initially need to know are these: the vulnerability can be exploited if you use an app that uses a Dropbox SDK Version 1.5.4 through 1.6.1 (the latest one is v1.6.3), or if you visit a specially-crafted malicious page with your Android web browser targeting that app, and that's only if you don't have the Dropbox for Android app installed. Also, an attacker can't access the data you have previously stored in your Dropbox account.
Security

Anthem Blocking Federal Auditor From Doing Vulnerability Scans 116

Posted by samzenpus from the suspicious-behavior dept.
chicksdaddy writes Anthem Inc., the Indiana-based health insurer, has informed a federal auditor, the Office of Personnel Management, that it will not permit vulnerability scans of its network — even after acknowledging that it was the victim of a massive breach that leaked data on tens of millions of patients. According to this article, Anthem is citing "company policy" that prohibits third party access to its network in declining to let auditors from OPM's Office of the Inspector General (OIG) conduct scans for vulnerable systems. OPM's OIG performs a variety of audits on health insurers that provide health plans to federal employees under the Federal Employee Health Benefits Program, or FEHBP. Insurers aren't mandated to comply — though most do. This isn't Anthem's first time saying "no thanks" to the offer of a network vulnerability scan. The company also declined to let OIG scan its network in 2013. A partial audit report issued at the time warned that the company, then known as WellPoint, "provided us with conflicting statements" on issues related to information security, including Wellpoint's practices regarding regular configuration audits and its plans to shift to IBM's Tivoli Endpoint Manager (TEM) platform.
United States

US Govt and Private Sector Developing "Precrime" System Against Cyber-Attacks 55

Posted by samzenpus from the knowing-is-half-the-battle dept.
An anonymous reader writes A division of the U.S. government's Intelligence Advanced Research Projects Activity (IARPA) unit, is inviting proposals from cybersecurity professionals and academics with a five-year view to creating a computer system capable of anticipating cyber-terrorist acts, based on publicly-available Big Data analysis. IBM is tentatively involved in the project, named CAUSE (Cyber-attack Automated Unconventional Sensor Environment), but many of its technologies are already part of the offerings from other interested organizations. Participants will not have access to NSA-intercepted data, but most of the bidding companies are already involved in analyses of public sources such as data on social networks. One company, Battelle, has included the offer to develop a technique for de-anonymizing BItcoin transactions (pdf) as part of CAUSE's security-gathering activities.
Open Source

Linux Kernel Switching To Linux v4.0, Coming With Many New Addons 264

Posted by timothy from the year-of-the-hurr-durr dept.
An anonymous reader writes Following polling on Linus Torvald's Google+ page, he's decided to make the next kernel version Linux 4.0 rather than Linux 3.20. Linux 4.0 is going to bring many big improvements besides the version bump with there being live kernel patching, pNFS block server support, VirtIO 1.0, IBM z13 mainframe support, new ARM SoC support, and many new hardware drivers and general improvements. Linux 4.0 is codenamed "Hurr durr I'ma sheep."
Businesses

Microsoft To Offer Azure Credits To Compete With IBM, AWS 29

Posted by timothy from the first-one's-free dept.
Amanda Parker writes Google, AWS and IBM already offer incentives for start-ups to join them. Microsoft is trying to lure start-ups and SME's to its Azure profile by offering them $500,000 in Azure credits. The deal, announced by Y Combinator, is only available to Y Combinator-backed companies and will be offered to the 2015 Winter and future batches. In addition to this, Microsoft is also giving Y Combinator start-ups a three years Office 365 subscription, access to Microsoft developer staff and one year of free CloudFlare and DataStax enterprise services. The move signifies Microsoft's desire to compete with Amazon Web Services and Google, both of whom already offer credits and freebies.
Businesses

Massive Layoff Underway At IBM 331

Posted by Soulskill from the hope-you-land-on-your-feet dept.
Tekla Perry writes: Project Chrome, a massive layoff that IBM is pretending is not a massive layoff, is underway. At more than 100,000 people, it is projected to be the largest mass layoff by any U.S. corporation in at least 20 years. Alliance@IBM, the IBM employees' union, says it has so far collected reports of 5000 jobs eliminated, but those are just numbers of those getting official layoff notices. According to anecdotal reports, IBM appears to be abusing the performance appraisal system to cut additional employees without officially laying them off.
Stats

