White-hat hackers key to securing connected cars

WASHINGTON -- It's a scary prospect, barreling down the highway when a hacker seizes control of your brakes and power-steering system.The specter of hacking a vehicle, potentially a matter of life and death, demands auto makers to elevate security as a priority as they develop ever-more sophisticated in-car technology, a member of the Federal Trade Commission is warning.[ Related: Senators call for investigation of potential safety security threats from connected cars ]To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 10:35 am

How to prepare IT workers for the impact of automation

Seven out of 10 corporate executives say they are making significantly more investments in artificial intelligence (AI) than just two years ago, according to Accenture’s recent Technology Vision survey. And more than half (55 percent) say they plan to use machine learning and embedded AI solutions extensively.[ Related: IT pros don’t fear rise of the robots ]But rapid advancement of AI and robotics in the workplace has many professionals on edge—no more so than in IT. As machines become more sophisticated and able to learn and make decisions, they are becoming an increasingly important aspect of the IT ecosystem. And that creates fear, uncertainty and doubt in the human workforce.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 10:34 am

AT&T to run field trials of 5G wireless in Austin this year

AT&T announced today it will begin field trials of faster 5G wireless technology this summer in Austin, Texas.The 3GPP industry standard for 5G, also known as Fifth Generation wireless, is not expected to be completed until 2020, with the earliest phase completed in 2018.Wireless speeds with 5G could be 10 to 100 times faster than with 4G LTE, which generally averages in the 10 Mbps to 20 Mbps range for users downloading data.Both AT&T and Verizon have ambitious 5G rollout plans, prompted by the recent explosion of wireless video and Internet of Things connectivity. AT&T estimates that its wireless network grew 150,000% from 2007 to 2015, largely because of video traffic; more than 60% of its wireless traffic in 2015 was video.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 10:32 am

FTC reminder: ‘Spread the word about government imposters’

Yes, you and I are waaaaay too savvy to fall for the old “I’m calling from the government and you had better pay up” trick.Unfortunately, others are not, especially among the elderly.So the Federal Trade Commission is once again asking for help getting the word out: We’re hearing from our colleagues that those pesky government imposters are at it again, using the FTC’s name to try to con people into paying them for something. Whether it’s to clean up your credit report, give you a prize, resolve a complaint against you, or pay off a debt you owe, they’re all lies. The message may be a call or an email, but it isn’t from the Federal Trade Commission, or any other federal agency.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 10:31 am

Five sue Apple over Error 53 and bricked iPhones

Five plaintiffs yesterday sued Apple and asked a federal court to designate the case a class action lawsuit because their iPhones were allegedly "bricked" after they had either repaired their smartphones themselves or went to a third-party shop for repairs.According to a complaint filed Thursday, the five were represented by the Seattle, Wash. law firm Pfau, Cochran, Vertetis, Amala (PCVA), which earlier this week solicited possible plaintiffs for a class action suit.The complaint was based on "Error 53," an error message that has appeared on iPhone 6, 6S, 6 Plus and 6S Plus devices. It appears when a do-it-yourself owner or a third-party shop has replaced the Home button -- which includes the Touch ID sensor -- and/or the connecting cable. Once the error appears, the iPhone is "bricked," or rendered unusable.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 10:31 am

Intel SSDs may get speed, capacity boost with new Micron chips

Intel's solid-state drives could be poised for a big jump in capacity and speed with new 3D flash chips coming from Micron.Micron, which makes the flash in Intel's SSDs, has started volume shipments of its 3D NAND flash chips. The chips could lead to SSDs the size of a pack of gum with more than 3.5TB of storage and standard 2.5-inch SSDs with capacities greater than 10TB.SSDs have been advancing in capacity and durability. Fixstars last month shipped a 13TB SSD, which is priced at about US$1 per gigabyte, or US$13,000. This year, SanDisk plans to ship 6TB and 8TB SSDs, while Samsung is aiming to release a 4TB SSD.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 10:28 am

