Comments Page (1 of 5)

1 2 3 4 5 Next

Ideas:   All | Recent | Trending | Comments

Corliss Review Group 'Heartbleed' bug can't be simply blamed on coders

Apr 16, 2014

1 Vote

Status: New

  Human error is behind the latest threat to website security but giant corporations need to take their share of the blame   The Heartbleed coding error may have been around for three years, affecting two-thirds of computer servers. Photograph: Pawel Kopczynski/Reuters     Were you a thriller writer seeking a name for an apocalyptic software security flaw that threatened the future of civilization as we know it, then "Heartbleed" would be hard to beat. Last week saw the discovery of such a flaw, and Heartbleed was the name assigned to it.   Most security flaws are of interest only to specialists, but this one was different. Why? Because it's been around for something like three years, during which time it could have exposed the passwords and credit card numbers that countless millions of people had provided to online stores and other services. Heartbleed would enable attackers to eavesdrop on online communications, steal data directly from services and users, and impersonate both services and users. It could have affected up to two-thirds of the world's internet servers. And unlike some earlier such problems, the solution isn't as simple as immediately changing one's password. It was, said Bruce Schneier, a security expert not much given to hyperbole, a "catastrophic" flaw. "On the scale of one to 10," he wrote, "this is an 11."   Heartbleed is a flaw in the computer code that encrypts your personal data while it's in transit from your computer to an online service. When you buy something from Amazon, say, or proceed to the checkout on any reputable site, then the URL you're dealing with will change from one prefixed by "http" to one prefixed by "https". This indicates that the Secure Sockets Layer (SSL) protocol has been invoked and that your personal data will now be transmitted only in encrypted form.   SSL is an essential component of the global e-commerce system, and the most common implementation of it is an open-source version called OpenSSL. Any flaw in it could indeed be catastrophic – which is why there was such a furore a while back when it was revealed that the National Security Agency had apparently been working actively to weaken the cryptographic protection that SSL offered. Not surprisingly, therefore, the default assumption when the Heartbleed story first surfaced was that the NSA must be behind it. But this comforting conjecture was rapidly discounted when it was realized that the flaw was most probably the result of a relatively mundane programming error.   It turns out that within OpenSSL there is something called the "heartbeat" protocol. This is needed to ensure that communications between user and site are kept alive even when the line goes quiet. What seems to have happened is that when one of the programmers who works on OpenSSL was doing a software update in 2011, he made a coding error which then – unusually for open-source software – went undetected for several years.   The implications of this are both intriguing and troubling. It's possible that the flaw – and the opportunities it provided for undermining the protections offered by SSL – was indeed undetected by anyone and that therefore the world of online commerce was safe even though the door to the safe was swinging open in the breeze. But most security people are unwilling to make that bet. Instead they are assuming that some people knew about Heartbleed and have been either quietly exploiting the vulnerability or using it to hoover up personal data for later nefarious uses.   An equally troubling implication is that huge online companies, instead of developing their own SSL code, simply lifted the OpenSSL code and just bundled it into their web-service software. They are perfectly entitled to do this, provided that they adhere to the terms of open-source licensing. But in behaving as they did they have in effect been free-riding on the public domain.   Most open-source software – and Open SSL is no exception – is produced voluntarily by people who are not paid for creating it. They do it for love, professional pride or as a way of demonstrating technical virtuosity. And mostly they do it in their spare time. Responsible corporate use of open-source software should therefore involve some measure of reciprocity: a corporation that benefits hugely from such software ought to put something back, either in the form of financial support for a particular open-source project, or – better still – by encouraging its own software people to contribute to the project.   If the giant internet companies had taken the latter approach to OpenSSL, then they might have spotted the Heartbleed vulnerability earlier. In which case we wouldn't be in the mess that we are in now. Sometimes the ethical thing to do turns out also to be the prudent thing to do.  

