Discus Systems PLC - IT Support Company in Birmingham West midlands
0800 880 3360
 


Posted by Damien Biddulph on Wed 10th May 2017

mark zuckerbergFacebook CEO Mark Zuckerberg.Steve Jennings/Getty

 

The closest Mark Zuckerberg has come to directly addressing President Donald Trump in public was when he wrote that "progress does not move in a straight line" the day after the election in November.

Since then, Zuckerberg has embarked on his own tour of the U.S. that's been compared to a presidential campaign and sparked rumors that the Facebook CEO is considering a 2020 run.

While Zuckerberg has been shy to publicly address Trump, he has in fact spoken with the president multiple times by phone since the election, Business Insider has learned. Zuckerberg revealed that he's talked with Trump during a surprise dinner with the Moore family in Newton, Ohio two weeks ago.

Exactly what Zuckerberg and Trump discussed is unclear — Zuckerberg didn't say during his dinner with the Ohio family and his spokesperson declined to comment. But the discussions show that the Facebook billionaire has held a dialogue with Trump even as he publicly opposes policies like Trump's first executive order on immigration. The White House didn't return a request for comment.

Zuckerberg and Facebook's relationship with Trump is complicated. Facebook was widely criticized in the wake of the election for its role in the proliferation of so-called fake news, which many believed help Trump win the election. Zuckerberg has called that notion "pretty crazy," but Facebook has made significant strides to eradicate fake news stories from its platform.

When Trump called together the tech industry's top leaders for a meeting of the minds in December, Facebook COO Sheryl Sandberg went instead of Zuckerberg. Before Trump was elected, Zuckerberg had come to the defense of the Facebook board member and Trump advisor who organized that same meeting with tech leaders, Peter Thiel.

"We care deeply about diversity," Zuckerberg wrote in an internal memo to Facebook employees that was leaked in October. "That's easy to say when it means standing up for ideas you agree with. It's a lot harder when it means standing up for the rights of people with different viewpoints to say what they care about. That's even more important."

Source: uk.businessinsider.com
 
corner spacer corner
 


Posted by Damien Biddulph on Wed 10th May 2017

Microsoft logoImage copyrightGETTY IMAGES

Microsoft has released an urgent update to stop hackers taking control of computers with a single email.

The unusual bug, in Microsoft anti-malware software such as Windows Defender, could be exploited without the recipient even opening the message.

Researchers working for Google's Project Zero cyber-security outfit discovered the flaw at the weekend.

The fix has been specially pushed out hours before the software giant's monthly Tuesday security update.

Hackers could exploit the flaw simply by sending an infected email, instant message or getting the user to click on a web browser link.

Windows 8, 8.1, 10 and Windows Server operating systems are affected by the bug.

Anti-virus software such as Windows Defender would merely have to scan the malicious content for the exploit to be triggered.

On some computers, scans are set up to occur almost instantly - "real-time protection" - or to take place at a scheduled time.

"Anti-virus normally tries to intercept these things before you get to them," said cyber-security expert Graham Cluley.

He added it was "tremendous" that Microsoft had released the patch so quickly.

Travis Ormandy tweet says bug is

Image captionNews of the bug broke over the weekend - and the problem was quickly patched

The bug was discovered by Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich.

And Mr Ormandy later tweeted he had been "blown away" at the speedy response.

The vulnerability allows for remote code execution: "the thing all the malicious attackers are aiming for", Mr Cluley told the BBC.

"It means they can install code on to your computer without your permission - it means they can hijack your computer."

Mr Cluley did add, however, that he thought the Project Zero protocol for announcing the vulnerability had been risky, because it included information that malicious hackers might have found useful.

"That can help the bad guys," he said.

Windows users can check that they are running the latest Windows Defender engine version (1.1.13704.0), which should download automatically, to make sure they are not at risk - or hit the update button.

Source: bbc.co.uk
 
corner spacer corner
 


Posted by Damien Biddulph on Wed 3rd May 2017

Tomorrow's World

Tomorrow's World is coming back to the BBC as a year-long series of science programmes.

The show, which ran from 1965 to 2003, made lots of accurate predictions about how technology would change in the future.

It introduced audiences to inventions we now take for granted, including the mobile phone and cash machines.

But it also showcased some crazy and weird creations that never caught on at all.

