Posts Tagged ‘computer’

Wed Aug 27, 6:22 PM ET

SAN FRANCISCO (AFP) – NASA confirmed on Wednesday that a computer virus sneaked aboard the International Space Station only to be tossed into quarantine on July 25 by security software.

A “worm type” virus was found on laptop computers that astronauts use to send and receive email from the station by relaying messages through a mission control center in Texas, according to NASA spokesman Kelly Humphries.

The virus is reported to be malicious software that logs keystrokes in order to steal passwords or other sensitive data by sending the information to hackers via the Internet.

The laptop computers are not linked to any of the space station’s control systems or the Internet.

“The bottom line is it is a nuisance for us,” Humphries told AFP. “The crew is working with teams on the ground to eradicate the virus and look for actions to prevent that from happening in the future.”

The virus had no adverse effect on space station operations, according to Humphries.

The space station orbits Earth once every 90 minutes at an altitude of about 350 kilometers (217 miles).

NASA is reportedly looking into whether the virus got into the computers by hiding in a memory drive used to store music, video or other digital files.

Humphries said this is not the first computer virus stowaway on the Space Station.

“This is not a frequent occurrence but it has happened before,” Humphries said.


Read Full Post »

Employees need to know their organization’s policies on E-mail and the Internet

It’s essential for some jobs, handy for most, but don’t be fooled—the personal computer can be a job ender. Even as you read this story, you should probably be asking yourself: Am I actually allowed to browse online and read news stories at the office?

The parameters for computer use at work (and even at home) are often confusing. We communicate, network, watch our TV shows, do our grocery shopping, and get our news on our computers. But it’s no free-for-all. Employees should know exactly what their employer’s policies are for E-mail and Internet usage, because workers are losing their jobs after computer-based missteps. Here are five ways to log on and lose your job:

Blog it up. Blogger Chez Pazienza worked as a producer at CNN’s American Morning until mid-February, when Pazienza says his boss informed him that the company discovered his name attached to blog posts written without CNN’s approval. Pazienza was fired soon after. Pazienza runs Deus Ex Malcontent, where he writes about Oprah and President Bush with equal abandon. He hadn’t identified himself as a CNN employee on the blog, but CNN spokeswoman Barbara Levin says company policy is that employees must first get permission to write for a non-CNN outlet. Levin didn’t elaborate, noting that the company does not comment on personnel matters.

There’s even a term for being fired because of a blog—it’s called being “dooced.” While some blogging advocates say a well-executed blog can boost your career by presenting your best side to the HR executives Googling you, there are limitations. Dooce.com founder Heather Armstrong writes on her site that she lost her job a year after beginning the blog for writing entries that involved colleagues. She now tells site visitors, “Be ye not so stupid” and offers parameters for safe blogging: “Never write about work on the Internet unless your boss knows and sanctions the fact that you are writing about work on the Internet.”

Play a way. Solitaire, that ever seductive way to while away the hours, is probably not a great choice for the workplace. New York City Mayor Michael Bloomberg caught sight of a solitaire game on a city employee’s computer screen in 2006 and fired him. “I expect all city workers, including myself, to work hard,” Bloomberg said then.

Richard Bayer, an economist and chief operating officer of the Five O’Clock Club, an outplacement and career coaching organization, says employees who use a company computer for personal matters on company time—whether playing solitaire or checking on their 401(k)’s—are essentially stealing from their employer. “It’s a new, 21st-century form of theft,” Bayer says, adding that a couple of personal E-mails each day are within reason.

Look at pics. Yes, those kind of pics. Think about this: Nearly one third of bosses have fired workers for misusing the Internet, according to a recent study by the American Management Association and the ePolicy Institute. Eighty-four percent of those employers said the reason was the viewing, downloading, or uploading of inappropriate or offensive content. The Washington, D.C., city government recommended the termination of nine employees in January for allegedly looking at pornography sites at work. The key here is privacy—as in, tell yourself you have none. The computer system belongs to the company, and courts have consistently sided with employers when it comes to computer-related terminations, says Nancy Flynn, executive director of the ePolicy Institute.

Post your pics. Social networking may quickly gain an air of formality. The mayor of tiny Arlington, Ore. (population nearly 500), grabbed headlines recently after she was recalled by voters. Among other issues, the residents were sharply divided over the propriety of photos of the mayor dressed in her underwear that were posted to her MySpace page.

Read Full Post »

Shopping offline
Air was code-named “apollo” during its development

Adobe has launched software designed to make it easier for computer users to use online applications offline. Adobe Air allows developers to build tools that still have some functionality even when a computer is no longer connected to the net.

A free download will allow users of Macs, PCs and, later this year, Linux machines to run any Air applications.