Cutting Through Data Science Hype 99

Posted by Soulskill from the this-year's-silver-bullet dept.
An anonymous reader writes: Data science — or "big data" if you prefer — has evolved into a full-fledged buzzword, thanks to marketing departments around the world. John Foreman writes that part of the marketing blitz has been focused on how fast big data analysis can be. Most companies offering some kind of analytic service try to sell you on how it'll make it easy for you to quickly find and fix the problems with your business. But he points out that good, robust models need a stable set of inputs, and businesses often change far too quickly for any kind of stable prediction. He takes IBM's analytic services as an example, quoting Kevin Hillstrom: "If IBM Watson can find hidden correlations that help your business, then why can't IBM Watson stem a 3 year sales drop at IBM?" Foreman offers some simple advice: "Simple analyses don't require huge models that get blown away when the business changes. ... If your business is currently too chaotic to support a complex model, don't build one."
IBM

The Mainframe Is Dead! Long Live the Mainframe! 164

Posted by samzenpus from the brand-new-stuff dept.
HughPickens.com writes The death of the mainframe has been predicted many times over the years but it has prevailed because it has been overhauled time and again. Now Steve Lohr reports that IBM has just released the z13, a new mainframe engineered to cope with the huge volume of data and transactions generated by people using smartphones and tablets. "This is a mainframe for the mobile digital economy," says Tom Rosamilia. "It's a computer for the bow wave of mobile transactions coming our way." IBM claims the z13 mainframe is the first system able to process 2.5 billion transactions a day and has a host of technical improvements over its predecessor, including three times the memory, faster processing and greater data-handling capability. IBM spent $1 billion to develop the z13, and that research generated 500 new patents, including some for encryption intended to improve the security of mobile computing. Much of the new technology is designed for real-time analysis in business. For example, the mainframe system can allow automated fraud prevention while a purchase is being made on a smartphone. Another example would be providing shoppers with personalized offers while they are in a store, by tracking their locations and tapping data on their preferences, mainly from their previous buying patterns at that retailer.

IBM brings out a new mainframe about every three years, and the success of this one is critical to the company's business. Mainframes alone account for only about 3 percent of IBM's sales. But when mainframe-related software, services and storage are included, the business as a whole contributes 25 percent of IBM's revenue and 35 percent of its operating profit. Ronald J. Peri, chief executive of Radixx International was an early advocate in the 1980s of moving off mainframes and onto networks of personal computers. Today Peri is shifting the back-end computing engine in the Radixx data center from a cluster of industry-standard servers to a new IBM mainframe and estimates the total cost of ownership including hardware, software and labor will be 50 percent less with a mainframe. "We kind of rediscovered the mainframe," says Peri.
Education

Chicago E-Learning Scheme Embraces Virtual Badges For Public Schoolers 46

Posted by timothy from the credit-for-hooky dept.
theodp (442580) writes "Over at the Chicago City of Learning, children are asked to join the CPS Connects initiative and instructed to provide their Chicago Public School (CPS) student ID to "connect your learning experiences in your school and around the city". Doing so, explains the website, will allow kids to "earn digital badges that unlock new, related opportunities and can give access to live learning experiences throughout Chicago from program partners," which will serve as "an indicator of achievement to colleges and employers." The initiative aims to "get 80% of all 3rd-12th grade students to claim their accounts by January 30th." Before you scoff at the idea that a child's future could depend on his or her Digital Badge collection, consider that the supporters helping government make it happen include the MacArthur Foundation, Gates Foundation, and Mozilla, and a number of business and education partners have made public pledges committing to help accelerate the spread and scale of digital badges for learning. Digital badge-based employment has also earned a thumbs-up from the White House. It's unclear, but might make sense that Chicago kids' digital badges will be collected and shared in the citywide data warehouse being built by the 'cradle-to-career' Thrive Chicago initiative, which is working with the Mayor's Office and CPS to develop a "data system that integrates data from multiple partner agencies, links program participation data to other youth data, and provides a web interface where partner agencies can access youth data targeted on improving youth outcomes at the individual and aggregate levels." After all, the data collected will include "student demographics, school attendance, grades, student behavior, out of school time program participation, and progress to graduation." Not only that, Thrive Chicago's Leadership Council includes the interim President of the MacArthur Foundation (as well as Microsoft and IBM employees)." Update: 01/12 15:52 GMT by T : An earlier version of this story misstated the name of the MacArthur Foundation, which has now been corrected.
Open Source

Big Names Dominate Open Source Funding 32

Posted by Soulskill from the all-about-the-open-source-benjamins dept.
jones_supa writes: Network World's analysis of publicly listed sponsors of 36 prominent open-source non-profits and foundations reveals that the lion's share of financial support for open-source groups comes from a familiar set of names. Google was the biggest supporter, appearing on the sponsor lists of eight of the 36 groups analyzed. Four companies – Canonical, SUSE, HP and VMware – supported five groups each, and seven others (Nokia, Oracle, Cisco, IBM, Dell, Intel and NEC) supported four. For its part, Red Hat supports three groups (Linux Foundation, Creative Commons and the Open Virtualization Alliance).

