'KFS have worked with Discus on a number of projects for IT infrastructure – servers, Local Area Networking, workstations and laptops, Wide Area Networking (VPNs - both site to site and secure remote access), security, email, spa... Martin Davies, Key Forensic Services - Coventry
Skype users are at risk of being infected with a new trojan dubbed T9000 that can record video calls, audio calls and chat messages.
Researchers at Palo Alto Networks discovered the new type of backdoor malware and explained that once installed it can evade detection by many popular antivirus systems, including some big names such as Kaspersky and Panda.
The full list from Palo Alto of security firm's software it can dodge is: Sophos, INCAInternet, DoctorWeb, Baidu, Comodo, TrustPort, GData, AVG, BitDefender, VirusChaser, McAfee, Panda, Trend Micro, Kingsoft, Norton, Micropoint, Filseclab, AhnLab, JiangMin, Tencent, Avira, Kaspersky, Rising and Qihoo 360.
T9000 is a new variant of T5000, first spotted in 2013. The payload is hidden inside spearfishing emails with an infected .rtf document, but is sophisticated enough to get in through other means, when its controllers have the will.
Once installed the software can record Skype calls and upload them along with text chats to a server. It can also take regular screenshots. The only saving grace is that a user has to give it permission, albeit unknowingly.
An API request asking for permission for explorer.exe to access Skype appears. In reality this should never be needed so it should be quite clear it's dodgy.
The researchers explained: "The victim must explicitly allow the malware to access Skype for this particular functionality to work. However, since a legitimate process is requesting access, the user may allow this access without realising what is actually happening. Once enabled, the malware will record video calls, audio calls and chat messages."
A computer with granted permissions could also have documents stolen, even on removable drives. Skype is used more and more by businesses as part of the Office suite, so there is the potential for hackers to uncover potentially lucrative information.
Palo Alto has published a list of indicators that your machine is infected as the sheer complexity and audacity of T9000 means that prevention is more or less the only form of protection at the moment.
Meanwhile, Microsoft has said that it protects users from the malware with security updates. “To further protect our customers, we’ve added detection for the malicious software known as T9000 to Windows Defender," the firm said.
"Customers that have installed security updates released in 2012 (MS12-060) and 2014 (MS14-033), either manually or by enabling automatic updates, will already be protected. Our recommendation is to enable automatic updates, which installs the latest security protections, and to use the latest version of Skype."
The government will spend £4bn on technology over the next five years to move the NHS away from paperless records to digital systems.
Health secretary Jeremy Hunt told the BBC that the investment will help rid the NHS of bureaucracy caused by managing paper records, and “ease pressure on the frontline and create stronger relationships between doctor and patient”.
"We know that proper investment in IT - it's not without its pitfalls - can save time for doctors and nurses and means they can spend more time with patients," he said.
This builds on the £1bn the government has earmarked in the Autumn Statement for driving new technology adoption in the NHS. The full details for how the £4bn of investment have yet to be broken down, but it is expected to include £1.8bn to remove out-dated paper-based systems such as fax machines, £1bn to bolster cyber security and data access, £750m to improve out-of-hospital care with more digital systems, and around £400m to create a nhs.uk website, healthcare apps and free WiFi across the service.
A significant element of a paperless NHS will involve allowing patients to book services and order prescriptions online, as well as speak to their doctor online or through a video link.
The funding will also look to ensure that all NHS patients have access to their own electronic health records, as well allowing that data to be shared between clinicians and other healthcare professionals to cut out the need to repeat information to different health services.
Creating a paperless NHS with interoperable digital health records is nothing new for the service, which is slated to achieve the goal in part 2018 and in full by 2020.
Furthermore, moving away from paper records and embracing more digital data has previously been championed as a way to help the NHS save money and survive amid savage budgets cuts and efficiency measures.
However, the Care.data initiative, designed to provide a database of anonymous patient information, has already been delayed after it was relaunched following controversy over the use of big data in healthcare.
This article was originally published on Computing.
Be warned that if you use Malwarebytes Anti-Malware, a popular piece of software for combating malware, there are some major vulnerabilities in the program – and these won't be fixed for some time yet.
The security flaws were first discovered by researcher Tavis Ormandy, who is part of Google's Project Zero team that searches out exploits. Ormandy informed Malwarebytes of the vulnerabilities back in November, but now more than three months has passed, the details have been made public (which is Project Zero's policy).
Obviously, that makes these security holes all the more dangerous, as when it comes to malware authors and peddlers, all and sundry are now aware of the issues and can attempt to exploit them.
Apparently, Malwarebytes was able to fix a number of the vulnerabilities pretty much immediately after being told server-side, but patching up the client software is a different and evidently entirely trickier matter.