How the network performed at Super Bowl 50

The 50th Super Bowl was filled with hype and high expectations. The young, upstart Cam Newton was facing off against the old veteran Peyton Manning. By all accounts, the game didn’t live up to its hype, as both defenses dominated, but it did see Peyton Manning hoist his second Lombardi trophy after one of the most tumultuous seasons any Super Bowl-winning quarterback has ever had.What did live up to the hype, though, was the performance of the Wi-Fi network. I wrote a preview as to what to expect from Super Bowl 50 about a week ago and pointed out that this game was pegged to be the techiest Super Bowl ever. The game was in the heart of Silicon Valley, where everyone has the latest gadget and is technologically savvy. Also, the amount of fanfare surrounding the halftime show, the Super Bowl MVP, and Manning’s last rodeo meant people would be snapping pictures and uploading pictures at an unprecedented rate.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 10:15 am

How I turned my older car into a networked, “smart car”

Modern automobiles have been including embedded technologies (dashboard GPS, cellular network support, CarPlay for iOS integration) over the past few years, a trend I don’t get to fully participate in as I continue to drive my 2010 Honda Civic (still going strong!). Some jealousy has seeped in, though, at how those cars are smarter than mine, so I decided to do something about it. No, I didn’t buy a new car – I grabbed a bunch of gadgets that can help to smart-enable my older vehicle. Waze First up, navigation. I’ve been a longtime fan of Waze, the GPS app that utilizes traffic information, but also that relies on other users to provide updated, real-time information (such as traffic slowdowns, hazards on the road, or, ahem, police speed traps). Since being acquired by Google, Waze has updated its interface a few times (and added some annoying advertising features), as well as celebrity voice navigators (some were good, some not-so-good). But it’s still the go-to app for my work commute and other navigations.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 10:11 am

Nasdaq to use blockchain to record shareholder votes

Add shareholder voting to the list of applications for blockchain technologies.Later this year, Nasdaq plans to record stockholders' electronic votes on its own blockchain system for companies listed on one of its exchanges. By digitizing the entire process, it expects to speed and simplify the proxy voting process.Blockchains -- the best known of which is the public ledger of bitcoin transactions -- are distributed records of events, each block in the record containing a computational "hash" of itself and of the previous block, so that all are connected like links in a chain.A hash, or digest, is a short digital representation of a larger chunk of data. Hash functions are designed so that calculating (or verifying) the hash of a chunk of data takes little computing power, while creating data with a particular hash is computationally expensive.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 10:09 am

