Wednesday, November 30, 2016

Deutsche Telekom attack part of global campaign on routers

Representational Image

30 Nov 2016 , 09:59

A cyber attack that infected nearly 1 million routers used to access Deutsche Telekom internet service was part of a campaign targeting web-connected devices around the globe, the German government and security researchers said on Tuesday.

The revelation from the German Office for Information Security, or BSI, stoked fears of an increase in cyber attacks that disrupt internet service by exploiting common vulnerabilities in widely used routers, webcams, digital video recorders and other web-connected devices.

Security researchers said the infections spread to countries including Brazil, Britain and Ireland using a technique similar to one that stopped millions of people in the United States and Europe from reaching websites including PayPal Holdings Inc , Twitter Inc and Spotify on Oct. 21.

The BSI said that German government networks were also targeted in Sunday’s attack on Deutsche Telekom customers, though authorities said they succeeded in keeping systems online.

Deutsche Telekom, Germany’s largest telecom company, said internet outages hit as many as 900,000 of its users, or about 4.5 percent of its fixed-line customers.

Deutsche Telekom and the German government did not identify other victims, though cyber security firm Rapid7 Inc said it observed the attackers trying to infect routers across the globe.

Irish telecom operator Eir and Vodafone Group Plc in Britain use routers that were vulnerable to same kind of attack, said Rapid7 security research manager Tod Beardsley.

Flashpoint, a second U.S. cyber security research firm, said it routers were infected in Brazil, Britain and Germany.

Eir said in a statement it was aware of potential vulnerabilities in broadband modems from Taiwan’s ZyXel Communications Corp used by about 30 percent of Eir customers.

“We have deployed of a number of solutions both at the device and network level which will remove this risk,” Eir said. It reported the incident to Irish regulators.

Vodafone declined to comment on whether it customers had been infected, but said it was aware of a vulnerability in routers that enables attackers to mount denial-of-service attacks.

The Brazilian National Computer Emergency Response Team told Reuters it was analyzing the impact of the attack on Brazil, but declined to say how many computers had been infected.

Mirai Botnet

The attacks were launched with software known as Mirai that seeks out vulnerable connected devices, then turns them into remotely controlled “bots” for mounting large-scale attacks that disrupt access to websites and computer systems.

Deutsche Telekom executives apologized for the outages, saying the company had provided details about the attack to other network operators and security agencies.

Security experts said the problem affected Deutsche Telekom customers using three types of routers manufactured by Taiwan’s Arcadyan Technology, which created a software patch that was pushed out to users on Monday.

Arcadyan did not reply to Reuters’ requests for comment.

Security experts said attributing blame for the attacks may prove impossible because the Mirai software had been released on the internet. It is relatively easy to use, which means hackers with relatively few technical skills could be to blame for follow-on attacks, they said.

Reuters

Facebook Messenger launches Instant Games: allows you to play Space Invaders, Pac-Man and Galaga

By tech2 News Staff / 30 Nov 2016 , 09:46

Facebook has launched an HTML5 based Instant Games feature, that allows users to play games through Messenger or in the News Feed. Facebook has tied up with some of the best publishers to get games on the platform.

The developer partners at launch include Bandai Namco, Konami, Taito, Zynga, King and Gamee. The games available include classics such as Pac-Man, Galaga, Arkanoid and Space Invaders. There are brand new titles available as well, including Brick Pop and Shuffle Cats Mini.

Koichi Ishii, president at Taito Corporation said, “Back in 1978, the first game in the world which the enemy character attacks the player character was named, Space Invaders. This new cross-platform gaming experience combined with us, one of the oldest game companies in the world, will create a new formula for all game fans. We are very happy and excited about this partnership to let game players around the world play Space Invadersagain.”

Kimihiro Horiuchi, head of global marketing at Konami Digital Entertainment said, “We believe this new cross platform gaming experience provides a new and unique discovery surface for our games and will delight and entertain our players around the world.”

There are seventeen titles available at launch. Competitive play and single player mode is supported. The games can be initiated in group chat as well. A controller icon appears below the text input field, to start playing the game. Once a round is played, users can be challenged for a rematch, or you can post and share your scores. You can play solo in the News Feed. The games can be searched for in the Facebook Messenger search field. The Instant Games feature is a follow up on the Basketball and Soccer games previously released on Messenger.