As it stands, the company says that it is now testing a new version of the client software with the flaws patched, but this won't be released for another three to four weeks, worryingly.
Ormandy listed four vulnerabilities which affected Malwarebytes Anti-Malware, the principal one being that the program gets its signature updates over HTTP, which could potentially allow a man-in-the-middle attack to be successfully instigated.
In a blog post, Malwarebytes said: "The research seems to indicate that an attacker could use some of the processes described to insert their own code onto a targeted machine. Based on the findings, we believe that this could only be done by targeting one machine at a time. However, this is of sufficient enough a concern that we are seeking to implement a fix."
Note that if you're using the premium (paid-for) version of Malwarebytes Anti-Malware, you can go to settings and enable self-protection, and that will apparently take care of these vulnerabilities. Free users don't have that luxury, unfortunately.
Keeping your computer secure has never been easy, but lately, simply protecting against viruses and malware with software tools isn’t enough. Increasingly deceptive tactics are being used on the Web, but fortunately, Google is doing its best to combat this.
For years the company’s Safe Browsing has protected against phishing, but late last year it also debuted new features to protect against social engineering. Google announced yesterday in a blog post that it is building on that by blocking sites that contain what it considers to be “deceptive ads.”
To keep things clear, Google laid out two very specific examples. When ads or other embedded content “pretend to act, or look and feel, like a trusted entity — like your own device or browser, or the website itself,” or “try to trick you into doing something you’d only do for a trusted entity — like sharing a password or calling tech support,” this will be considered social engineering.
Google includes a number of examples in the blog post. Fake download buttons, update notifications, and play buttons for media files are all counted among these deceptive ads. Surely readers have seen these before — sometimes they’ve been served up through Google’s own AdSense — but hopefully we’ll begin to see less of them now.
This builds upon existing protection from social engineering that debuted in November of last year. That update protected against more serious attacks, like content that pretends to be from a government or bank, or content that attempts to trick users into calling a fake tech support number. A number of these still make it past Safe Browsing, but certainly seem to be less prevalent than before.
As Safe Browsing is a Google technology, it’s turned on by default in Chrome, but that’s not the only browser that uses it. Both Firefox and Apple’s Safari browser use Safe Browsing as well.
For more information and examples, see Google’s blog post about the update.
Over the past year or so, one of the biggest tech stories has been about one of the smallest things: a USB plug. Specifically, the new USB Type-C plug and port, which promises to become the single thing that we can use to connect all our devices, from monitors to phones to computers to whatever we dream up next.
USB-C has the support of the biggest companies in the tech industry. Apple and Google released the first laptops to use it, and now it’s showing up on computers, tablets, and phones all over the place. USB-C is reversible and can deliver huge amounts of both power and data very quickly. Importantly, it’s also backwards-compatible so that adapters and cables can get us through the awkward period between now and when it actually becomes the universal standard.
It’s that last bit that has USB-C in trouble. Right now, if you aren’t very careful, a USB-C cable can destroy your laptop. If you just go to Amazon and buy any pack of USB-C cables you find, you could end up with a wire that can destroy your machine in a flash.
IF YOU BUY THE WRONG CABLE, YOU COULD DESTROY YOUR LAPTOP IN A FLASH That’s what happened to Google engineer Benson Leung, who, in the course of testing a USB-C cable, destroyed his Chromebook Pixel. It happened instantly. It also happened to me — I used a cheap cable I found on Amazon to charge my Nexus 6P and it drew too much power from my MacBook Air’s USB ports. Apple did a remarkable job engineering the MacBook’s ports — they shut down temporarily to protect themselves — but when they came back online, they only worked intermittently.
The problem is that when you plug a USB device in, it starts drawing power. If it tries to pull too much power, the device that supplies it can burn out. It’s not the Nexus’ fault that my MacBook got fried — it was just doing what it was supposed to do: ask for as much power as it can get. It’s not the MacBook’s fault either — its ports weren’t designed to handle delivering that much juice nor to know that they shouldn’t even try. It is the fault of the cable, which is supposed to protect both sides from screwing up the energy equation with resistors and proper wiring. This kind of failure is possible with any cable, but older kinds of USB devices didn’t draw this much power.
THE ONLY PERSON ACTIVELY HELPING CONSUMERS IS A SOLITARY GOOGLE ENGINEER The solution should be simple, then: just don’t buy cut-rate USB-C cables. But "just buy the more expensive one" is a really crappy solution. Right now, if you want to buy a safe cable, you have to know Leung is the only person vetting them in a broad way on Amazon. Here’s the process you have to go through:
Know that this is an issue in the first place. Know that this one helpful Google engineer is the only person testing and reviewing USB-C cables. Go hunting for Leung’s reviews on Amazon (or, alternately, discover this spreadsheet or this website created by redditors to aggregate his reviews). Buy a cable. Pray.
