Microsoft plans to release on Monday an emergency fix for a Windows vulnerability that is being exploited by attackers using a "highly virulent strain" of malware.

Because of the seriousness of the flaw, Microsoft has decided to publish the patch before the company's scheduled release of security patches Aug. 10. The so-called "out of band" release corrects a flaw that results in Windows incorrectly parsing shortcuts in a way that allows malicious code to be executed when the icon of a specially crafted shortcut is displayed, the company said.

"We're able to confirm that, in the past few days, we've seen an increase in attempts to exploit the vulnerability," Christopher Budd, spokesman for the Microsoft Security Response Center, said Friday. "We firmly believe that releasing the update out of band is the best thing to do to help protect our customers."

According to the Microsoft Malware Protection Center, attackers have used .LNK files to exploit the vulnerability. As malware writers have learned of the flaw, multiple techniques to exploit it are showing up on the Internet.

One family of viruses, called Sality, has caught the attention of security researchers, who have spotted a newly developed member Sality.AT that exploits the latest vulnerability.

"Sality is a highly virulent strain," the Protection Center says in its blog. "It is known to infect other files, making full removal after infection challenging, copy itself to removable media, disable security and then download other malware."

With the release of Sality.AT, developers of other virus families will likely move quickly to copy the technique to target the same vulnerability, the center said.

Affected versions of Windows include Windows 7, XP, Server 2003, Vista and Server 2008. Microsoft has posted a detailed list.


By Antone Gonsalves
Read the Original Article at InformationWeek

• 0 comments »

Advanced Micro Devices and Intel grew their graphics processor shipments in the second quarter at the expense of Nvidia, with AMD the biggest winner, a market researcher says.

Intel remained the market leader, but AMD had the biggest gains for both discrete and integrated desktop chips, Jon Peddie Research reported Friday. Nvidia, however, had double-digit losses in every segment, except notebook integrated graphics.

Overall, graphics chip shipments rose 4.3% from the first quarter, while shipments were flat year-to-year, Peddie said. Desktop discrete GPUs fell 21.4% quarter-to-quarter, reflecting "tremendous growth" in laptops. For the first half of the year, shipments were up 38.6% from the same period last year.

Second-place AMD had a strong second quarter with shipments rising 32.6% from the same quarter a year ago and 19.1% from the first quarter, Peddie said. AMD's overall market share increased three percentage points from the first quarter to 24.4%, which was six percentage points higher than a year ago.

In terms of revenue, AMD reported that sales within its graphics segment in the second quarter increased 8% sequentially and 87% year over year to $440 million.

Intel shipments rose 7.6% year to year and 15.3% from the first quarter. The company's graphics shipment piggybacked on strong sales of the company's Core i3 and i5 CPUs, Atom chips for netbooks and mobile processors for laptops. Intel's overall share of the graphics market rose 5.2 percentage points from the first quarter to 54.9%, and 3.8 points year to year.

Number three Nvidia was the biggest loser, as unit growth fell 26.6% quarter to quarter and 32.4% year to year, Peddie reported. The company's market share fell to 19.7% from 28% in the first quarter and 29.2% a year ago.

Nvidia's fiscal quarter straddles calendar quarters. Its next quarter ends July 31. Revenue estimates have been lowered to between $800 million to $820 million. The company had predicted a range of $950 million to $970 million on May 13.

By Antone Gonsalves
Read the Original Article at InformationWeek

• 0 comments »

In a move that supports the growing number of people accessing the web via mobile devices, the Government Accountability Office has launched a mobile version of its website.

The federal watchdog organization's site now is available via BlackBerry, iPhone, Android and other mobile devices. A combination of in-house IT staff and a third-party contractor already engaged in website support created the mobile site, said GAO spokesman Charles Young.

Depending on the capability of their device, people can view full GAO reports in PDF format on mobile devices, he said. If a device doesn't support PDF, the links to the reports direct people immediately to a summary of them, or the links to the reports can be emailed.

Alternatively, people have the option of viewing a text version of reports with no graphics or charts, Young said. The GAO originally developed this version for people using screen readers, but the interface also works well on mobile devices, he said.

The agency cited a Pew Research Center report as a reason for bringing its website to mobile phones. The report found that the use of Internet, email and instant messaging on mobile devices among adults increased 8 percent between 2009 and 2010, from 32 percent to 40 percent.

People can access the mobile GAO site the same way they do on a desktop -- by launching the URL on their mobile browser. However, the site differs significantly in appearance than it would on a desktop browser, Young said.