The games support leaderboards for multi-user chat within Messenger. The games are HTML5 based, and are loaded on demand. This does not increase the file size of messenger, but there is a delay every time a title is started.

Facebook says new titles and new ways of playing are coming soon. For the developers, Instant Games is a closed Beta program, and interested parties who want to bring their gaming content to Facebook Messenger or News Feed can do so by registering here.

In October last month, Telegram had launched an HTML5 based games on its instant messaging platform.

Gamee is one of the few developers providing gaming content on both conversational platforms. Telegram features persistent leader-boards in group chatting and solo play as well, but did not manage to partner with the major publishers that Facebook has got on board.

The update is supposed to be available in thirty countries around the world from today, but the rollout does not seem to have reached India as yet. We will be keeping a watch to try out the new games ourselves.

Tags: Chatbots, Facebook, Games, HTML5, Messenger, news feed

Sunday, November 27, 2016

SAP SME Summit: Cloud changes businesses - but requires software upgrades

SAP SME Summit

By Christine Parizo | November 24, 2016, 10:24 AM PST

Saying that the cloud has changed the way we do business is a little bit like saying water is wet - that much is obvious. What isn't obvious, and what became apparent at the SAP SME Summit held last week in New York City, is that the shift to the cloud has been a double-edged sword. On one hand, panelists were pleased that using cloud-based software has made it easier to interact with business partners - but it also means consumers expect even the smallest businesses to serve their queries as if they were running large enterprise systems.

Pittsfield, MA-based lifestyle retailer Annie Selke Companies, which encompasses several different brands, had struggled with multiple, outdated e-commerce platforms prior to moving to SAP Hybris Commerce, cloud edition. The move has made it easier for the various brands to make changes to the websites and had made it less likely that anything would fall through the cracks, according to panelist Monica Cleveland, vice president of e-commerce.

Being on the cloud has been so successful for Annie Selke that the company is now working to implement SAP Merchandising and Business By Design, Cleveland said. "We see revenue opportunities there... (and) in the future hope to leverage its capabilities to move to different countries," she added.

Cloud fosters enterprise-class service to customers

The other side of the surge in cloud use is the newly-added pressure on even smaller companies to provide enterprise-class service to customers. "A lot of customers are going into retail and direct-to-consumer sales," said Donald Dickinson, president, founder and owner of management consulting firm Dickinson & Associates. Selling to smaller retailers and individual consumers means that businesses need to provide a way for these customers to track products easily. When selling to large companies, they use EDIs to track shipments, but ordinarily, smaller companies will call, which is cumbersome, he said.

Dickinson & Associates built on the SAP HANA cloud platform to incorporate UPS, FedEx and other shipping carriers. Data is taken from the main SAP system and provided to customers to track their products.

cSubs, which helps clients manage subscriptions, licenses, market data feeds, and e-content, needs to integrate its e-commerce system, SAP Ariba, with its customers', and the company has found that the most difficult integrations are with the on-premise systems customers have that haven't been upgraded in years. "It's much more time-consuming to bring these customers on board," said Kenneth Redler, CTO. However, when customers are on a cloud-based system, electronic interactions are much more predictable.

"With those using cloud-based services, for us, it's like interacting with one big customer," Redler said. "What's big for us is that when all these other companies come on board with systems in the cloud, it enables us to more easily interact."

For McInnis Cement, cloud services are going to become critical as its new cement plant goes live. The company runs a lean IT staff, and it uses SAP S/4 HANA. The company expects its cloud-based HANA installation to support the business through this transition. "In the longer term, we see more cloud for us," said Laetitia Debout, business relationship manager. McInnis Cement has identified managed services and SaaS as what's needed to move forward as a company, she said.

For the panelists, being able to use software in the cloud has boosted their small businesses and allowed them to compete with larger companies. It's also made it easier to integrate their systems with shipping carriers and with customer systems.