Henry Ford and Incident Response

In the early 1900s, Henry Ford was intent on making the Model T an affordable car for the masses. To do so, he had to figure out a way to vastly improve the company’s manufacturing efficiency in order to reduce consumer prices. Ford solved this problem by adopting a modern manufacturing assembly line based upon four principles: interchangeable parts, continuous flow, division of labor, and reducing wasted efforts. While incident response is a bit different from automobile manufacturing, I believe that CISOs should assess their IR processes and take Ford’s four principles to heart. Here’s how I translate each one for IR purposes: Interchangeable parts. In Ford’s world, interchangeable parts meant that components like steering wheels and bumpers could be used to assemble all types of cars and thus keep the line moving. In IR, interchangeable parts mean that all detection tools should be based on published APIs so that each one can interoperate with all others. It also means embracing standards like STIX and TAXII for threat intelligence exchange so data can be easily consumed or shared. Finally, interchangeable IR parts calls for the creation and adoption of cybersecurity middleware that acts as a higher-level abstraction layer for policy management/enforcement. I blogged about this concept after seeing an interesting presentation by Swisscom at Splunk .conf15. In effect, this middleware layer could make all underlying security enforcement points interchangeable and systematic. Continuous flow. Enterprise IR processes are fraught with starts and stops, especially when they require close collaboration between security analysts and IT operations teams. Sometimes there are priority issues between these groups like when the security team insists on the immediate installation of an emergency patch but IT operations pushes back because the patch only applies to non-critical systems. Sometimes the problems are technical, such as a lack of integration between IR and ticketing systems. CISOs must assess IR processes, identify disruptive process bottlenecks, and eliminate them as quickly as possible.  Division of labor. IR processes are often informal and highly dependent upon individual security analysts employing their own tools and methodologies. Yup, this can get the job done but it doesn’t scale across an entire organization or keep up with today’s volume of security alerts. Furthermore, IR processes can walk out the door when folk hero “hunters” leave the company for high-paying gigs at a Wall Street bank. To avoid this issue, CISOs need IR processes to be based upon industry standards like those in NIST 800-61 with appropriate division of labor between junior technicians, senior incident responders, hunters, and IT operations. Workflows and runbooks should also be documented so that junior analysts have process template and can triage events without the need for immediate escalation. Oh, and IR processes should extend beyond cybersecurity and IT to also include groups like HR, PR, IR, legal, and executive management.  Reducing wasted efforts. This is really a product of 3 & 4 above. It’s also important to constantly document what works and what doesn’t so security analysts have a blue print for the best course of action for each type of incident. Workflows should be continuously reviewed and modified to eliminate time consuming distractions. This is especially important during any IR handoff from cybersecurity to IT operations teams. Once again, it’s about identifying and eliminating the bottlenecks.  CISOs interested in applying Ford’s 4 principles to IR should investigate a few IR software vendors like CyberSponse, FirstHour, Hexadite, Invotas (FireEye), Phantom Cyber, Resilient Systems, and ServiceNow to see if they can help.  SIEM vendors like IBM (QRadar), LogRhythm, and Splunk also have some of these capabilities.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 9:41 am

Pwn2Own contest puts $75,000 bounty on VMware Workstation bypass

The Pwn2Own hacking contest will return in March, pitting researchers against the most popular browsers and operating systems. The novelty: Contestants can win a $75,00 prize for escaping a VMware virtual machine.Contestants will be able to exploit Microsoft Edge or Google Chrome on fully patched versions of 64-bit Windows 10 and Apple Safari on OS X El Capitan. System or root-level privilege escalation pays extra, as does escaping from the virtual machine.Every year, Pwn2Own, at the CanSecWest security conference, has slightly modified rules, and 2016 is no different. Adobe Reader, Mozilla Firefox and Internet Explorer are no longer on the contest's target list. Adobe Flash remains, but only the version that comes bundled with Microsoft Edge.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 9:15 am

IDG Contributor Network: Wayerz launches global payment network to provide real-time payment tracking

As a remote worker who is based in New Zealand but does most of his work in the U.S., I'm all too aware of the cost, complexity, and stress of international payments. I generally receive payments in one of two ways: either via PayPal or via direct bank transfer. The odd client still pays with physical checks, but luckily that seems to be decreasing. There are pros and cons to the two systems that make up the majority of my inbound payments - PayPal is fast and easy, but expensive. Bank transfers tend to be cheaper, but are pretty much unpredictable in terms of timing.Which is why I'm interested to hear what Wayerz is cooking up. Wayerz is a software platform that helps digitize the formerly broken bank-to-bank relationship. Wiring, inter-bank billing, reporting, and reconciliation are all tasks that have no standard methodologies, and no common platforms to offer transparency. Wayerz is looking to change that with its Global Payment Network (GPN).To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 7:25 am

Senate passes permanent ban on Internet access taxes

The U.S. Senate has voted to permanently ban taxes on Internet access and other online services.The Permanent Internet Tax Freedom Act was included in a trade enforcement bill passed by senators in a 75-20 vote Thursday. The provision, passed by the House of Representatives last June, would permanently extend a 18-year moratorium on Internet-targeted taxes that expired in October. Congress had extended the moratorium several times since 1998, but supporters weren't able to pass a permanent ban until now.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 6:43 am