The mobile phone

A reporter tries a mobile phone for the first time

An episode from September 1979 shows a reporter using a prototype of a mobile phone for the first time.

A type of portable phone was in use in the UK before then, but it was time-consuming and convoluted to use.

 

First, people had to phone a call operator, who then manually dialled the number of the person they were trying to reach.

The new mobile phone was a revolution because it allowed people to call each other directly.

Many pieces of technology that were first introduced on the show, including the digital watch in 1972, are now available on modern mobile phones without the need for multiple devices.

Plastic grass

Grass may not be the first thing you think of in terms of technology advances, but having a nice garden was not always as easy as it is today.

In April 1968, an episode aired showing a rooftop garden that was made fully of plastic flowers and grass.

 

Polish could be used to clean the flowers and the grass was vacuumed instead of mown, which made for easier cleaning.

Its biggest uses today include landscaping and in sports arenas.

The first home computer terminal

Image captionThe first home computer terminal was showcased on an episode of Tomorrow's World in 1967

The computer

An episode from September 1967 shows the first use of what was then called a "home computer terminal".

It was the first of its kind in Europe and was installed in the home of an industrial consultant.

 

It was connected to a "brain" 10 miles away and used an electric keyboard to send and receive messages, check bank balances and solve simple maths problems.

Chip and pin

Going shopping without money isn't an issue any more, but it hasn't always been that way.

Tomorrow's World showed a computerised credit card machine that took money directly from a customer's account in December 1969.

It worked in a similar way to how it still works today, but was less streamlined.

 

Tomorrow's World also debuted the cash machine in the same year.

Touchscreen and styluses

An episode in March 1967 showed the use of a "light pen" which allowed a user to input information into a computer via a pen that pressed against a phosphorescent screen.

The demonstration video shows how a 3D object could be drawn on the screen and then rotated into different perspectives.

 

A later episode in 1991 showed how touchscreen could be used on a more personal level, including updating a diary and filling in forms.

Touchscreens are now commonplace and styluses are used in things like graphic design and art.

Source: bbc.co.uk
 
corner spacer corner
 


Posted by Damien Biddulph on Tue 2nd May 2017

Various batteriesImage copyrightGETTY IMAGES

Murderers in early 19th-Century London sometimes tried to kill themselves before they were hanged.

Failing that, they asked friends to give their legs a good, hard pull as they dangled from the gallows to ensure their death. Their freshly hanged bodies, they knew, would be handed to scientists for anatomical studies.

They didn't want to survive the hanging and regain consciousness while being dissected.

If George Foster, executed in 1803, had woken up on the lab table, it would have been in particularly undignified circumstances.

In front of an enthralled and slightly horrified London crowd, an Italian scientist with a flair for showmanship placed an electrode into Foster's rectum.

Some onlookers thought Foster was waking up. The electrically charged probe caused his body to flinch and his fist to clench. Applied to his face, electrodes made his mouth grimace and an eye twitch open.

The scientist had modestly assured his audience that he wasn't actually intending to bring Foster back to life, but added, "Who knows what might happen?"

The police were on hand, in case Foster needed hanging again.

Foster's body was being galvanised - a word coined for Luigi Galvani, the Italian scientist's uncle.

In 1780s Italy, Galvani had discovered that touching the severed legs of a dead frog with two different types of metal caused the legs to jerk.

Wrong in a useful way

Galvani thought he had discovered "animal electricity", and his nephew was carrying on the investigations.

Galvanism briefly fascinated the public, inspiring Mary Shelley's novel, Frankenstein.

An illustration of Galvani's experiment, which saw frogs' legs twitch when touched with electrodesImage copyrightGETTY IMAGES

Image captionGalvani discovered frogs' legs would twitch when touched by electrodes

Galvani was wrong. There is no animal electricity.

You can't bring hanged bodies back to life, and Victor Frankenstein's monster remains safely in the realms of fiction.

But Galvani was wrong in a useful way, because he showed his experiments to his friend Alessandro Volta, who had better intuition about what was going on.

The important thing, Volta realised, wasn't that the frog flesh was of animal origin.

It was that it contained fluids which conducted electricity, allowing a charge to pass between the different types of metal.

When the two metals connected - Galvani's scalpel touching the brass hook on which the legs were hung - the circuit was complete, and a chemical reaction caused electrons to flow.