Dell PowerEdge R830 review: Four into two does go

Dell PowerEdge R830 review

PROS

4-way server in compact 2U format
Broadwell-based Intel Xeon E5-4600 v4 processors
Wide processor choice, up to 22 cores (44 threads) per socket
16 internal storage bays
Optional NVMe add-in cards
iDRAC8
DDR4 RAM

Price
£35,942 (ex. VAT)

The 2U PowerEdge R830 is the latest addition to Dell's 13G range of PowerEdge servers, propelled to this position courtesy of Intel's 14nm Broadwell processors. On the face of it, this would seem unremarkable as there are lots of servers built around Broadwell, except that the R830 can take four of the latest Xeon E5-4600 v4 processors based on this technology, with up to 22 cores (44 threads) per socket and more cache than previous-generation Xeons. Team these together with faster DDR4 RAM and the end result is a server that can be significantly quicker and more capable than its predecessor (the 12G PowerEdge R820) and ideally suited to compute-intensive applications such as heavy-duty database hosting, Virtual Desktop Infrastructure (VDI) and other large-scale virtualisation and server consolidation projects.

The Dell PowerEdge R830.
Image: Alan Stevens/Tech Pro Research

The same, but different

At first glance the R830 appears to have changed little compared to the R820 it replaces. There's a new badge up front of course, but with the same 16 drive bays alongside that can take 2.5-inch drives -- either SSD or magnetic disks. Dell offers SATA, SAS or nearline SAS implementations as required.

The same solid and superbly engineered chassis is also employed as before, with a completely removable lid for ready access to clearly marked hot- and cold-swap components inside. You also get redundant power as standard, now with beefier 1,600W supplies, if needed, to cope with the demands of the new silicon.

Redundant power supplies now come in 750W and 1,600W formats.
Image: Alan Stevens/Tech Pro Research

Fully configured, the R830 chassis is a heavy old beast, requiring two people to slide it into the rack, and when you take the lid off there's not much empty space inside. That's mainly because squeezing four large Xeon processors plus heatsinks and 48 memory modules into a 2U chassis is a real challenge. Dell has opted to solve this by splitting the load between the motherboard and a Processor Expansion Module (PEM) -- effectively, a mezzanine card that plugs in on top. There are two processor sockets and 24 DIMM slots on the motherboard, and a similar arrangement on the PEM.

The R830 motherboard has two processor slots and 24 DIMM sockets.
Image: Alan Stevens/Tech Pro Research

First used on the R820, it's worth noting that the PEM is entirely optional but, with plenty of more affordable dedicated 2-way server alternatives to choose from, we doubt many customers would leave it out and start with just two sockets.

The other two processors and 24 DIMMs are accommodated on a Processor Expansion Module (PEM) that plugs into special sockets on top of the main R830 motherboard.
Image: Alan Stevens/Tech Pro Research

Our review system shipped with this option fitted and, as such, came fully populated with Xeon E5-4650 v4 processors (14 cores/28 threads) clocked at 2.2GHz with a 105W TDP (Thermal Design Power). However, there's a lot of choice here, from eight up to 22 cores per processor and varying TDP ratings of up to 135W for the 22-core E5-4669 v4.

Support for DDR4 RAM is available across all members of the E5-4600 v4 family, although the headline speed of 2.4GHz is only available on the high-end processors, starting with the E5-4640 v4. In theory up to 6TB of memory can be handled in total, but until 128GB DIMMs become available the R830 is limited to just half that (3TB), just as on the R820. Our review unit came with a more modest 512GB of RAM using 32GB ECC modules.
Power and cooling

On the cooling front, the R830 keeps the same bank of six hot-swap fans as its predecessor. These are located in a pull-out module sat between the storage at the front and the electronics at the rear of the server. Although noisy, they proved no louder than most. Similarly, power consumption is average for a four-socket server, determined both by what processors you go for and how hard they're worked.

Six hot-swap fans keep the server cool.
Image: Alan Stevens/Tech Pro Research

Storage to go

With just 16 hot-swap drive bays to play with, the R830 isn't the ideal platform for those seeking the ultimate in storage capacity. That said, it's not bad and you can always add external drives or hook the server up to a SAN to overcome this limitation.