This process is insane, and it shouldn’t be this way. In fact, I believe this failure should have been obvious to everybody involved in the creation of USB-C. Apple and Google helped design the spec, but a little-known industry group called the USB
Implementers Forum is in charge of maintaining and propagating it. It does have a certification process for approving cables.
When I asked about this issue, the USB-IF noted that it has certified 61 cables so far and that it "continually meets with the major retailers in North America, including Staples, Best Buy, and MicroCenter to educate about the importance of compliance and certification."
It also pointed me to its logos that certify safety, which look hilariously outdated:
USB-IF Logos But the real problem isn’t the logos, it’s that you can’t find them anywhere on the biggest electronics retailer on the internet: Amazon. If you want to buy a cable on Amazon — where you already shop — you will need to go through that five-step process above.
When hoverboards started exploding, the industry reacted. Amazon pulled sales, manufacturers stepped up their standards, and ultimately we got to a place where UL started certifying boards as safe. We’re not at the danger-to-human-life-and-limb stage with this USB-C problem, but nevertheless, we need a similar solution now.
WE FIXED HOVERBOARDS. NOW FIX THIS Apple solved this problem with its proprietary Lightning cable. It has a "Made for iPhone" licensing program, and anything that doesn’t have that label is potentially dangerous. With USB-C, Amazon needs to pull dangerous cables from its store and every single retailer needs to demand that USB-C cables are certified. And the USB-IF needs its partners like Apple and Google to help push cable makers to stop making dangerous products. And, you know, a better logo wouldn’t hurt, either.
Even if these problems get fixed, USB-C still faces the usual aggravations that come with any new kind of connector. I’ve watched basically every kind of computer cable imaginable in the past 30 years take an achingly long time to propagate through the industry, and it’s always a hassle.1
Because I understand how slow these things go, I can accept that I still can’t connect my Apple-made laptop with my Apple-made display because finding adapters that work is nigh-impossible. I can also accept Intel’s frustrating pace of integrating its own Thunderbolt (not to be confused with Apple’s Lightning) standard into USB-C. USB-C is going to take awhile before it’s the standard.
But it will never get there if the only way to know whether a cable will literally blow up your expensive laptop is a single, heroic engineer leaving Amazon reviews and Google+ posts. Amazon needs to stop selling bad cables. Google, Apple, and everybody who makes devices that use the port need to get together and figure out how to let consumers know which cables are actually safe to use. Until that happens, consumers can’t trust this new standard — and that’s a great way to kill it before it takes off.
New research looking into polymer capabilities seems to point us in a direction several steps beyond the doomed Google Glass experiment: contact lenses could soon become computer screens.
I don’t have my phone’s notifications turned on. None. I have no audio or vibration. There’s no need. Even some of the most reluctant users might check their phone dozens of times a day.
Why, I wonder, would you need to be alerted towards its function? Well, there’s a chance pretty soon we’ll need neither phone nor notifications. That’s if the University of South Australia is right.
Australian researchers have developed a proof of concept on a polymer thin-film coating, which could act as a miniature circuit on top of your eye.
The lens polymer conducts electricity on the contact lens, meaning our smart devices may no longer be as far away as our pocket.
Okay, to be honest, it’s not quite PS4 or Galaxy Edge on your contact lens that we’re talking here, more a health wearable, monitoring the user at source.
The same team of researchers that worked on “fully plastic car mirrors” a few years back have now partnered with a UK operation that specialises in contact lenses, bringing their ultra-thin polymer projects right to your eyeball.
Associate professor Drew Evans claims he always knew his coating technique “had potential for many applications”, with this nanoscale production that could allow the polymers to grow directly on contact lenses taking his team’s research a huge step further.
“The fluids in the eye provide markers of a person’s health, so our goal now is to build electrical sensors on a contact lens from our polymers to sense in real time a person’s wellbeing,” said Evans.
“The next big leap is to develop complementary technologies to read the information transmitted by the conducting polymers.”
Evans reckons wearable computing is a natural progression from this proof-of-concept project, which is published in ACS Applied Materials and Interfaces.
“What is really significant is that the materials we are developing are not only safe but also have the potential for a range of personalised health-monitoring applications that could make life simpler for people struggling with chronic health problems.”
After that? Maybe we can take augmented reality to a whole new level. You never know.
Steve Ballmer stepped down as the CEO of Microsoft two years ago, handing over the reins to Satya Nadella.