Volta experimented with different combinations of metal and different substitutes for frogs' legs. In 1800, he showed that you could generate a constant, steady current by piling up sheets of zinc, copper and brine-soaked cardboard.

A portrait of Alessandro Volta with his battery, or Image copyrightGETTY IMAGES

Image captionAlessandro Volta described his findings in a letter to the President of the Royal Society, Sir Joseph Banks, in March 1800

Volta had invented the battery, and gave us a new word - volt. His insight won him admirers. Napoleon made him a count.

The lithium breakthrough

But it wasn't especially practical, not at first.

The metals corroded, the salt water spilled, the current was short-lived, and it couldn't be recharged.

It was 1859 before we got the first rechargeable battery, made from lead, lead dioxide and sulphuric acid. It was bulky, heavy, and acid sloshed out if you tipped it over. But it was useful - the same basic design still starts our cars.

The first "dry" cells - the familiar modern battery - came in 1886. The next big breakthrough took another century.

In 1985, Akira Yoshino patented the lithium-ion battery, later commercialised by Sony.

Lithium was popular with researchers as it's very light and highly reactive: lithium-ion batteries can pack lots of power into a small space.

lots of phones chargingImage copyrightGETTY IMAGES

Image captionLithium-ion batteries power many popular devices.

Unfortunately, lithium also has an alarming tendency to explode when exposed to air and water, so it took some clever chemistry to make it acceptably stable.

Without the lithium-ion battery, mobiles would likely have been much slower to catch on.

Consider what cutting-edge battery technology looked like in 1985.

Motorola had just launched the world's first mobile phone, the DynaTAC 8000x. Known affectionately as "the brick", it weighed nearly 1kg. Its talk time was 30 minutes.

The technology behind lithium-ion batteries has certainly improved: 1990s laptops were clunky and discharged rapidly. Today's sleek ultraportables will last for a long-haul flight.

Still, battery life has improved at a much slower rate than other laptop components, such as memory and processing power.

Where's the battery that's light and cheap, recharges in seconds, and never deteriorates with repeated use? We're still waiting.

But there is no shortage of researchers looking for the next breakthrough.

Some are developing "flow" batteries, which work by pumping charged liquid electrolytes.

A Image copyrightHARVARD SEAS

Image captionHarvard researchers working on "flow" batteries have identified a new class of organic molecules, inspired by vitamin B2, that can safely store electricity

Some are experimenting with new materials to combine with lithium, including sulphur and air. Some are using nanotechnology in the wires of electrodes to make batteries last longer.

But history counsels caution: game changers haven't come along often.

Can batteries boost the grid?

In the coming decades, the truly revolutionary development in batteries may not be in the technology itself, but in its uses.

We think of batteries as things that allow us to disconnect from the grid. We may soon see them as the thing that makes the grid work better.

Gradually, the cost of renewable energy is coming down. But even cheap renewables pose a problem - they don't generate power all the time.

You'll always have a glut of solar power on summer days and none on winter evenings. When the sun isn't shining and the wind isn't blowing, you need coal or gas or nuclear to keep the lights on, so why not run them all the time?

Technicians installing solar panels in OhioImage copyrightGETTY IMAGES

Image captionSolar panels cannot deliver power all the time - even in sunny spots

A recent study of south-eastern Arizona's grid weighed the costs of power cuts against the costs of CO2 emissions, and concluded that solar should provide just 20% of power. And Arizona is pretty sunny.

Grids need better ways of storing energy to better exploit renewable power.

One time-honoured solution is pumping water uphill when you have spare energy, and then - when you need more - letting it flow back down through a hydropower plant. But that requires conveniently contoured terrain.

Could batteries be the solution?

Perhaps. It depends partly on the extent to which regulators nudge the industry in that direction, and on how quickly battery costs come down.

Elon Musk hopes they'll come down very quickly indeed.

The entrepreneur behind electric car maker Tesla is building a gigantic lithium-ion battery factory in Nevada. Musk claims it will be the second-largest building in the world, after the one where Boeing manufactures its 747s.

Tesla charging stationsImage copyrightREUTERS

Image captionQuick-charging car batteries are essential for electric cars

Tesla is betting that it can significantly wrestle down the costs of lithium-ion production, not through technological breakthroughs, but through sheer economies of scale.