It's tough to get more than a general sense of how much money gets contributed to which foundations by which companies – however, the numbers aren't large by the standards of the big contributors. The average annual revenue for the open-source organizations considered in the analysis was $4.36 million, and that number was skewed by the $27 million taken in by the Wikimedia Foundation (whose interests range far beyond OSS development) and the $17 million posted by Linux Foundation.
Technology

Ask Slashdot: What Tech Companies Won't Be Around In 10 Years? 332

Posted by Soulskill from the those-who-fail-to-adapt dept.
An anonymous reader writes: It's interesting to look back a decade and see how the tech industry has changed. The mobile phone giants of 10 years ago have all struggled to compete with the smartphone newcomers. Meanwhile, the game console landscape is almost exactly the same. I'm sure few of us predicted Apple's rebirth over the past decade, and many of us thought Microsoft would have fallen a lot further by now. With that in mind, let's make some predictions. What companies aren't going to make it another 10 years? Are Facebook, Twitter, and the other social networking behemoths going to fade as quickly as they arose? What about the heralds of the so-called 'sharing economy,' like Uber? Are IBM and Oracle going to hang on? Along the same lines, what companies do you think will definitely stick around for another decade or more? Post your predictions for all to see. I'll buy you a beer in 10 years if you're right.
Apple

Apple and Samsung Already Working On A9 Processor 114

Posted by samzenpus from the build-it-better dept.
itwbennett writes According to a report in Korean IT Times, Samsung Electronics has begun production of the A9 processor, the next generation ARM-based CPU for iPhone and iPad. Korea IT Times says Samsung has production lines capable of FinFET process production (a cutting-edge design for semiconductors that many other manufacturers, including AMD, IBM and TSMC, are adopting) in Austin, Texas and Giheung, Korea, but production is only taking place in Austin. Samsung invested $3.9 billion in that plant specifically to make chips for Apple. So now Apple can say its CPU is "Made in America."
Privacy

Bank Security Software EULA Allows Spying On Users 135

Posted by timothy from the even-for-a-eula-that's-bad dept.
An anonymous reader writes Trusteer Rapport, a software package whose installation is promoted by several major banks as an anti-fraud tool, has recently been acquired by IBM and has an updated EULA. Among other things, the new EULA includes this gem: "In addition, You authorize personnel of IBM, as Your Sponsoring Enterprise's data processor, to use the Program remotely to collect any files or other information from your computer that IBM security experts suspect may be related to malware or other malicious activity, or that may be associated with general Program malfunction." Welcome to the future...
IBM

Apple, IBM Partnership Yields First Results: 10 Mobile Apps 53

Posted by samzenpus from the big-blue-apple dept.
itwbennett writes IBM and Apple have unveiled the first results of the enterprise IT partnership they announced in July: 10 mobile applications aimed at businesses in six industries as well as government users. One of the apps, for example, allows a flight crew to personalize a passenger's in-flight experience. An app targeted at the banking industry allows a financial advisor to remotely access and manage a client's portfolio. And police officers can use iPhones to view video feeds from crime scenes with an app for law enforcement.
Power

Using Discarded Laptop Batteries To Power Lights 143

Posted by Soulskill from the i-bet-fresh-laptop-batteries-would-work-even-better dept.
mrspoonsi sends news of an IBM study (PDF) which found that discarded laptop batteries could be used to power lights in areas where there's little or no electrical grid. Of the sample IBM tested, 70% of the used batteries were able to power an LED light for more than four hours every day throughout an entire year. The concept was trialed in the Indian city of Bangalore this year. The adapted power packs are expected to prove popular with street vendors, who are not on the electric grid, as well as poor families living in slums. The IBM team created what they called an UrJar — a device that uses lithium-ion cells from the old batteries to power low-energy DC devices, such as a light. The researchers are aiming to help the approximately 400 million people in India who are off grid.
IT

Big IT Vendors Mostly Mum On Commercial Drone Plans 22

Posted by Soulskill from the playing-possum dept.
alphadogg writes: Word that the Federal Aviation Administration might take a very hard line on commercial drone use has those with designs on such activity nervous. But as for big enterprise IT vendors, it's really hard to tell what they think because they're keeping any plans in this field very hush-hush. More consumer oriented companies like Amazon, Facebook, and Google are active, but companies like IBM and HP are quiet, while Microsoft affirms it has nothing doing. A former FAA lawyer says sitting on the sidelines even during this unsure regulatory period is probably not a great idea. "I have a hard time believing they don't have some sort of programs in place," attorney Mark Dombroff says.
AI