Microsoft has made some notable changes since his departure, in practice and rhetoric, including an enthusiastic embrace of cloud computing and a more cooperative stance toward computing platforms from other companies. The market seems to like the change: The stock price has gone up around 40% in the last two years even as earnings have stayed relatively flat.
Ballmer, meanwhile, has carved a new life for himself as the owner of the NBA's Los Angeles Clippers, where he shows his enthusiasm from the sidelines at many home and away games.
We caught up with Ballmer to ask him about his life after Microsoft and his thoughts on technology and the game of hoops.
Matt Rosoff: How's life? Are you adjusting to not working insane hours at a high-stress job anymore?
Steve Ballmer: I loved every minute of my time at Microsoft, but I had always envisioned having another phase of life just because I thought that would be interesting. It had never been my plan to work until I literally didn't want to do anything and then hang it up. For me, and certainly — yes, the time is less.
But the No. 1 thing is that life is just not as interrupt-driven as when you're running a company. When you're running a company, you have employees — lots of them — that can interrupt your schedule. You have customers that can interrupt your schedule. You have a certain obligation to wave the flag because people expect to get out and wave the flag. The number of ways that others can command your time is high. At this stage, I get to pick and choose a little more. Not that there aren't some things that have to be done, but I get a little more control over my time.
I've found three or four things that are quite interesting to me that I'm focused on. That's been fun.
The Clippers is obviously one of them.
I've been doing lot of work, and hopefully will bring it to fruition in a way people can see it, really understanding — this is going to sound funny, but what does government really do, how is it really funded, and what measures exist to evaluate how it does at what it does? No forecast, no policy, no prediction, just a realistic perspective on what is. Call it like a "10k for government" we've been working on with a website, with additional data.
Rosoff: What's that called?
Ballmer: It doesn't have a name; we're kind of working away on it. It actually turns out to be much harder to really understand government across state local and federal. It's a little harder to understand, and the ability to understand it in a way I would want to ... "There's no CEO for the government." But if you were CEO for a day at the government, would you have tools and reports and wherewithal to look at government the way a business would look at its lines of business, its spending, its revenue? I've actually been working, first by myself and then with a group of people, on then on and off, and now much more on, almost since the I time left Microsoft.
It's mostly an exercise that I find might be thought-provoking. Right now I'm pretty fired up and there's some interesting stuff in there.
Steve_Ballmer_Basic Ballmer BioBI
Third, my wife spent a lot of time on what we do from a civic contribution giving perspective, for a number of years, I've really joined her in that. We're focused on issues in the United States, particularly issues with people who have been trapped in neighborhoods in what I might call intergenerational poverty. It's not clear what kind of real contribution we can and should make, but we've been spending a lot of time focused in on it and it builds off work my wife has done, particularly focused in on child welfare. Last but not least, I'm a shareholder in Microsoft Corp. of some size, and while I don't work for the place anymore, I think a lot about that investment, how — as an outsider — might I add value or not add value? Do I believe that things are headed in a good direction? So I wouldn't say I spend the majority of my time on that, but I spend some time on that as well.
Rosoff: What's your relationship like with Microsoft today? Do you talk to new CEO Satya Nadella or Bill Gates often, or are you truly checked out?
Ballmer: First of all, I'm not an insider. I'm not on the board. I'm an outsider. That implies a certain kind of separation ... because the company can't, without an appropriate nondisclosure and trading rules, share confidential data with me that it would not share with any other shareholder. You could say that implies a certain kind of separation.
I talk every quarter to the CFO. I meet with Satya what probably amounts to four or five times a year — either to brainstorm something or just as a shareholder, we'll sit down and chat. That's always quite helpful for me and hopefully him in terms of thinking things through. I still have a number of friends and colleagues who occasionally want to brainstorm or chat about something, and that's always fun.
bill gates steve ballmer and satya nadella greet microsoft employeesMicrosoft Bill Gates, Satya Nadella, and Steve Ballmer talk to employees on the day Nadella was named CEO.
But I can't say I'm checked out because I do spend lot of time thinking about the place as an investment. And at the same time I'm not an insider or board member who's trying every day to hold the management team directly accountable and/or input into product strategy. I feel free to interject the things I can see from my vantage point. Certainly I'm not shy about sharing those.
Rosoff: Can you share some of those things? What do you think about the state of the company today? It looks like it's doing pretty well. They had a solid last earnings report. The stock went up about 5% after that.
Ballmer: Since I'm not a seller of the stock, I don't really care what it is today. In many ways I think the company's doing quite a good job. If you look at the transition to Office 365 we started when I was there, I'm excited about that and I think the company's doing a great job on that.