Tesla needs the batteries for its vehicles, of course. But it's also among the companies already offering battery packs to homes, businesses and power grids.

If you have solar panels on your roof, a battery in your house gives you the option of storing your surplus day-time energy for night-time use, rather than selling it back to the grid.

We're still a long way from a world in which electricity grids and transport networks can operate entirely on renewables and batteries.

But in the race to limit climate change, the world needs something to galvanise it into action.

The biggest impact of Alessandro Volta's invention may be only just beginning.

Source: bbc.co.uk
 
corner spacer corner
 


Posted by Damien Biddulph on Wed 26th Apr 2017

 

waymoWaymo

 

Normal people are getting their first chance to ride in Google's self-driving cars.

 

Waymo, the autonomous vehicle group owned by Google parent company Alphabet, is going to begin testing a self-driving car program for hundreds of families in Phoenix, Arizona, the companies said on Tuesday.

Waymo has recently been quietly testing the service for a handful of families, learning what potential customers would want from a ride service, the company said in a blog post.

It is now expanding the test, and buying 500 Chrysler minivans to do so. The Californian firm is urging people to apply to take part in an expanded test, which is the first public trial of Waymo's self-driving cars. The vehicles include human operators from Waymo behind the wheel, in case intervention is required and to take feedback.

"Over the course of this trial, we'll be accepting hundreds of people with diverse backgrounds and transportation needs who want to ride in and give feedback about Waymo's self-driving cars," Waymo CEO John Krafcik wrote in a blog post. "Rather than offering people one or two rides, the goal of this program is to give participants access to our fleet every day, at any time, to go anywhere within an area that's about twice the size of San Francisco."

Silicon Valley is racing to master self-driving technology, betting that it will transform the auto industry and be a gold mine for leading companies. Waymo has one of the best technology track records, and it has an alliance with Fiat Chrysler Automobiles.

Many companies expect that customers will use autonomous vehicles as a service, rather than owning them outright. Ride-hailing service Uber in particular expects to use autonomous cars, and CEO Travis Kalanick has said that the tech will be crucial to the company's future. Amazon is the latest big tech company to show an interest in research self-driving technology.

The new Waymo test in Arizona is meant to help the company understand what people want out of self-driving cars and see how they use and integrate the service. Testers will get access every day at any time.

Waymo already has with 100 Chrysler Pacifica minivans and is acquiring five times more, partly to be able to support the service.

Source: uk.businessinsider.com
 
corner spacer corner
 


Posted by Damien Biddulph on Tue 25th Apr 2017

By Lorelei MihalaTechnology of Business reporter

Lisbonne and Hawaii, Bernese Mountain DogsImage copyrightCHRISTOPHE DESCHAMPS

Image captionLisbonne and Hawaii were saved from a house fire thanks to home security tech

Christophe Deschamps was watching a basketball game with his wife and three children when he received an alert on his smartphone.

The home security system told him something was wrong, so he quickly accessed the video feed on his phone.

"I could see smoke," he says. Their home, in the Wallonia region of southern Belgium, was on fire.

The family's thoughts immediately turned to their two Bernese Mountain dogs - Lisbonne and Hawaii - locked in the garage. A terrible family tragedy was threatening to unfold.

The video images now showed the smoke getting thicker and brightness coming from flames off-camera.

The fire alarm had already alerted the firefighters, so the Deschamps family rushed home as quickly as they could.

"It was more important for us to save the dogs than the house," says Christophe. "My wife was crying and panicking, thinking the dogs could die."

Still from security camera videoImage copyrightCHRISTOPHE DESCHAMPS

Image captionThe security camera recorded the progress of the fire in the Deschamps' home

Fortunately, Lisbonne and Hawaii were saved with just 20cm of air left to breathe above the floor of the smoke-filled garage. But the fire damage to the house took six months to repair.

The dogs' lucky escape was due to the indoor security camera Christophe had installed.

The smart camera, made by Netatmo, sends alerts when it hears an alarm - whether smoke, carbon monoxide or security - and automatically starts recording.

It is also one of the first smart home cameras featuring face recognition technology capable of distinguishing between people it knows and strangers.

Parents working late can receive alerts when their kids arrive home, for example, and will receive an "unknown face seen" alert if someone breaks in.

The French company says evidence collected by its smart cameras has led to the successful prosecution of burglars.