The GAO has optimized the display of the site for use on the small screen, simplifying it to a single-column menu of "high-interest options," with hardly any graphics, he said.

The site as rendered on a mobile device has three main tabs. The first enables someone to browse the latest GAO reports and testimonies, while the second displays legal decisions and opinions by the agency. A third tab, called "In the Spotlight," highlights some of the latest GAO work. The site's search functionality also is available on mobile devices.

Young said the GAO tested the site repeatedly on multiple mobile devices throughout the development process and, while there are small variations from device to device in appearance, functionality remains largely the same across them.

By Elizabeth Montalbano
Read the Original Article at InformationWeek

• 0 comments »

Now we know why the current Kindle suddenly became unavailable earlier this week, with no date listed for stock to be replenished: It’s because Amazon is launching a new-model Kindle, one that’s smaller, lighter, faster, and easier to read.

The new Kindle hangs on to everything we’ve come to love from the current model: Same 6-inch screen and same 3G wireless connection for downloading books in the U.S. or internationally. It’s still $189 too.

But virtually everything under the hood has been upgraded: The new model is 21 percent smaller and 15 percent lighter, capacity has been doubled to carry 3,500 books, and Wi-Fi has been added for when you’re out of range or away from a 3G network. And the screen has now been upgraded as well, using the same higher-contrast technology that the upgraded Kindle DX offers. Page turns are 20 percent faster, and it’s available in the classic white or graphite color options.

Amazon is also offering another version of the Kindle, called the Kindle Wi-Fi. This model, an amazing bargain at just $139, offers the same features as this Kindle but strips out the 3G connection altogether. Instead, you have to do all your book downloads via Wi-Fi, a trade-off that many who don’t read far from home may find entirely worthwhile.

With 630,000 books available on the Kindle Store (plus 1.8 million free, pre-1923 novels), the rest of the Kindle world remains about the same. But these new offerings show just how aggressive Amazon is about owning the e-book-reader space. What more can the company offer to prove its commitment to e-books? Aside from giving Kindles away for free and figuring out how to turn these displays into color, I mean.

• 0 comments »

In an online version of the old three shell game, Yahoo, Google and Microsoft have been shuffled around in Japan with Google uncovered as Yahoo Japan's new search partner, leaving Yahoo Inc. (USA) in the lurch.

Microsoft, which partners with Yahoo in the U.S., is also out in the cold. Yahoo Japan's president Masahiro Inoue announced the decision Tuesday after his firm concluded that Microsoft's search technology was not strong enough for its needs in Japan, according to the Reuters news service. Yahoo Japan is 35% owned by Yahoo Inc., but that percentage wasn't enough to override the 40% stake owned by Softbank.

To complicate matters further, Yahoo Inc. has been outsourcing some of its search capability to Microsoft.

A possible antitrust problem -- Google and the new Yahoo search capability could represent as much as an 80% search market share in Japan -- has been cleared with the Japanese government, according to media reports.

Yahoo Inc. will remain associated with the Japanese affiliate as a strategic partner and will continue its financial stake in the Japanese unit.

Last year, Yahoo Inc. signed a 10-year agreement with Microsoft to shift web indexing to Microsoft while Yahoo improved its search capability. Still earlier Microsoft had offered by purchase Yahoo Inc. outright, but Yahoo's management at the time rejected the offer and Yahoo stock has still not recovered from the pre-offer price.

By W. David Gardner

Read the Original Article at InformationWeek

• 0 comments »

Apple said Friday it will delay shipments of the white version of iPhone 4 until an unspecified date later in 2010—a move that immediately sparked speculation over what's behind the hold up.

Image Gallery: Apple iPhone 4, A True Teardown

The company blamed the delay on the fact that the white models "have continued to be more challenging to manufacture than we originally expected, and as a result they will not be available until later this year."

But not all Apple enthusiasts are buying the explanation. The blogosphere was abuzz Monday with speculation that Apple is using the white iPhone 4 as a guinea pig for a new solution to the device's finicky antenna.

Apple hasn't commented on the rumors, and is sticking by its explanation. It also said that shipments of the black version of iPhone 4 are unaffected by the slowdown. Also on Friday, Apple released a downloadable app that allows iPhone 4 customers to get a free bumper that's designed to protect the smartphone from the so-called "grip of death bug" that hinders antenna performance.