1 Votes | 0 Comment

Categories: Dell Community, Operating Systems, Mobile Devices,

The Internet Scam That Hijacks Your Hard Drive

Apr 16, 2014

1 Vote

Status: New

Viruses used to be so simple.   You’d go online with your dial-up modem, take 25 minutes to naively download an appealing-sounding .exe file, and suddenly a sheep would walk across the screen or an embarrassing e-mail would be sent to your entire address book. Some would even wish you a Happy New Year. Annoying, maybe, but they had their own ‘90s cyber-kiddie sense of charm.   Some viruses, of course, were incredibly disruptive. Now, though, viruses and malware have become even more malicious. They’re out for more than just hacker cred – they’re out for your money.   For a long time, malware scammers used tactics known as Scare ware. The malicious software fraudulently claims that your computer has a serious virus infection then sends you to a page to buy their (useless) anti-virus software.   Related: Porn, Drugs, Hit men, and Hackers: This Is the Deep Web   While this is certainly still around, many people have gotten wise to the fraud. Now some scammers are playing hardball. Enter Ransom ware.   Ransom ware is a form of malware that encrypts files on your hard drives with a highly complicated algorithm then presents you with an ultimatum: Pay up or you lose your files forever. The inherent brilliance in the software is this: While the software can be removed, the files remain encrypted. Paying the ransom is the only chance you have to see your files again. Although this scam has been around since 1989, only recently has it become widespread due to advancements in cryptography algorithms, the ability to extort via the anonymous currency Bit coin, and the digitization of once-analog items of sentimental value like family photos and home videos.   Some consumers are aware of the latest and most notable iteration of this trend known as Crypto Locker, which encrypts the user’s data with a 2048-bit RSA Algorithm. The scammers weren’t fooling around when they invented this complicated algorithm, which is incredibly difficult – if not impossible – to crack without a key, which will cost victims about $150 to $300.   Crypto locker has been incredibly successful. Owing to surprisingly good “customer service” — the majority of people who pay the ransom have their files restored — the men behind the Crypto locker curtain have raked in over $27 million in Bit coin over a period of three months, according to an examination of the Bit coin block chain by ZDNet.    

1 Votes | 0 Comment

Categories: Dell Community,

Osaka City Plans Subway Operator Initial Offering to Chase Tokyo

Apr 16, 2014

1 Vote

Status: New

Investing Guide at Deep Blue Group Publications LLC   Osaka, Japan’s third-biggest metropolis, plans to sell the city’s 81-year-old subway operator in an initial public offering to lure private investment after ceding ground to Tokyo.   Osaka plans to privatize the operations, which could be valued at more than 600 billion yen ($5.9 billion), in the next few years as part of efforts to become a global metropolis, prefectural Governor Ichiro Matsui said in an April 8 interview. It may also weigh a sale to private investors, he said.   Local governments in Osaka prefecture, near the ancient capital of Kyoto and home to electronics makers Panasonic Corp. and Sharp Corp., are stepping up sales of public assets to cut debt. Osaka is privatizing state-run companies and talking to potential investors including Caesars Entertainment Corp. on a planned $4.9 billion casino resort as it seeks to overcome a declining population.   “I am ready for the subway sale any time,” said Matsui, 50, who also is secretary-general of the Japan Restoration Party. “Osaka city assembly members should all have a sense of urgency to move this economic stimulus forward, as Osaka needs to bring in economic revival.”   A proposal to privatize the metro, which carries 2.24 million passengers daily, was submitted to the city assembly in February 2013, according to documents posted on the Osaka government’s website. The proposal, which is under discussion, would have Osaka transfer the subway operations to a separate government-owned entity and then fully privatize them, the documents show. It didn’t elaborate on the sale method or valuation.   Shrinking Population   The Osaka subway, which started operations in 1933, has nine lines running in the city and totaling 138 kilometers (86 miles). The privatization proposal will need endorsement by two-thirds of the assembly to be passed.   Osaka prefecture’s economic output dropped 6.2 percent to 36.6 trillion yen in the year through March 2012 from a decade earlier, according to the latest data compiled by the Cabinet Office. That compares with a 0.4 percent decline in Tokyo’s output, to 92.4 trillion yen.   The population of Osaka prefecture fell to 8.85 million as of March 1, down 0.1 percent from a year earlier. It’s forecast to shrink another 5 percent by 2025, according to a report compiled last year by the National Institute of Population & Social Security Research. Tokyo’s population, which rose 0.5 percent to 13.3 million in the year to March 1, is projected to decrease to 13.2 million by 2025.   “Osaka’s economic revival is vital to helping Japan avert a default or economic crisis, as Tokyo’s growth alone won’t be enough to bring momentum to the country’s overall economy,” said Matsui. “Other prefectures should follow suit.”   Selling Assets   Osaka joins the nation’s capital in seeking to sell transportation infrastructure. The Tokyo metropolitan government has been studying a sale of its 46.6 stake in the city’s subway operator, Governor Yoichi Masuzoe said March 19.   Matsui said in January his government has been holding talks with global casino operators including Caesars Entertainment, Genting Singapore Plc and MGM Resorts International on a plan to build a resort complex in the Osaka Bay area that would cost at least 500 billion yen.   In February, Matsui said the prefectural government plans to sell Osaka Prefectural Urban Development Co., a commuter rail operator, to Nankai Electric Railway Co. for 75 billion yen. State-owned New Kansai International Airport Co. is working with Sumitomo Mitsui Financial Group Inc. to sell rights to operate two of Japan’s biggest airports, people familiar with the situation said last month.   “By turning to a small government from a big one, Osaka is shifting to companies those things that can be left to the private sector,” Matsui said. “The casino-resort project, airport privatization and subway sale have great potential to lure private money into Osaka and its surrounding areas.”   The above article is a repost from Bloomberg  