Netatmo cameraImage copyrightNETATMO

Image captionNetatmo's video camera includes facial recognition capability

The connected home security market is expanding fast, with companies such as Withings, Nest, D-Link, Netgear, Philips, Panasonic - not to mention the tech behemoths Apple, Amazon and Samsung - all offering an expanding array of internet-connected smart gadgets, from thermostats to motion-sensitive cameras with infrared and audio capability.

"We put the connected home security market at 95.4 million unit sales in 2016," says Francesco Radicati, a technology specialist at consultancy Ovum.

"Service providers, such as Qivicon, AT&T Digital Life, and Vivint Smart Home, are selling device multi-packs including multiple sensors, and these are proving very popular.

"We estimate the market will grow to 744 million devices sold in 2021."

Innovations are coming on to the market thick and fast.

For example, connected light bulb firm LIFX has produced a version that can beam infrared light outdoors, enabling a compatible security camera, such as the Nest Cam Outdoor, to see better in the dark.

The key innovation, however, has been the integration of the smartphone into such connected networks, giving users remote control wherever they have an internet connection.

Nest Cam Outdoor fixed to a wallImage copyrightNEST

Image captionGoogle-owned Nest is developing a suite of connected home devices

But aren't all these security cameras intrusive and even a little voyeuristic?

Netatmo has addressed this issue by making its Welcome camera programmable, so you can disable recording for individuals you specify. And most camera systems can be disabled remotely.

It isn't just our homes that technology is helping keep safe.

Cars are also a common target for thieves. This is why Matej Persolja, 33, founded CarLock, a company based in Nova Gorica, Slovenia, and San Francisco in the US.

CarLock's system plugs into a vehicle's onboard diagnostics port and sends an alarm to your phone if your vehicle is moved, the engine starts, it detects unusual vibration, or if the gadget is disconnected.

Mr Persolja started the business after thinking his car had been stolen. It turned out his car had only been moved to make way for construction work taking place in the area.

Close up of CarLock appImage copyrightCARLOCK

Image captionCarLock can track your car's position

"Before I learned that, I was almost certain my car had been stolen and I still remember that awful feeling," he says.

The CarLock system enables owners to track the location of their car if it has been stolen and also acts like a telematics box recording driving behaviour and the general health of the engine.

And there are a growing number of remote control apps for cars on the market.

Viper's SmartStart app - currently only available in the US and Canada - enables you to start your car, lock and unlock it, and track its movements remotely using your smartphone.

Remote starting is useful for de-icing your car in the mornings while you get ready for work and have breakfast. Even if someone sees the car running and a thief smashes a window to steal it, the physical key is still needed to drive the car off.

You can also keep an eye on your kids' driving habits and receive an alert if they take the car beyond a geographical point that you specify.

Ford is even integrating Amazon's Alexa voice-activated software into its cars, enabling drivers to remotely start their cars with a voice command and personal identification number.

Of course, the elephant in the room with all these connected security products is the risk of being hacked. The UK's National Cyber Security Centre recently demonstrated how a connected doll could be hacked and used to open remote control door locks.

And poorly secured security cameras have been hijacked to carry out web attacks.

Source: bbc.co.uk
 
corner spacer corner
 


Posted by Damien Biddulph on Tue 25th Apr 2017

He pledged in January to quickly develop a program for countering hackers, but no one seems to know who's in charge of developing it or where it is.

16_donald_trump_36_ap_1160.jpg

Since his inauguration, President Donald Trump’s issued a few tweets and promises to get to the bottom of Russian hacking. | AP Photo

President-elect Donald Trump was very clear: “I will appoint a team to give me a plan within 90 days of taking office,” he said in January, after getting a U.S. intelligence assessment of Russian interference in last year’s elections and promising to address cybersecurity.

Thursday, Trump hits his 90-day mark. There is no team, there is no plan, and there is no clear answer from the White House on who would even be working on what.

 

It’s the latest deadline Trump’s set and missed — from the press conference he said his wife would hold last fall to answer questions about her original immigration process to the plan to defeat ISIS that he’d said would come within his first 30 days in office.

Since his inauguration, Trump’s issued a few tweets and promises to get to the bottom of Russian hacking — and accusations of surveillance of Americans, himself included, by the Obama administration.