Alva Noe: Don't Worry About the Singularity, We Can't Even Copy an Amoeba 455

Posted by samzenpus from the I-for-one-don't-worry-about-our-new-robotic-overlords dept.
An anonymous reader writes "Writer and professor of philosophy at the University of California, Berkeley Alva Noe isn't worried that we will soon be under the rule of shiny metal overlords. He says that currently we can't produce "machines that exhibit the agency and awareness of an amoeba." He writes at NPR: "One reason I'm not worried about the possibility that we will soon make machines that are smarter than us, is that we haven't managed to make machines until now that are smart at all. Artificial intelligence isn't synthetic intelligence: It's pseudo-intelligence. This really ought to be obvious. Clocks may keep time, but they don't know what time it is. And strictly speaking, it is we who use them to tell time. But the same is true of Watson, the IBM supercomputer that supposedly played Jeopardy! and dominated the human competition. Watson answered no questions. It participated in no competition. It didn't do anything. All the doing was on our side. We played Jeopordy! with Watson. We used 'it' the way we use clocks.""
Cloud

Microsoft Azure Outage Across the Globe 167

Posted by Soulskill from the maybe-you-should-call-it-office364 dept.
hawkinspeter writes: The BBC reports that overnight an outage of Microsoft's Azure cloud computing platform took down many third-party sites that rely on it, in addition to disrupting Microsoft's own products. Office 365 and Xbox Live services were affected.

This happened at a particularly inopportune time, as Microsoft has recently been pushing its Azure services in an effort to catch up with other providers such as Amazon, IBM, and Google. Just a couple of hours previously, Microsoft had screened an Azure advert in the UK during the Scotland v. England soccer match." (Most services are back online. As of this writing, Application Insights is still struggling, and Europe is having problems with hosted VMs.)
AI

Does Watson Have the Answer To Big Blue's Uncertain Future? 67

Posted by Soulskill from the i'm-sorry-dave,-i-need-those-TPS-reports-right-now dept.
HughPickens.com writes: IBM has recently delivered a string of disappointing quarters, and announced recently that it would take a multibillion-dollar hit to offload its struggling chip business. But Will Knight writes at MIT Technology Review that Watson may have the answer to IBM's uncertain future. IBM's vast research department was recently reorganized to ramp up efforts related to cognitive computing. The push began with the development of the original Watson, but has expanded to include other areas of software and hardware research aimed at helping machines provide useful insights from huge quantities of often-messy data. "We're betting billions of dollars, and a third of this division now is working on it," says John Kelly, director of IBM Research, said of cognitive computing, a term the company uses to refer to artificial intelligence techniques related to Watson. The hope is that the Watson Business Group, a division aimed making its Jeopardy!-winning cognitive computing application more of a commercial success, will be able to answer more complicated questions in all sorts of industries, including health care, financial investment, and oil discovery; and that it will help IBM build a lucrative new computer-driven consulting business.

But Watson is still a work in progress. Some companies and researchers testing Watson systems have reported difficulties in adapting the technology to work with their data sets. "It's not taking off as quickly as they would like," says Robert Austin. "This is one of those areas where turning demos into real business value depends on the devils in the details. I think there's a bold new world coming, but not as fast as some people think." IBM needs software developers to embrace its vision and build services and apps that use its cognitive computing technology. In May of this year it announced that seven universities would offer computer science classes in cognitive computing and last month IBM revealed a list of partners that have developed applications by tapping into application programming interfaces that access versions of Watson running in the cloud. Big Blue said it will invest $1 billion into the Watson division including $100 million to fund startups developing cognitive apps. "I very much admire the end goal," says Boris Katz, adding that business pressures could encourage IBM's researchers to move more quickly than they would like. "If the management is patient, they will really go far."
IBM

Khrushchev's 1959 Visit To IBM 54

Posted by timothy from the economic-coordination dept.
harrymcc (1641347) writes In September of 1959, Nikita Khrushchev, the premier of the Soviet Union, spent 12 days touring the U.S. One of his stops was IBM's facilities in San Jose, which helped to create the area later known as Silicon Valley. The premier got to see the first computer which came with a hard disk, which IBM programmed to answer history questions. But what he was most impressed by was IBM's modern cafeteria. Over at Fast Company, I've chronicled this fascinating and little-known moment in tech history, which will be covered in an upcoming PBS program on Khrushchev's U.S. trip.

Slashdot Top Deals