Hertz cuts IT jobs as it shifts to IBM

Hertz has warned around 230 IT workers that their jobs may be at risk as it expands its outsourcing work with IBM.The employees work at a Hertz technology center in Oklahoma City, Okla. The facility has the company's highest concentration of IT workers in the U.S. They were told this week.The outsourcing "will probably impact" other U.S. IT positions, said Bill Masterson, a Hertz spokesman.Asked if the total number of affected IT jobs will be larger, Masterson said: "We expect it to be larger than 230 for the U.S."Hertz is trying to improve its IT operations. It hired a new CIO last year with experience in the car rental industry, Tyler Best.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 6:41 am

Risky business? Online dating fraud dips during Valentine's Day

Good news, singletons. According to research from device intelligence and fraud prevention company iovation, fraud on online dating sites is lower leading up to Valentine's Day.To read this article in full or to leave a comment, please click here(Insider Story)

Posted by on 12 February 2016 | 6:41 am

ENCRYPT Act co-sponsor learned tech ropes at Microsoft

One of four congressional sponsors of the ENCRYPT Act of 2016, which would preempt state and local laws banning encryption on smartphones, cut her teeth in mobile communications for Microsoft.U.S. Rep. Suzan DelBene (D-Wash.) worked as vice president of mobile communications at Microsoft from 2004 to 2007. That was her second stint at Microsoft; her first was from 1989 to 1998 after receiving an MBA when she worked on Windows 95, email and embedded systems. In between, she helped start Drugstore.com.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 6:38 am

7 Android tools that can help your personal security

This isn't your typical Android security story.Most articles about Android security tools focus on malware-scanning suites like Lookout, Norton and AVG. But with the layers of protection already built into the platform, those sorts of apps are arguably unnecessary and often counterproductive -- or even needlessly expensive.INSIDER: 5 ways to prepare for Internet of Things security threats For most Android users, the seven tools below should cover all the important bases of device and data security. Some are third-party apps, while others are native parts of the Android operating system. They all, however, will protect your personal info in meaningful ways -- and without compromising your phone's performance. Plus, all but two of them are free.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 6:28 am

Apple's iPhone sued for infringement of touch feedback patents

Haptic technology company Immersion has accused Apple and carrier AT&T of infringement of three of its patents in the latest iPhone models and Apple watches. Immersion, which claims over 2,100 issued or pending patents worldwide covering various aspects and commercial applications of haptic or touch feedback technology, has asked the U.S. International Trade Commission to ban the import of the specified iPhone and Apple Watch models in the U.S., besides suing for damages in a Delaware federal court, company CEO Victor Viegas said in a conference call Thursday. Under the rules, it will take the ITC 30 days to decide on instituting an investigation, and the subsequent proceedings could take another 16 months, making an appeal to the ITC the most effective and quick way for redress, Viegas said.To read this article in full or to leave a comment, please click here

Posted by on 12 February 2016 | 12:30 am

Is the road to machine learning paved with API providers?

When it comes to machine learning, the future is already here, but it’s not yet evenly distributed. Taking advantage of breakthroughs in the field can require a lot of work, which is tough for small companies and those without a whole team to build custom applications and algorithms.According to Okta CEO Todd McKinnon, there’s a lot of hype around the potential of machine learning, but companies aren’t actually taking advantage of it. It's similar to how people discussed big data a few years ago.“We think about this a lot, and the most interesting thing about machine learning that I’ve noticed over the last year is that it’s kind of like what big data was three years ago,” he said. "Everyone talks about it, but nobody really has it."To read this article in full or to leave a comment, please click here

Posted by on 11 February 2016 | 7:17 pm

Need data-science skills? Now your team can learn together

It's an opportunity-filled world for those with data-science skills; for everyone else, the question is mostly how to get them.That's where DataCamp comes in. Founded in late 2013, the online data-science school offers training for students and professionals alike, including those who want to make a career switch. More than a few of its customers are large companies and universities.Data visualization, dynamic reporting, R programming and large data sets are all among the topics on DataCamp's curriculum. Courses don’t follow a traditional academic format, though; instead, DataCamp uses short video lessons and online programming challenges to teach the material, all of which is delivered through a browser. Rather than degrees, students earn badges and statements of completion for each course they finish.To read this article in full or to leave a comment, please click here