Our review system came with a couple of 400GB SSDs to handle the host software together with six 1.2TB magnetic SAS drives for data. These were all cabled to a Dell PERC H730P controller and configured as a RAID 5 array. Other controllers from the PERC range can be specified if preferred, while customers looking for the ultimate in storage performance are directed towards Dell's NVMe add-in cards.

The R830's 16 internal drive bays can accommodate a mix of SSD and magnetic storage.
Image: Alan Stevens/Tech Pro Research

Connectivity, management and more

Network attachment is handled by an on-board controller and daughter card combination, with choices including dedicated quad-port Gigabit and dual 10GbE setups. Our review system had a mix: two 10GbE ports, with two Gigabit ports alongside. Support for TOE and iSCSI offload is also available on some of the configurations.

The network daughter card on the review server equipped it with two 10bE and two Gigabit ports. The iDRAC management controller has its own, dedicated, Gigabit interface.
Image: Alan Stevens/Tech Pro Research

A separate Gigabit port, meanwhile, provides connectivity to the Dell management controller which, on the R830, is upgraded to iDRAC8 to work with the latest Dell OpenManage platform.

The R830 benefits from the latest Dell iDRAC 8 remote access controller.
Image: Alan Stevens/Tech Pro Research

Other options include Dell's embedded hypervisor option with redundant SD Card modules and seven PCIe 3.0 slots for expansion. One of these was occupied by the RAID adapter on the review system, with a QLogic-based Fibre Channel card in another.

A workhorse of a server that can host a range of workloads, the Xeon E5-4600 v4 processors and DDR4 RAM in Dell's PowerEdge R830 deliver a significant performance boost compared to the previous-generation R820. Furthermore, it's possible to do this without, necessarily, adding to the core count and the associated licensing costs -- which can be considerable on this kind of platform. Of course, other vendors have similar offerings, but there's plenty in the R830 to commend Dell's solution, which is worth investigating by anyone seeking a powerful 4-socket server in a compact and incredibly well-engineered 2U format.

Microsoft joining the Linux Foundation comes down to one word: Cloud

Microsoft Linux cloud

By Jack Wallen | November 23, 2016, 9:02 AM PST

It's been reported over and over and over again. Yes, Microsoft has joined the Linux Foundation. This is an event, a real, serious event; something not one pundit, analyst, or Linux user would have even remotely considered not even five years ago. But there it is.

Don't believe me? Here's the announcement in which Microsoft has joined the LF as a Platinum Member. Upon joining, Scott Guthrie, Executive Vice President of the Microsoft Cloud and Enterprise Group had this to say:

"As a cloud platform company we aim to help developers achieve more using the platforms and languages they know... The Linux Foundation is home not only to Linux, but many of the community's most innovative open source projects. We are excited to join The Linux Foundation and partner with the community to help developers capitalize on the shift to intelligent cloud and mobile experiences."

A more subtle shift

Shortly after this union, the Linux Foundation made a subtle shift in their convention scheduling. LinuxCon, CloudOpen, and ContainerCon will now be combined under one umbrella event: The Linux Foundation Open Source Summit. I'm not saying this change was done simply to accommodate Microsoft, but considering some of the marketing material has also shifted from focusing primarily on Linux to open source, you might be able to draw a conclusion or two. That conclusion, I believe, has been long overdue; that both the Linux Foundation and Microsoft are embracing one another not only speaks to the power of open source, but how the platform has become a major driving force in computing on all levels.

A perfect union

The Linux Foundation has been doing amazing work serving as a bridge between the open source community and the rest of the world — not just enterprise business, but end users, home office, small business, mid-sized businesses, and governments. They've fostered important relationships that have helped to drive innovation in ways that may not have been possible otherwise. The Linux Foundation has hundreds of members and thousands of projects (some of which have become essential to enterprise business); it makes perfect sense that Microsoft would not only want to get in on the action, but would truly need to be a part of this union. Why? One word. Cloud.

That's right, the "C" word.