1 Votes | 0 Comment

Categories: Enterprise,

A possibe way to have the laptop/mobile device support itself

Apr 15, 2014

1 Vote

Status: New

On your vehicle, once you start it, the alternator/generator supply power to run the vehicle on it's own power. My suggestion... Once the computer is running, when the fan starts running, place a gear/belt on the fan and it will turn more gears that will be attached to a generator/alternator that would supply power to the system to keep it running on it's own power and recharge the battery. This would mean you could have the system run for longer periods of time, using it's own power. There would have to be some type of circuitry that would stop the battery from being overcharged and also limit toe power to the recommended wattage. With the modern technology of today, the engineers could be able to figure this out in a timely manner and try to impliment this in newer model systems. Rick

1 Votes | 1 Comment

Categories: Desktops and Laptops, New Product Ideas, Mobile Devices,

How are SSDs in notebooks increasing productivity?

SSD Impact

Apr 14, 2014

2 Votes

Status: Acknowledged

I don't own any system having SSD, but I wont say increasing productivity, I would like to say increament and improvement in quaity and quantity would be there if SSDs replace currently dominating Normal HDDs. When it comes to laptop desktop whatever related to computers, one thing strikes first is SPEED and SECURITY. Definitely SSD will show new direction and evolution to computer manufacturing companies as well as demand will grow up, if SSDs incorporated in laptops/desktops woul be available at near price tag of those of normal HDDs. I would like to call the laptop manufacturers to replace normal HDD with SSD and would like to see DELL leading from the front in the race.ThanksBhanurdra

2 Votes | 2 Comments Join Storm Session

How are SSDs in notebooks increasing productivity?

Photo / Video Editing

Apr 14, 2014

3 Votes

Status: Acknowledged

Prior to getting my current laptop whenever I needed to do any work with video I always had to fire up my desktop system as even the best laptop HDDs had mediocre performance that would choke under the demands of video editing/encoding.  Not much of a problem when at home, but it severely curtailed doing any work on the road.To a lesser extent photo editing is also easier/faster particularly when exporting several hundred to several thousand JPGs from Lightroom; no longer is the HDD bottlenecking how quickly projects can be turned around and delivered to customers.

3 Votes | 2 Comments Join Storm Session

Categories: Desktops and Laptops, IdeaStorm, Service and Support,

What is the SSD effect on data center performance?

Performance and Efficiency

Apr 14, 2014

2 Votes

Status: Acknowledged

We already have a few Equallogic hybrid arrays which have provided a decent bump in performance versus their non-SSD counterparts, but are looking to start transitioning to all SSD storage arrays for the increased performance to support our increasingly virtualized environment (will be approaching 98% virtualized by EOY) while also reducing our power draw and cooling requirements.  Additionally looking down the road 5+ years we feel that all flash arrays will become the norm as costs continue to come down, and technologies like dedupe and compression become common place in tier 1 storage.As we make the move to AFA storage, we plan to make use of SSDs in our ESXi hosts for server side caching via vFRC or PernixData's FVP to offload demand from our SAN and provide a better experience to our customers.

2 Votes | 1 Comment Join Storm Session

Categories: Desktops and Laptops, Servers and Storage,

Built in Rear Camera

Apr 13, 2014

3 Votes

Status: Acknowledged

Have you ever tried to record a video with a laptop or a front facing camera (all in one desktop) of a subject other than yourself. It is not easy, so it would be very productive to have a rear built in camera so that the user could just sit at the desktop monitor as normal and record the subject that is in front. It would be nice if the camera could change directions as well.

3 Votes | 4 Comments

Categories: Desktops and Laptops, New Product Ideas,

1 2 3 4 5 Next