When you take a look at the transition from server software to Azure, what's going on in terms of cloud infrastructure, the company is absolutely the No. 1 company serving enterprise backbone needs, which is fantastic. It's making the migration to cloud. We started a good thing with Azure, and the company has made well more than two years of progress in terms of being able to compete with the right cost profile, margin structure, and innovation versus Amazon.
There's still a lot to do on that. It's not like the company rides the same momentum. I think the company in terms of the investments it's making in evangelizing those products, supporting those products technically, I think it's really doing a good job. That's a big challenge. Amazon has also done a very nice job with AWS. In some senses it's part of the nomenclature now, particularly in the startup community even more than in the enterprise community. I see that in some of the startups I've been involved with just in the sports arena.
Steve_Ballmer_Microsoft since BallmerBI
From a client perspective, I really think the work Microsoft's doing with Surface, with HoloLens, with Xbox, that stuff's absolutely essential to the company's future. Because innovation in the future will either be from the cloud out to all devices, or from devices as supported by software in the cloud. I think it's important for Microsoft to participate both ways. I think you see that with the work the company's pioneering with Surface, even more so with HoloLens and Xbox. In terms of the public positioning of the company, Satya's done a very good job. He sort of pivoted in a way that I don't think would have been possible for me to do even if I'd seen it that way, to really talk about this mobile-first, cloud-first world. He's right. You might say it's obvious, but it was an important perception point. I think he's done a brilliant job on that, which is outstanding.
I love the fact that he's checked the checkbox for cross-platform for a number of our services. I still think it's very important to do the right kind of innovative integration across Windows and our hardware platforms with our cloud services. I think the company's doing a lot of good stuff. Real competition in AWS. Real competition in terms of the clients, particularly from a hardware perspective, there's also [competition] from Chrome. But all in all pretty good.
As a shareholder I have expressed my frustration with not getting more information about revenue and margins from the cloud.
And the company really has to chart a direction in mobile devices. Because if you're going to be mobile-first, cloud-first you really do need to have a sense of what you're doing in mobile devices. I had put the company on a path. The board as I was leaving took the company on a path by buying Nokia, they kind of went ahead with that after I told them I was going to go. The company, between me and the board, had taken that sort of view. Satya, he's certainly changed that. He needs to have a clear path forward. But I'm sure he'll get there.
Rosoff: You invested in Twitter. What's the potential there? They're kind of at a low point there in terms of the stock, they have a new CEO. Why do you like Twitter?
Ballmer: If you look at companies with upside potential, Twitter's right there. They've established a brand in a world where it's extremely difficult to establish a brand. It's a global brand, people recognize it, people want to let you know what their Twitter handles are, etc.
steve ballmer twitterTwitter
No. 2, I think there are lots of opportunities to improve the product. When you read the press, people say, "Oh, the product needs improvement." I look at that and say, "Hey, that's an exciting thing to get behind!" Because they can improve that product. That leaves more upside from an innovation and revenue potential than you're gonna find in [a] lot of places. So you could say that's a downside, I see that as an opportunity. No. 3, ... you look at the cost structure, Jack's already started taking some steps. The cost structure probably does have opportunities to be improved, both in terms of the cost of running the services, and the number of headcount it takes to build them and market them.
So I see a lot of upside of the power of very important service with a very good brand. They have had a bit of a tough run from a stock-price perspective, but over the longer run, I think they'll continue to be a great company. I think they'll improve what they're doing, and I'm pleased to be a shareholder.
Rosoff: A lot of folks when they step down from running a company do some angel investing. Are you doing much of that? What are you seeing out there?
Ballmer: In general, I'm pretty busy with the other things I charted ... I bought a piece of a sports-tech company. We do a lot of work with at the Clippers. I think that'll be great. We're really looking at the possibility of extending and building a real over-the-top distribution channel with value-added services for the Clippers, that could lead to other partnerships and investments. But most of the stuff I'm looking at isn't because I say, "Hey, I want to invest." It sort of comes around from the work we're doing with the Clippers.
Rosoff: You're a math guy. You were a math major at Harvard. How are you applying that to the Clippers? Are you trying to apply rigorous data analysis to make the team better? Is it possible to take a sabermetrics kind of approach to the NBA?
Steve_Ballmer_4 big projects todayBI
Ballmer: The level of analytics support in basketball is super high already. We have very good people using the data. If you want to know statistically every pick and roll — you know there's 12 kinds of pick and roll? So every pick and roll involving LeBron James and Kevin Love of a given type against a given kind of opponent with a given defense and what the expected score rate was, that's a query we can pose. And if you want to see video of every one of those pick and rolls, boom, that can be drawn up.
The company I invested in is probably a leader in that area. They're a company called Second Spectrum, which happens to be based in LA but was started by two USC computer-science professors. It's filled with guys who love sports, who played sports, but really look like programmers.