It is no great secret that Linux owns the cloud. Even from the Microsoft perspective, nearly 1 in 3 Azure virtual machines are Linux. Amazon Web Services, Apache CloudStack, Rackspace, Google Cloud Platform, and OpenStack are all powered by Linux. That is a piece of pie Microsoft wants to get the tines of their fork into. And why shouldn't they? Cloud is the thing and cloud is going nowhere but up.

But this isn't a one-way street. Ten years ago, had this same thing happened, everyone would be crying foul that Microsoft was only in this for themselves. However, I see a different shade of humble happening from Redmond these days. Microsoft understands one very important thing: As the cloud succeeds, so too does Microsoft. That sentiment is amended with the idea that the cloud cannot, in any way, succeed without open source. So it is in the best interest of Microsoft to ensure that open source does, in fact, succeed.

What better way to see to this than to join the cause?

The shift in strategy

Microsoft, the once very closed company, now:

Has open-sourced parts of its own .NET platform
Purchased, and subsequently open-sourced, Xamarin
Partnered with Canonical to bring Ubuntu to Windows
Worked with FreeBSD to release an image for Azure
Partnered with Redhat and SUSE to bring Linux to Azure
Has become a leading contributor on Github
Announced the porting of SQL server to Linux
Offers its own Linux certification

Those feats cannot be ignored. The company now delivers and is not showing any signs of backing down from its promise to embrace and extend. This is the same company that was once run by a man who said Linux was a cancer. What we have witnessed, over the last few years, is nothing short of a tectonic shift in strategy on the part of Microsoft...one that can help to redefine the reach and power of open source for years to come.

We have come a long way, baby.

A sizable win-win

I cannot help but come back to the Linux Foundation. A lesser organization might have scoffed at Microsoft's advances, citing the years of FUD and damaging business practices. Fortunately, the Linux Foundation is bigger and better than that. They know bringing Microsoft into the fold is a huge win for them, for open source, and for the Redmond company itself. In fact, this is a sizable win-win for everyone, from end users to the biggest enterprise companies on the planet.

Thanks to the tireless work on the part of the Linux Foundation, open source has a juggernaut champion in its corner. That tectonic shift in the open source landscape is the beginning of a new world order for users, IT, and business.

How to get more from Windows Defender by using its command-line tool

windows defender icon

In the article Windows Defender: Past, present, and future, I told you that Windows Defender appears to be slated for a transition into a modern Windows app after years with a similar user interface. I also ran through some of the features in the most current version of Windows Defender.

After that article was published, I received a question from a reader who asked if I knew whether Windows Defender will still have a command-line version after it is converted into a Windows app. I checked with a couple of my sources and received three answers: Yes, No, and Maybe. The Yes and Maybe answers were based on the fact that there are some advanced operations you can only perform from the command line. Since it's really too early to speculate further, I'll just leave it at that for now. However, while I was running my informal survey, I discovered that a couple of my contacts were unaware that there was a command-line version of Windows Defender.

As such, I thought I would write an article covering how and why to run Windows Defender from the command line. Let take a look.

Accessing the command-line version

Since Windows Defender has a Windows UI and performs most of its operations in the background, you may be wondering why anyone would want to use it from the command line. Well, the truth is that the command-line version is useful in situations where you want to be able to automate and customize Windows Defender's standard operations. Furthermore, as I mentioned, there are some advanced operations you can only perform from the command line-version. You may not use some of those operations often, but it's nice to know that they are available.

To find the command-line version of Windows Defender, just open File Explorer and navigate to C:\Program Files\Windows Defender. When you get there, look for a file by the name of

MpCmdRun.exe

If you right-click on the file and access its properties, you'll see that the actual name of the tool is Microsoft Malware Protection Command Line Utility (Figure A). Thus, the strange filename.

Figure A

You can find the actual name of the tool by accessing the file's properties.

Performing standard operations

To use the command-line version of Windows Defender, you need to be in an Administrator Command Prompt. If you have been following along and have File Explorer open to the C:\Program Files\Windows Defender folder, all you have to do is pull down the File menu and select the Open Command Prompt As Administrator command, as shown in Figure B.

Figure B

You can open an Administrator Command Prompt from within File Explorer.