Meanwhile, more contacts between Trump aides and Russian officials have surfaced — including some omitted from sworn testimony and official forms — and the committee chairman overseeing the inquiry being run by the House got so entangled with the Trump administration that he had to step aside.

Trump did start early with an event on cybersecurity, convening a meeting on Jan. 31 in the Roosevelt Room featuring Rudy Giuliani, who’s leading a group tasked with building private sector partnerships on cybersecurity. “We must protect federal networks and data. We operate these networks on behalf of the American people and they are very important,” Trump said in his remarks then, not addressing a coinciding executive order that was announced to be signed that day but that was abruptly pulled without explanation.

That appears to have led to some confusion about responsibility for the anti-hacking plan in the White House. The National Security Council would normally be involved in creating such a report. But on Wednesday, a NSC spokesperson told POLITICO that he was unaware if the NSC was in charge of compiling it, or if that responsibility fell to Giuliani — or if the report exists.

Giuliani is continuing his work talking to the private sector, but a spokesperson for the former New York City mayor confirmed that he is not involved in any 90-day report.

The White House spokesperson wouldn’t directly address why the deadline was missed.

“The president has appointed a diverse set of executives with both government and private sector expertise who are currently are working to deliver an initial cybersecurity plan through a joint effort between the National Security Council and the Office of American Innovation,” said Trump deputy press secretary Lindsay Walters, referring to the office run by Trump’s son-in-law and top aide Jared Kushner.

Trump made the deadline promise repeatedly. A week after the initial statement, he tweeted on Jan. 13, “My people will have a full report on hacking within 90 days!”

Given the issues at play, cyber security experts worry that missing this particular set deadline could have significant consequences and speaks to deeper concerns about the White House not grappling with clear threats.

“It would set an unfortunate precedent to miss the president’s first important cyber-related deadline,” said Michael Sulmeyer, director of the Harvard Belfer Center’s Cyber Security Project and former director of Cyber Policy Plans and Operations at the Defense Department.

“Ever the critic on the campaign trail, Trump and his cyber team now have the responsibility to keep the country safe from cyberattacks,” Sulmeyer said. “Given so much attention on North Korea this past week, and that North Korea conducted one of the most serious cyberattacks against the United States, we should expect the new administration to be on the case.”

This isn’t the first time Trump has promised more information about intelligence that never materialized. Speaking to reporters pressuring him for answers on New Year’s Eve, the then-president-elect said he knew “things that other people don’t know” that he’d reveal “on Tuesday or Wednesday.”

He didn’t.

Trump said Tuesday a tax reform plan would plan would be ready “very soon,” but Treasury Secretary Steven Mnuchin has said a previously-stated goal of an August roll-out was unrealistic.

And then there are Trump’s tax returns, which he repeatedly said he would release after the completion of an audit. The White House acknowledged recently that Trump might never release his tax returns as promised.

Officials on the Hill say they haven’t seen any sign of the promised cybersecurity report, either.

A spokesman for Senate Intelligence Committee Chairman Richard Burr (R-N.C.) said “I don’t have anything on the record at this time.” A spokesperson for ranking member Mark Warner (D-Va.) declined comment.

“We have little visibility into what they might be working on,” said a Democratic staffer for a committee with jurisdiction, when asked about any familiarity with the report.

Missing the announced deadline demonstrates “a lackadaisical approach to what intelligence officials have routinely said is our biggest national security threat,” said Ned Price, who was a spokesman for the National Security Council in the Obama White House and worked for the CIA during George W. Bush’s presidency. “It speaks to the level of priority that this administration apparently has attached to cybersecurity, which apparently isn’t much — that is in stark contrast to the way the Obama administration addressed this issue over eight years, and especially during the last stretch.”

While the 90-day plan languishes, that vanished executive order on cybersecurity has been making progress. The National Security Council’s cyber directorate is finalizing a multipronged executive order, which experts see as the administration’s chance to declare its cyber agenda. The latest leaked draft, from early February, directs agency heads to use the National Institute of Standards and Technology’s cyber risk management framework to manage their technology assets.

The framework lays out best practices for assessing which computer systems are most important and most vulnerable, and it recommends ways to better protect them. The draft executive order directs the Office of Management and Budget to provide risk assessments of every agency, although sources said that provision could be changed, as it overlaps with existing requirements under the Federal Information Security Management Act.