The first programs that use the technology, developed by web sites such as eBay, have already been released.

“Air is going to allow applications that run on the web today – that run in the browser – to be brought down to the desktop,” Andrew Shorten, platform evangelist at Adobe told BBC News.

“It’s about taking existing web applications and adding extra functionality whether you want to work offline or whether you want to access data on your disk.”

Seamless vision

Mr Shorten said that the technology is not about replacing the web browser.


Many firms have already developed Air applications

“It’s about delivering the best experience depending on where you are and what you need to get from the application, ” he said.

“If I’m on the road with my laptop maybe I want to use the desktop version of my application. If I pop into an internet cafe I can still access it through the browser.”

The software is part of a growing number of technologies that aim to make the transition between the on and offline worlds seamless.

In 2006, Microsoft unveiled its Silverlight technology. And last year Google launched Gears.

The tool does not allow the creation of new content but does allow web applications to be used offline.

For example, the developers of the free online office package Zoho use Gears to give users similar functionality to normal desktop office programs.

The nice thing about it is that it works on all the different platforms
John O’Donovan

Similarly, Adobe is looking into provide Air versions of many of its popular programs such as Photoshop.

A host of other companies and web services have already built Air applications.

For example, Ebay has built a program that allows users to do much of the legwork required in setting up auctions offline. The next time the user connects to the internet the listing would be posted to the website.

The application also allows users to keep up to date with auctions and bids without the need to have a browser open at the eBay page.

Blurred boundary

The BBC is also building prototype applications with AIR.

“The nice thing about it is that it works on all the different platforms – Mac, PC and eventually Linux,” said John O’Donovan, chief architect in the BBC’s Future Media and Technology Journalism division.

The corporation is currently building prototype versions of several applications such as the news ticker, which displays headlines on a desktop, and mini Motty, which provides desktop football commentary.

The current versions of the programs only work on PCs.

Other programs exploit Air’s ability to access both web content and files on a computer’s disk.

For example, the web-version of Finetunes allows users to stream music over the internet

“If you install the Air version on your desktop it can also look at what you have in your iTunes library and then suggest music based on what it finds,” explained Mr Shorten.

“So it’s really taking the essence of what works on the web, brining it to the desktop and then making it more personal to you.”

Some commentators have pointed out that the ability for an application to delve between the web and a computer’s hard drive raises security implications.

“Our advice would be to only install applications from sources that you trust,” said Mr Shorten.

Read Full Post »

Windows XP

Microsoft is one of the firms the NCC wants to see investigated

Some of the world’s biggest computer firms have been accused of imposing unfair contracts on customers who buy their software. The National Consumer Council (NCC) has accused 17 firms, including Microsoft, Adobe and Symantec, of using unfair “end user licence agreements” (EULAs).

The NCC has asked the Office of Fair Trading to launch an investigation.

The NCC said the firms’ EULAs were misleading customers into “signing away legal rights”.

“Software rights-holders are shifting the legal burden on to consumers who buy computer programmes, leaving them with less protection than when they buy a cheap Biro,” said Carl Belgrove of the NCC.

“Consumers can’t have a clue what they’re signing up to when some terms and conditions run to 10 or more pages.

“There’s a significant imbalance between the rights of the consumer and the rights of the holder,” he added.

‘Legal responsibility’

As one of the firms named by the NCC, Microsoft said it had not seen the details of the report and was unable to comment.

But it added that it was committed to dealing “fairly” with consumers and addressing any concerns they might have.

The NCC looked at 25 software packages and said that in 17 instances, the packaging did not tell potential buyers they would have to sign an EULA in order to use it.

While some contained the EULA inside an instruction manual, or let it be read online, this was only after the software had been bought.

“This means that consumers are unable to make informed decisions before they buy a product, yet are being forced to take on an unknown level of legal responsibility,” said the NCC.

After examining the contents of the EULAs, the NCC also said that some contained potentially unfair clauses.

Read Full Post »

Matt Hines


San Francisco – As malware threats and regulatory compliance demands continue to grow more complex, IT will become increasingly dependent on SaaS (software as a service) offerings that let them respond to problems faster while also saving money, according to top executives at the world’s largest anti-malware vendors.

In addition to continued adoption of managed security services delivered on- and off-site by professional consultants, IT customers will be able to resolve some of the problems they have with existing IT systems defense and compliance automation tools by shifting away from on-premise technologies in favor of adopting more hosted applications, vendor executives contend.

While security technologies such as end-point protection suites and IDS (intrusion detection systems) will likely always require the use of software agents that reside on customers’ devices and network infrastructure, vendor executives claim that a range of technologies, including exploit-prevention tools and compliance-monitoring filters, will gradually move to the SaaS model.