The command-line version is useful in situations where you want to automate and customize how and when Windows Defender is run. For example, if you want to run a quick scan, you'll use the command:

mpcmdrun -scan -scantype 1

If you want to run a full scan, you'll use the command:

mpcmdrun -scan -scantype 2

If you want to check for new virus signature definition updates, you'll use the command:

mpcmdrun -signatureupdate

Performing advanced operations

In addition to the standard types of operations, there are several other advanced operations you can only perform with the command-line version of Windows Defender. For instance, you can enable diagnostic tracing, remove certain signature definitions, scan specific folders, and just run a scan on the boot sector of your hard disk. Here are a few examples.

If you want to scan the Downloads folder, you'll use the command:

mpcmdrun -scan -scantype 3 -File C:\Users\{yourname}\Downloads

If you want to perform a boot sector scan, you'll use the command:

mpcmdrun -scan -bootsectorscan

If Windows Defender gets fouled up during a signature definition update, you can reset signature definitions using the command:

mpcmdrun -removedefinitions

You can then try the update again.

If Windows Defender isn't performing up to par, you can reset the settings using the command:

mpcmdrun -restoredefaults

Detailed help

You can get detailed information about these commands and other advanced Windows Defender command-line operations with the command:

mpcmdrun -?

Your Headphones Can Spy On You — Even If You Have Disabled Microphone

Headphones mic

Wednesday, November 23, 2016 Swati Khandelwal

Have you considered the possibility that someone could be watching you through your webcam? Or Listening to all your conversations through your laptop’s microphone?

Even a bit of thought about this probability could make you feel incredibly creepy.

But most people think that they have a solution to these major issues i.e. simply covering their laptop’s webcam and microphone with tape, just like Facebook CEO Mark Zuckerberg and FBI Director James Comey.

But it's 2016, and a piece of tape won't help you, as a new experiment has proved that how easily hackers can turn your headphones into a microphone to spy on all your conversations in the background without your knowledge.

A group of Israeli security researchers at Ben Gurion University have created a proof-of-concept code (malware) that converts typical headphones into microphones and then use them to record all your conversations in the room just like a fully-featured spying device.

Speake(a)r Malware Weaponizes Headphones and Speakers
Using headphones as microphones is a decade-old technique. There are many videos available on YouTube, which show that earbuds can function as microphones in a pinch.

But what the researchers managed to do is switching an output channel of the audio card on your laptop — running either Windows or Mac OS — to an input signal and then recording the sound without any dedicated microphone channel from as far as 20 feet away.

Dubbed "Speake(a)r," the malicious code (malware) is disturbingly able to hijack a computer to record audio even when its microphone is disabled or completely disconnected from the computer.

"People don’t think about this privacy vulnerability," says lead researcher Mordechai Guri told Wired. "Even if you remove your computer’s microphone, if you use headphones you can be recorded."Speake(a)r actually utilizes the existing headphones to capture vibrations in the air, converts them to electromagnetic signals, alters the internal functions of audio jacks, and then flips input jacks (used by microphones) to output jacks (used for speakers and headphones).

This allows a hacker to record audio, though at a lower quality, from computers with disabled or no microphone or from computers of a paranoid user, who has intentionally ved any existing audio components.

But What made this Hack Possible?
Thanks to a little-known feature of Realtek audio codec chips that actually "retask" the computer's output channel as an input channel silently.

This makes it possible for the researchers' malware to record audio even when the earbuds is connected into an output-only jack and do not even have a microphone channel on their plug.

What's even worse? Since RealTek chips are being used on the majority of systems these days, the Speake(a)r attack works on practically any computer, running Windows or MacOS, and most laptops, as well, leaving most computers vulnerable to such attacks.

"This is the real vulnerability," said Guri. "It’s what makes almost every computer today vulnerable to this type of attack."The feature of RealTek audio codec chips is truly dangerous, as it can not be easily fixed. The only way to deal with this issue is to redesign and replace the chip in current as well as future computers, which is impractical.

Security researchers also published a YouTube video which shows the Speake(a)r eavesdropping attack in work.

For more detailed and technical explanation of the Speake(a)r attack, you can head on to the research paper [PDF] titled "Speake(a)r: Turn Speakers to Microphones for Fun and Profit."