The leaked draft also includes a provision focusing on the security of critical infrastructure sectors like the energy grid, in addition to sections on the Pentagon’s cyber capabilities and the need for a national cyber-deterrence strategy.

“There was certainly a desire, particularly during the campaign, to do a top-to-bottom review of where things stand. My sense is that will probably be how the executive order is sold, regardless of whether that is exactly how it was conceived or not,” said R. David Edelman, former cyber official at the NSC and the National Economic Council during the Obama administration.

Price said that from his experience, if there isn’t significant work underway toward producing a report and plan, the White House could be at least another 90 days away from finishing one.

“This is not a simple issue,” Price said. “If the clock really is at zero, we shouldn’t expect a well-produced report any time soon.”

Source: politico.com
 
corner spacer corner
 


Posted by Damien Biddulph on Tue 25th Apr 2017

A cloud-first policy is like saying 'the answer's cloud, what's the question', says Ray Bricknell, managing director of Behind Every Cloud

Cloud-first policies are wrong, says Bricknell

Organisations which employ a cloud-first policy, where any new IT requirements will default to being hosted in the cloud unless there's a business reason not to, are wrong.

That's the opinion of Ray Bricknell, managing director of consultancy Behind Every Cloud, speaking at a recent web seminar from V3's sister title Computing called 'Cloud mix and match, getting the balance right'.

"I disagree with any organisation that takes a cloud-first policy," said Bricknell. "It's lke saying 'the answer's cloud what's the question?'"

One high-profile organisation to have adopted such a policy is the UK government, who announced its cloud-first intentions in 2013.

And recent research from Computing found that 20 per cent of UK-based firms are currently pursuing a cloud-first strategy. By 2019, this is anticipated to rise to 40 per cent.

Bricknell added that in his opinion cloud isn't necessarily the best choice for hosting applications, storing data or running services.

"It's not true that cloud is always the best and most cost-effective way to do something. The question should be: what are you trying to achieve? IT should get back to that level of questioning," Bricknell argued.

Jon Forster, global programme director at Fitness First was also on the panel. He agreed with Bricknell, but added that a cloud-first policy can work "if there's a sound strategy behind it," in other words, if cloud is used for a reason, not just by default.

The panel also discussed the way IT commonly puts business cases together for new technology investments or strategies. Bricknell criticised the idea that IT could formulate a business case in isolation, then take it to the business for approval only once fully formed.

"If you get to the point of saying 'I have my business case, and now I need to take it to the business and ask them to sign it off', you're a bit late," he said. "At that point you've not enaged them as you've already gone quite far down the road. By the time you've created the business case you should already have engaged with them. You should be saying 'I'm doing this because you're going to need it'. If you don't have a business person with you as you're creating it, it's going to fail," Bricknell argued.

He added that in his opinion, the decision as to whether to use the cloud should come down to a pure decision about where a system will work the best for the business.

"You have to look at the best execution location for your workload. What's the workload? What are the attributes of that workload, in terms of scalability, privacy, compliance, variability? Once you know that, then you can determine where it's run. And then that dictates the business case," he said.

Source: v3.co.uk
 
corner spacer corner
 


Posted by Damien Biddulph on Tue 25th Apr 2017

Researchers find more than 100 vulnerabilities in popular online coding videos

Code

Finger of blame for insecure coding pointed at online developer tutorials

Research across a number of universities in Germany indicates that insecure code is being introduced into software as a result of popular online tutorials.

The researchers checked the PHP code bases of more than 64,000 projects on Github, finding more than 100 vulnerabilities that they believe might have been introduced as a result of the developers picking up the code that they used from online tutorials.

"The Web is replete with tutorial-style content on how to accomplish programming tasks. Unfortunately, even top-ranked tutorials suffer from severe security vulnerabilities, such as cross-site scripting (XSS), and SQL injection (SQLi)," suggested the researchers in their paper.

"Assuming that these tutorials influence real-world software development, we hypothesize that code snippets from popular tutorials can be used to bootstrap vulnerability discovery at scale."

Identifying the most popular online tutorials for tools such as the MySQL database, PHP and Javascript via Google, the researchers then cross-checked the content of these tutorials with standard guidelines. "Among the top five results (30 in total), we found nine tutorials that contain vulnerable code: six tutorials with SQLi, and three tutorials with XSS," warned the researchers.