The app fulfills Apple CEO Steve Jobs' promise of a free case for all iPhone 4 buyers. Apple is also offering refunds to those who previously purchased the $29 wrapper.

The offer came in response to complaints that iPhone 4's signal falters if a certain part of its exterior antenna—on the lower, left corner of the device—comes into contact with the user's hand. The bumper works by insulating the smartphone from interference caused by human skin.

Jobs has insisted that concerns about iPhone 4's antenna are overblown. He said at a press conference earlier this month that all phone antennas are subject to human interference. In fact, he claimed that iPhone 4 antenna's weak spot is visibly noticeable by design. "We pretty much threw a red flag on it with these lines. X marks the spot," said Jobs.

Jobs also said that Apple will roll out iPhone 4 in 17 countries starting July 30, and that the company is working on a software update that will fix a bug in the device's proximity sensor.

By Paul McDougall

Read the Original Article at InformationWeek

• 0 comments »

A recently released, next-generation phishing toolkit promises to automate the tedious task of tricking people into visiting websites designed to steal their financial information. Even better, the toolkit is free. The only hitch: the creators added a backdoor, allowing them to also amass all of the data captured by their phishing toolkit, no matter who uses it.

In other words, it's a pyramid scheme written by hackers to target other hackers, as well as you. While one attacker may amass dozens or hundreds of credentials, the toolkit's creators get the combined take and likely, first stab at every stolen credential.

To date, the toolkit has been widely used to launch phishing attacks that spoof major companies. "The ones we know of are PayPal, Hotmail and Yahoo," said Rob Rachwald, director of security strategy at Imperva, which discovered the toolkit. But the toolkit's settings allow attackers to create attacks spoofing 16 sites in total, including Facebook, RapidShare and Skype. The toolkit is written in English, but includes a tutorial written in Arabic.

Attacks using the toolkit remain very much at large. Furthermore, its creators boasted that the toolkit has been downloaded more than 200,000 times, though obviously, take that number with a grain of salt. "There's no way to validate that, but even if he's exaggerating, and you go with 20,000 times, and everyone who used it manage to get 100 credentials," that's a lot of stolen data, said Rachwald.

Unfortunately, attacks based on the toolkit are likely to stay in circulation. That's because the toolkit uses separate websites for hosting the attack and gathering the stolen data -- a little seen innovation for automated phishing attacks. As a result, said Rachwald, "it may be easy to pull the front end" -- meaning the attack website, which spoofs a real website -- off of the web. "But it's hard to eliminate the back end" that collects data.

If an easy way to block the toolkit remains unknown, one thing that has been positively identified is the identity of the creators, who apparently like to brag. Rachwald said that through "a combination of us being clever and them being stupid," Imperva managed to identity the toolkit creators, including names, photographs and current location -- Algeria.

What did Imperva do, once it learned their identities? "We're not the FBI. So we let some people know," said Rachwald.

• 0 comments »

Healthcare is one of the most information-intensive and technologically advanced industries in our society. Yet most physicians and hospitals still use information systems that are largely paper-based. Four major challenges contribute to this situation:

• Healthcare consists of lots of small organizations that have a difficult time funding IT investments and rarely have trained IT staff to assist in selecting and implementing products.

• Although many healthcare apps have the potential to improve care--think e-prescribing systems that reduce adverse drug events--insurers don't always reimburse healthcare providers for delivering quality care, so providers see no financial gain from investing in IT.

• A lack of data and transaction standards and few financial incentives have hindered the development of information exchange networks among healthcare providers.

• Treatment pathways or protocols have been developed for some diseases like diabetes and hypertension, but for the vast majority of the 10,000 diseases, syndromes, and problems that exist, care tends toward trial and error. This situation is exacerbated by the huge amount of information added to the base of medical literature each year, requiring us to continually revisit our understanding of how we provide care.

Several steps should be taken to address these challenges and ensure that providers take advantage of the significant gains that can come from IT.

1. Payment Reform: New federal initiatives give providers financial incentives to adopt EHRs and "meaningfully use" them. And the recently passed health reform legislation signals that the government plans to start basing provider payments on quality of care, safety, and efficiency, all of which will lead to further EHR usage.

The result will be a snowball effect. Private sector payers likely will follow the government's lead on payment reform, and groups that manage physician board certification and licensing now are considering making EHR use part of their requirements.

2. Provider Support: The federal government has awarded $700 million in contracts to establish regional centers to help small hospitals and physician practices select and implement EHRs. It's also providing $500 million to help states establish the health information exchanges needed to share patient data. These exchanges will need sources of ongoing funding. One possibility is charging hospitals transaction fees to use them.