Posted by on 11 February 2016 | 6:16 pm

Hackers of two Ukrainian utilities probably hit mining and railroad targets, too

The attackers who crippled Ukrainian power operators in December probably committed attacks shortly before against a mining company and a railway operator, Trend Micro said Thursday.The security company said its latest technical research shows that the same malware -- dubbed BlackEnergy and KillDisk -- were probably used in the earlier actions. It didn't name the targets of those attacks, which took place in November and December."There is remarkable overlap between the malware used, infrastructure, naming conventions, and to some degree, the timing of use for this malware," wrote Kyle Wilhoit, a senior threat researcher.To read this article in full or to leave a comment, please click here

Posted by on 11 February 2016 | 5:32 pm

Qualcomm hopes a gradual approach to server market will pay dividends

The ARM server market is a dangerous place to be: Right now there's virtually no money to be made. Some ARM server chip makers have quit, while others hold on to the hope that the market will some day be viable.Qualcomm, which was late entering the market for server chips based on the ARM architecture, has been patient. The company doesn't want to prematurely release server chips only to see them fail to catch on, said Derek Aberle, president of Qualcomm, during a speech at the company's investor meeting on Thursday.ARM licenses its chip architecture to chip makers, which then manufacture the processors and sell them to hardware manufacturers.To read this article in full or to leave a comment, please click here

Posted by on 11 February 2016 | 4:55 pm

"Hi, Name!" Harpoon Brewery takes impersonal-ness to a new level

We reporters and editors at Network World have received more than our fair share of mis-addressed pitches over the years, some intended for competitors, some reversing last and first names, and some just plain inexplicable. I even recall colleague Paul McNamara getting a letter addressed "Hello Dear!" from his archrival, Bank of America. All of which brings me to today's Exhibit A: This ever so impersonal marketing message from Harpoon Brewery that began with "Hi, Name!" (See screenshot above.) MORE: Network company name change madness is upon usTo read this article in full or to leave a comment, please click here

Posted by on 11 February 2016 | 4:19 pm

VMware’s new management tools are hybrid, hybrid, hybrid

VMware has been on a news blitz this week, announcing updates to many of its management products and one specific focus has been on enabling hybrid cloud computing.The company has a stronghold in its compute virtualization software based on vSphere, but as more enterprises use public cloud services, VMware is extending the support of its management tools to include off-premises resources. VMware hopes that any customer looking to use Amazon Web Services, Microsoft Azure or Google Cloud Platform will choose the company’s vRealize Suite to centrally manage their on-premises virtualized environments and the public cloud.+MORE AT NETWORK WORLD: VMware gives enterprises a BYOD boost with three new tools | SD-WAN: What it is and why you’ll use it one day +To read this article in full or to leave a comment, please click here

Posted by on 11 February 2016 | 3:19 pm

IDG Contributor Network: New project aims to develop fuel cell-based smartphone battery

Hydrogen fuel developer Intelligent Energy says it's getting closer to delivering a hybrid fuel cell embedded in a smartphone, which it claims will allow smartphones to run for a week on a single charge.Intelligent Energy says it has agreed to a deal with an existing smartphone OEM to provide the technology. It won't name the manufacturer for legal reasons, however.Plentiful element The hydrogen system works by combining batteries with fuel cells, which create electricity through a chemical reaction."Hydrogen gas and oxygen react together to produce clean energy at source," Dr. Henri Winand, CEO of Intelligent Energy, explained to me in an email. Eco-friendly water is the only by-product.To read this article in full or to leave a comment, please click here

Posted by on 11 February 2016 | 2:48 pm