As a result, providers such as McAfee, Symantec, and Trend Micro, among others, are already ramping up their SaaS portfolios to adapt to the shift.

“We believe that [SaaS] is the wave of future, and we already deal with the issue of updating tens of millions of machines remotely multiple times per day in multiple geographies. It’s one of most complex things to do in all of technology, and one of the most impressive assets that I think we have,” said David DeWalt, CEO of McAfee.

“IT budgets are not growing, but the threats and regulatory demands are, and customers are finding themselves thin on resources. SaaS will be a great way for businesses to save on infrastructure and maintenance costs while improving protection,” said Jeff Hausman, Symantec’s senior director of product management. “There’s no question that the hosted model is growing dramatically.”

McAfee expects a SaaS transition over time
Building on the infrastructure that vendors such as McAfee have already established to distribute anti-malware signatures and other product updates to their customers, the companies will add new SaaS offerings incrementally as customers warm up to the ideal.

The security software providers themselves must also figure out the appropriate mix of on- and off-site tools, as well as refine pricing policies for the services over the next few years, CEO DeWalt said.

However, DeWalt recognized that the process of designing and delivering SaaS products — and selling customers on their benefits — won’t be achieved overnight. “It’s a very complicated technology project, sometimes not even related to development of our own technology, but based on the IT infrastructure needed to deliver SaaS as effectively,” he said. “We’ve learned a lot through our experiences building [anti-malware] products for the consumer and small-business markets, and we’ll use those lessons to move into the SaaS business over time.”

As part of its move into SaaS, McAfee announced the acquisition of ScanAlert, a provider of hosted e-commerce Web site security services, for $51 million in October 2007. The company will consider additional deals in the area if there are targets that can aid in its development of the business, DeWalt said.

Trend Micro, others see Intelligence in the cloud
Along with e-mail filtering services — one breed of security SaaS application that has already proven a hit with customers of companies such as Postini, which Google acquired for $625 million in July 2007 — vendor executives contend that hosted tools used to provide end-point and network security management services will be among the first to find favor with IT and end-users.

Trend Micro CEO Eva Chen said a growing number of the firm’s small-business customers are already using its Remote Manager hosted tools to maintain configuration of their security programs and prevent their end-point systems from being altered by malware programs such as rootkits.

“We began quietly moving forward in this direction several years ago, but I believe 2008 will be a big year for SaaS development, not only because of vendor initiatives, but because of the need to deal with new threats among customers,” Chen said.

“We think that there will be a need to move anti-threat knowledge from the customer into the cloud,” Chen said. “Instead of having them download a virus pattern file, we will filter things and compare them to intelligence in the cloud, and then go to the end-user and update them without having to download the larger files used today.”

Keeping the channel involved
Established SaaS applications in other markets, such as Salesforce.com‘s hosted sales-force automation tools, have traditionally bypassed resellers and other channel players and instead been provided directly to customers by vendors themselves. That may not be the case for SaaS-delivered anti-malware, Chen said.

The reason? Even though SaaS tools are meant to alleviate many of the management concerns related to traditional on-premise products by handing the responsibilities back to the vendors, channel partners will be important in providing any services necessary to help users transition to the delivery model, or to customize the applications to individual business environments and provide any needed support services, Chen said.

Symantec, which has pledged to turn as many of its products into SaaS offerings as it can do profitably, has also promised to keep its resellers in the loop as its brings new hosted services to market. Most customers adopting SaaS services will still consume traditional security products, leading the company to pursue a hybrid strategy that mixes the two disciplines, said product director Hausman.

“We have the infrastructure to provide the service, but resellers will still maintain a lot of the relationships,” Hausman said. “We’re the brand behind delivery to the customer, but the partner is still the same name and face that customers have grown comfortable dealing with over time.”

Diverse opportunities
Symantec’s maiden foray into SaaS is its Protection Network online secure backup service aimed initially at smaller customers, hundreds of which are already piloting the offering, according to Hausman. But Symantec is preparing several other hosted products for release.

E-mail security is one area where Symantec sees SaaS opportunities, built on the success of acquired companies such as Postini. Other services that the company is pursuing might come as a surprise, including its bet that elements of DLP (data leakage prevention) and compliance monitoring can be moved to the SaaS delivery model.

Vontu, the DLP gateway specialist that Symantec purchased in November 2007 for $350 million, didn’t have a SaaS offering under development, but Hausman believes that under Symantec’s wing, the unit can create new capabilities by tying some of the on-premise capabilities of its technology with in-the-cloud services for message filtering and archiving.

Other opportunities for SaaS will emerge around anti-virus protection, security policy management, remote systems management and IT continuity protection, he said.

Read Full Post »

By Jonathan Fildes
Science and technology reporter, BBC News

The chip has four separate cores

The first chip to pack more than two billion transistors has been launched by silicon giant Intel.