Every NBA arena has six cameras in the ceiling. The question is what does the software do with video feeds? How to surface that in a set of analytics? There are some "playbooks," but in most sports these days what you really want to share out with coaches and players is a set of video that lets you visualize what's going on and what's the best way to do things. So you sync the video, the software can process the video feed, and the software can learn. It can learn, "Ah, that's this kind of pick and roll." Doing that work, it'll become more automated, it'll become more real-time, all of which will be valuable, both in terms of the analytics function, but also in terms of changing the viewer experience for a sports event.
Los Angeles Clippers owner Steve Ballmer poses for a portrait in Culver City, Los Angeles, California September 24, 2014. REUTERS/Lucy Nicholson Thomson Reuters Ballmer is a fairly active owner with the Clippers.
There's a huge crowd out there that basically will go nuts recommending to every coach on the planet, "Hey, coach, I've been playing with the analytics. I think you should do X, Y, and Z." That said, analytics only goes so far. Basketball, more than baseball, for example, is really a team sport. Baseball is a set of individuals doing their thing in the same team, but it's much more individual. In basketball people are making real time decisions about who gets the ball, do we trust everybody out on the court, and the analytics certainly don't show you all those subtle dynamics, but they're very important.
Rosoff: It also seems like there are a few types of players that can't be analyzed, like, say, Steph Curry this year. How do you beat him?
Ballmer: Well, a couple guys have beaten him. If you look at who played him really well, we happened to lose both games, but we were ahead in the last few minutes both times in Golden State and in LA. You could fairly argue he played them better than anyone in the league. With Blake [Irving] in the lineup — that's important, and he's out right now. A lot of people say they're unbeatable. I'd say, hey, we're the guys who can beat them. Whether we will or not, that's why they play games.
It is interesting to note, the last time they got beat in the playoffs, we beat them. That was two years ago, but the last playoff series they lost, they lost to us. Also, it's interesting to note, the last playoff series the [San Antonio] Spurs lost they lost to us. So we're certainly an elite team. I'm not taking anything away from either team. They're great teams with great players.
Rosoff: Talk to me about your relationship with Clippers coach Doc Rivers. Is it like working with a manager at Microsoft? Are you more or less involved?
Ballmer: I'd characterize it as similar, but a step more remote.
[At Microsoft] I had many years of experience and history and seeing connections. With my direct reports, the job at Microsoft was to delegate and then be able to properly review, but not to micromanage. To have a way of connecting and integrating without getting in the way. At the same time, I had a broader perspective, I could help put things in context, and had a lot of experience.
I don't have a lot of experience running basketball teams, and frankly Doc sees the whole playing field in terms of what players are available, how they might play together, certainly the way to architect how the team plays, what kind of style we play, what kind of plays we run. I won't say I'm in the middle of any of that. I'm just trying to get smart enough even to understand everything going on. As much of a fan as I am, I haven't played the game since ninth-grade. If you told me when I bought the team that there were 12 kinds of pick and rolls, I would've told you I have no frickin' clue about that.
If you told me when I bought the team that there were 12 kinds of pick and rolls, I would've told you I have no frickin' clue about that. Rosoff: Do you have any particular rivalry with Mark Cuban, given your mutual tech backgrounds?
Ballmer: Not with Mark. But the thing this summer with DeAndre Jordan — is he going to Dallas? — we kept him. I think there's a storyline about the Mavericks and the Clippers, which is fine. Mark himself is a good owner, he's constructive in terms of his participation in league meetings, and I think the league benefits by having Mark as an owner.
Rosoff: On behalf of my old friends in Seattle, will they ever get a team?
Ballmer: Sure. The only question is when. I wouldn't anticipate that happening in the near future. The league certainly doesn't have — at least as far as I know, there's been no discussion of expansion.
I can tell you first-hand from my experiences with Sacramento, the league does try to honor the fan bases it has, and encourage teams to stay in their home markets. The last case that didn't happen was the Sonics moving to Oklahoma City. And I think that's a good practice. It's fair to the people who invest their lives, whether it's in the Sonics, or the Clippers, or the Sacramento Kings.
Rosoff: Bill Gates has said his guilty pleasure is his airplane. What's yours?
Ballmer: A plane is a guilty pleasure. I have one. It's a great luxury. I appreciate it. I couldn't do what I do. It's not something you can write down as anything other than, "Wow, I can't believe I have this and I'm absolutely spoiled and entitled." On the other hand, I have one and I use it.
There are other ways I think of myself as spoiling myself ... I ... get a massage once a week. Other people can, I didn't used to, and I can now.