In total, the researchers claim to have uncovered a total of 117 vulnerabilities.

"We manually verified a total of 117 vulnerabilities in our data set. Of these, 8 vulnerabilities were replicas of code from a popular SQL tutorial that we found on the first Google results page," concluded the researchers.

They continued: "Although all of the eight vulnerabilities were found among non popular code repositories, the finding shows that ad hoc code re-use is a reality. We are in the process of notifying the tutorial authors about our findings.

"Our hope is that the presented vulnerabilities are fixed in a timely manner, so that developers borrowing code from these tutorials in the future will not inherit the same vulnerabilities in their code.

"Eighty per cent of the discovered vulnerabilities were SQLi vulnerabilities, and the rest were XSS and path-traversal vulnerabilities." 

Source: v3.co.uk
 
corner spacer corner
 


Posted by Damien Biddulph on Mon 24th Apr 2017

Tesla AutopilotNewTesla

Law firm Hagens Berman has filed a class-action lawsuit alleging Tesla misled consumers about the self-driving capabilities of Autopilot 2.

The class-action suit, filed in California's Northern district court on Wednesday, alleges the new Autopilot is "essentially unusable and demonstrably dangerous."

"What consumers received were cars without standard safety enhancements featured by cars costing less than half the price of a new Tesla, and a purported 'Enhanced Autopilot' that operates in an erratic and dangerous manner," Steve Berman, managing partner of Hagens Berman, wrote in a press release.

Tesla called the lawsuit a "disingenuous attempt to secure attorney’s fees posing as a legitimate legal action" in a statement to Business Insider:

"Many of the features this suit claims are 'unavailable' are in fact available, with more updates coming every month. We have always been transparent about the fact that Enhanced Autopilot software is a product that would roll out incrementally over time, and that features would continue to be introduced as validation is completed, subject to regulatory approval," the statement reads in part.

Tesla began selling cars with the hardware to support Autopilot 2, or Enhanced Autopilot, last October. Tesla has said Enhanced Autopilot will have the same capabilities as its first-generation system with some new features, such as the ability to change lanes without driver input and merge on and off highways.

As of early April, Tesla Enhanced Autopilot owners have access to a suite of features including lane departure warning, autosteer, automatic lane changes, summon, autopark, forward collision warning, and traffic aware cruise control.

Tesla's order page says its Enhanced Autopilot software has "begun rolling out and features will continue to be introduced as validation is completed, subject to regulatory approval." Enhanced Autopilot costs $5,000 at the time of purchase.

The class-action suit alleges Tesla owners did not receive Enhanced Autopilot's standard safety features on the timeline that was originally promised. It also claims the Traffic Aware Cruise Control feature that did roll out is "dangerously defective."

Hagens Berman began pitching the class action lawsuit to Tesla owners in late March. The law firm is known for leading a class action lawsuit against Volkswagen for using emissions-cheating software. 

Read Tesla's full statement:

"This lawsuit is a disingenuous attempt to secure attorney’s fees posing as a legitimate legal action, which is evidenced by the fact that the suit misrepresents many facts. Many of the features this suit claims are “unavailable” are in fact available, with more updates coming every month. We have always been transparent about the fact that Enhanced Autopilot software is a product that would roll out incrementally over time, and that features would continue to be introduced as validation is completed, subject to regulatory approval. Furthermore, we have never claimed our vehicles already have functional “full self-driving capability”, as our website has stated in plain English for all potential customers that “it is not possible to know exactly when each element of the functionality described above will be available, as this is highly dependent on local regulatory approval.” The inaccurate and sensationalistic view of our technology put forth by this group is exactly the kind of misinformation that threatens to harm consumer safety."

Source: uk.businessinsider.com
 
corner spacer corner

Veeam Specialist Microsoft Small Business Specialists Birmingham Microsoft Gold Certified Partner Birmingham Siemens Solution 1 Reseller Birmingham Sonicwall Specialists Birmingham Business Link Approved Birmingham Fujitsu Primergy Certified Partner Birmingham Facebook Follow us on Twitter ESET NOD32 VMWare
IT Support
IT Services
IT Solutions
Get Support Now
Sitemap
© 2017 Discus Systems plc. All rights reserved. Content Management by Verve Digital