The quad-core chip, known as Tukwila, is designed for high-end servers rather than personal computers.

It operates at speeds of up to 2Ghz, the equivalent of a standard PC chip.

It marks the latest milestone in chip technology; Intel released the first processor to contain more than one billion transistors in 2006.

“It’s not revolutionary, it’s another evolutionary step,” said Malcolm Penn, an analyst at Future Horizons, of Tukwila.

Memory machine

The chip industry is driven by Moore’s Law, originally articulated by Intel co-founder Gordon Moore in 1965.

The industry axiom states that the number of transistors it is possible to squeeze in to a chip for a fixed cost doubles every two years.

Transistor graphic
Transistors are basic electronic switches found in silicon chips
Each transistor can be switched on or off, representing a “1” or “0”, known as binary code
All computation is done using different combinations of these two outputs to do calculations
Modern chips contain millions of transistors allowing them to execute millions of calculations per second
The tiny devices consist of a source, drain and gate
A voltage applied to the gate and drain turns the device on
Removing the gate voltage switches it off again

In 2004, the equivalent processor to Tukwila contained 592 million of the tiny switches.

Although the new chip packs more than 2 billion transistors it operates at a relatively modest speed of 2Ghz, the equivalent of many PC chips.

Last year IBM released what was described as the “world’s fastest commercial chip” that operates at 4.7Ghz.

The dual-core Power6 processor contains just 790 million transistors.

A large number of the transistors on the new Intel chip are used for memory.

“[It] contains lots of onboard memory and registers which are just a very efficient computer architecture to process data faster,” said Mr Penn.

Cache memory holds data to be processed by the chip. The closer it is to the processor, the quicker the data can be crunched.

“It’s like the difference between getting food from the fridge, rather than from the corner shop,” said Mr Penn.

“The very early microprocessors had no cache memory onboard – it was all off chip – and now they have as much as they can fit on within the chip size limitation,” he said. Mr Penn. “That’s an ongoing trend.”

Tiny technology

The chip also bucks the trend seen in many modern processors of aiming for lower power consumption.

Moore's Law graph

“That’s very much a reflection of the market place demands,” said Justin Ratner, chief technology officer of the firm.

He said that firms that used the chips demanded more performance and were willing to trade power to get it.

“These chips go into a quite a unique market place,” he said.

The firm will also show off a chip designed for ultra-mobile devices, known as Silverthorne.

The processor is based on the firms latest transistor technology which contains features just 45 nanometres (billionth of a metre) wide.

Tukwila is based on 65 nanometre technology.

“[Using 65nm technology] reflects the design time involved in that processor,” Mr Ratner told BBC News.

Both chips will be shown off at the International Solid State Circuits Conference (ISSCC) in San Francisco.

Read Full Post »

Robert McMillan, IDG News Service Sat Jan 19, 9:00 AM ET

Criminals have been able to hack into computer systems via the Internet and cut power to several cities, a U.S. Central Intelligence Agency analyst said this week.Speaking at a conference of security professionals on Wednesday, CIA analyst Tom Donahue disclosed the recently declassified attacks while offering few specifics on what actually went wrong.

Criminals have launched online attacks that disrupted power equipment in several regions outside of the U.S., he said, without identifying the countries affected. The goal of the attacks was extortion, he said.

“We have information, from multiple regions outside the United States, of cyber intrusions into utilities, followed by extortion demands,” he said in a statement posted to the Web on Friday by the conference’s organizers, the SANS Institute. “In at least one case, the disruption caused a power outage affecting multiple cities. We do not know who executed these attacks or why, but all involved intrusions through the Internet.”

“According to Mr. Donahue, the CIA actively and thoroughly considered the benefits and risks of making this information public, and came down on the side of disclosure,” SANS said in the statement.

One conference attendee said the disclosure came as news to many of the government and industry security professionals in attendance. “It appeared that there were a lot of people who didn’t know this already,” said the attendee, who asked not to be identified because he is not authorized to speak with the press.

He confirmed SANS’ report of the talk. “There were apparently a couple of incidents where extortionists cut off power to several cities using some sort of attack on the power grid, and it does not appear to be a physical attack,” he said.

Hacking the power grid made front-page headlines in September when CNN aired a video showing an Idaho National Laboratory demonstration of a software attack on the computer system used to control a power generator. In the demonstration, the smoking generator was rendered inoperable.

The U.S. is taking steps to lock down the computers that manage its power systems, however.

On Thursday, the Federal Energy Regulatory Commission (FERC) approved new mandatory standards designed to improve cybersecurity.

CIA representatives could not be reached immediately for comment.

Read Full Post »

Older Posts »