It's the luxury of time that lets me in some ways now spoil myself. I get my workout in every day. I get a good, long sleep every day. I won't say they're guilty pleasures. When I first left Microsoft, I would say I spent the better part of a year saying, "OK, how do I get as busy and crazy and manic as I was at Microsoft?" Since then I said, "No, I'll make a bigger contribution in this phase of my life by being able to pick and choose, not being so manic, having time to step back, a little more time for what I'll call discernment rather than just activity."
Although these offending programs surfaced about 10 years ago, it wasn’t until 2013 that their mass distribution commenced along with fake antivirus scanners, from which file-encrypting malware actually evolved. In 2014, the trend continued, and in 2015, ransomware grew into the prevalent computer threat on the loose.
The campaigns started with targeting end users and are now steadily moving to the realm of organisations, hitting businesses, police departments, even NGOs, and governments. Obviously, these organisations have more data and hence more to lose; furthermore, they have more money at their disposal.
Ransomware variants range from moderately harmful browser lockers to real disasters that encrypt files with strong RSA encryption using 2048-bit keys. Not only do these plagues employ intimidation tactics based on the risk of losing data, but they may also blackmail victims by threatening to put sensitive files online for everyone to see unless the ransom is paid.
The security industry is discovering new variants of ransomware virtually every day. Cybercriminals leverage popular business models, including affiliate schemes and the so-called Ransomware-as-a-Service.
In 2016, computer users need to be particularly watchful to avoid these threats. Data backups are vital in these circumstances, but they are still rarely utilised by the average user. It’s ransomware that is teaching us to make backups.
With plenty of these strains out there, there are three particularly widespread and dangerous ransomware samples that have caused huge financial losses to individual and enterprise users.
This sample appeared in September 2013. It accommodated all the characteristics inherent to ransomware: the ability to infect computers by means of phishing and via malicious links, the use of a crypto algorithm to lock a victim’s files, and a notification holding the ransom instructions. The buyout can be done through Bitcoin or a prepaid voucher – either way, the payment is practically impossible to track down.
CryptoLocker reportedly brought its authors several million dollars within a very short period of time. The original build of CryptoLocker is now defunct. It was thoroughly dissected by researchers who came up with a decryption tool and was ultimately taken down by law enforcement.
Regretfully, the cybercriminals were able to share their knowledge and tactics, which resulted in the appearance of new versions along with a number of copycats. The present-day breeds have a different code than CryptoLocker, but they act the same way. For some reason, the fraudsters like to name their new products after this infamous infection, and the difference cannot be determined without in-depth analysis.
New incarnations of this pest are widely present among the most heavily distributed ransomware. The extortionists apparently found the use of spam emails and spear-phishing emails with rogue attachments to be the most effective distribution model. The recent builds are highly sophisticated. To thwart interception by email scanning solutions that can follow hyperlinks, the virus requires would-be victims to visit a rogue site and type a CAPTCHA string before the payload is executed.
TeslaCrypt, which was first detected in February 2015, is currently the most active ransomware. It has since evolved to version 3.0. People may also know TeslaCrypt as the .vvv file virus because one of its variants would encrypt its victims’ files and append them with .vvv extension.
Computer help forums are full with requests to help with decrypting .vvv files. As security researchers are constantly busy looking for vulnerabilities in the ransomware code and sometimes successfully decrypt files encoded by TeslaCrypt, the criminals in their turn improve the code to patch those flaws. TeslaCrypt originally targeted gamers, making them pay to unlock the respective data. Along with documents, therefore, it was also after files related to popular video games.
A popular vector of contaminating computers is via the Angler Adobe Flash exploit. Meanwhile, multiple cases of distribution through spam emails with rogue attachments have been reported as well.
As with all the most successful and thus dangerous threats of its kind, CryptoWall has gone through four iterations to date. We have CryptoWall 4.0 now. As per approximate estimates, this infection has earned its makers more than $300 million since it went live.
It took the bad guys about a year to get from $20 million to the above amount, which demonstrates how rapidly this underground business is growing. Geographically, the primary targets are the USA, UK, and Japan, followed by Australia and Canada. Other countries are on the list too.
Distribution techniques include the use of spam emails, misleading advertisements, and compromised web pages. CryptoWall payloads mainly arrive with catchy emails that contain ZIP attachments masqueraded as PDF documents. Exploit kits are known to be also involved in the propagation of this threat.
Having intruded on a computer, CryptoWall scans the hard disk, removable media and network shares for a specific array of file extensions. All detected data gets encoded with RSA encryption. The Trojan then obliterates the original files beyond recovery. The most recent variant encrypts the filenames along with the files proper, thus making it very problematic to even figure out what needs to be recovered.
The ‘pay or not’ dilemma
Trusting the criminals is a bad idea, therefore it’s advised to refrain from paying the ransom. The scammers may not decrypt your files at the end of the day. If you pay, this will prove to the offenders that it’s worth moving on with their business.
Thankfully, security professionals have created decryption tools that can recover data locked by several ransomware variants. These services have already done the restoration trick for thousands of people. Search Internet forums for such utilities.
As far as prevention goes, it’s very easy. Here are several simple tips that will help you stay on the safe side:
The rule of thumb is a backup, backup, and once again backup. It’s not enough to just say it once, so we need to shout out loud how important backups are these days. Make copies of your important files in several locations that aren’t connected to your PC. Store backups offline on an external hard drive and online on cloud services too.
Never open attachments or embedded links in emails unless you know with 100 per cent certainty that they are safe.
Use reliable anti-malware capable of detecting harmful links before they reach your inbox. Remember security suites featuring behavioural detection are more effective than signature-based ones.
Do not fail to keep all of your applications up to date.
Stay away from suspicious websites. Do not visit pages that look too good to be true or host shady software.
The defeat by a computer of a human champion at the game of Go has caused much excitement. But computers used to be human themselves, writes Trevor Timpson.
"Computer" comes from the Latin "putare" which means both to think and to prune. Virgil's Georgics - depictions of country life - speak of tidying vines by pruning (fingitque putando).
The playwright Terence left one of the most famous Latin quotations - I am a man and I think nothing human foreign to me (humani… nihil alienum puto).
The link in sense seems to be tidying, setting to rights, balancing an account, reckoning up. The historian Tacitus wrote "if the number of soldiers is counted" (si numerus militum putatur).
Computare (com- means "together") also meant calculate - Pliny's Natural History tells how the breadth of Asia should be "rightly calculated" (sane computetur).
And English has used "compute" for centuries. In 1660 Samuel Pepys wrote of a morning "computing the 30 ships' pay… and it comes to £6,538. I wish we had the money."
A "computer" used to be a person who did calculations. In 1731 the Edinburgh Weekly Journal advised young married women to know their husbands' income "and be so good a Computer as to keep within it."
It was very common for companies and government departments to advertise jobs as "computers", right up to the time when the word was used for early electronic devices.
One was the Atanasoff Berry Computer constructed at Iowa State University between 1939 and 1942. In his paper proposing the machine, John Atanasoff actually used "computer" in both senses.
The Atanasoff Berry computer. Inventor John Atanasoff used "computer" in both senses in the same paper He noted that "an expert computer" takes eight hours to complete one set of equations. But he also discussed the different mechanical parts of "computers" using the decimal and binary systems.
Of course, the word had always been available to apply to calculating devices.
In 1922 the New York Times described the "target computer" and "battery computer" designed to find the range for firing on enemy ships "and figure out factors quicker than [the] brain can work".
Some internet searches intriguingly point to a use of "computer mecanique" in the Pall Mall Gazette in 1869.
In fact unfamiliar type and automatic spell-checking are to blame. The article turns out to be about an early Paris taximeter, the "compteur mecanique".
But hang on. "Compter" in French, and our word "count" also come from computare. Essentially "compteur" really has the exact same ancestry and meaning as computer.
Etymologists call pairs like this "doublets". And anagrams, of course.
A man from Ceredigion has successfully sued Apple after his watch broke - forcing the company to change its product description.
Gareth Cross, 32, from Aberystwyth, paid £339 last July for his Apple Watch Sport, but spotted a crack in the glass face 10 days later.
The technology giant said work to fix the watch was not covered by warranty, despite its official claim it was scratch-resistant. Apple has been asked to comment.
Mr Cross took the company to the small claims court in Aberystwyth for breach of the Sale of Goods Act, and has won the case after a six-month fight.
The company was ordered to refund the cost of the watch and pay £429 costs.
Mr Cross said: "I went for the sport version because I am prone to knocking things about a bit and it said it was impact resistant.
"I hadn't even been doing anything strenuous, just sitting around watching TV. When I got to work the hairline crack had got bigger and bigger so I called Apple up to get it repaired."
Mr Cross told the BBC the case did begin to become stressful.
"I couldn't understand why they would want to go to court over the issue, but ultimately I wanted [to] stand by my consumer rights," he said.
"The case did start to become a little stressful, especially toward the end with the prospect of having to attend court to defend my claim against what was the most valuable company in the world."
Mr Cross added he had been relieved when the judge ruled Apple had breached the contract of sale by refusing to fix the watch. "I plan to buy another Apple Watch, as for the 10 days I had it, I really liked it," said Mr Cross, "but I may wait until the next model is out."