3. Product Improvement: For small providers, it's neither practical nor cost effective for them to manage their own IT infrastructures. They're a receptive market for cloud-based EHRs and pay-per-use models that let them avoid the up-front capital costs.

In addition, sophisticated and intuitive user interfaces are a must. No physician wants to scroll through a list of 10,000 possible problems when working in an EHR. Products must be designed to "think like a doctor."

4. Privacy And Security: There are legitimate concerns here. Federal and state governments are enacting regulations that cover disclosure, encryption, audit trails, and authentication. Technologies are needed that support these requirements and don't unduly interfere with the delivery of patient care.

In years past, physicians and other healthcare professionals resisted IT. That era is behind us. Virtually everyone understands that EHRs are the future. Our ability to use technology to improve care will be enhanced considerably if we address these four areas.

John Glaser is CIO of Partners HealthCare. This month, he'll leave Partners to become CEO of Siemens Healthcare's Health Services business unit. He recently spent a year as an adviser to the national health IT coordinator, Dr. David Blumenthal.

• 0 comments »

A Verizon Wireless representative recently said that users of the Motorola Droid X are already consuming five times the amount of mobile data of other Verizon Wireless phones. But for how long?

Maybe the "X" in the Droid X's name means "times"? Speaking this week at the paidContent Mobile conference on Monday, Verizon business development executive director Jennifer Byrne noted that the Droid X is making its mark on the network. In its first week of availability, Verizon saw a five-fold increase in data use by Droid X owners when compared to other phones on its network.

Verizon Wireless saw a similar surge in mobile data use when it introduced the original Motorola Droid in November 2009. Droid X owners are likely filling their smartphones up with applications and content, hence the data surge. That 4.3-inch display begs for video content. Since the device records video at 720p, it's also not unreasonable to assume that Droid X users are uploading video to services such as YouTube. The data demand by Droid X users will likely abate over time.

Right now, Droid X, Droid Incredible and Droid owners don't have to worry about how much data they use, as Verizon Wireless offers its smartphone users unlimited (well, OK, 5GB) of data for $30 per month. That might be changing soon.

Engadget received a tip on July 20 that Verizon Wireless plans to move to tiered data pricing as soon as July 29. Verizon Wireless has already hinted more than once that it plans to move away from the unlimited data plans currently offered to smartphone subscribers, but it hasn't indicated when.

Most believe the switch to tiered data wouldn't take place until Verizon Wireless launches its Long Term Evolution network later this year. That 4G launch will represent and entirely new paradigm in mobile broadband, and Verizon will want to capitalize on it from the start. I fully expect tiered pricing to accompany whatever LTE devices are first available.

It would be an unwelcome surprise if Verizon Wireless does indeed switch to tiered data on July 29. That means anyone purchasing a smartphone after that date might be limited to plans similar to AT&T's, which cost $15 for 200MB, and $25 for 2GB.

The Droid 2, a sequel to the original Droid, is expected to launch in August with Android 2.2. It would be one of the first to suffer from tiered pricing if the July 29 date is accurate.

Verizon Wireless has not commented on this story.

By Eric Zeman
Read the Original Article at InformationWeek

• 0 comments »

At the Black Hat USA 2010 conference, July 24 - 29 in Las Vegas, mobile security won't just be over the air, it'll be in the air. Nowadays, said conference founder Jeff Moss, "it's all mobile all the time. It's like when they introduced Windows 7 or Windows XP -- it's all new. Everybody is trying to figure it out."

Rootkits used to get a lot of attention, but this year there was only one rootkit presentation submitted, Moss says. Of course, a range of security issues will be explored, such as timing attacks and smart grid vulnerabilities. But mobile security problems are seeing a surge of interest.

Moss says that app stores and the apps themselves are getting more scrutiny from security researchers. People are looking at what it takes to get malicious apps into app stores undetected.

Kevin Mahaffey and John Hering of Lookout Mobile Security will be delving into the security of mobile apps next Wednesday, July 28, in a presentation titled "App Attack: Surviving the Mobile Application Explosion."

Moss recommends a talk that explores the default permissions that apps have on mobile devices. "They allow you to do things you shouldn't do," he explained.

That presentation, "These Aren't the Permissions You're Looking For," also takes place on Wednesday afternoon.

Moss also suggests paying attention to a presentation being given on Wednesday morning that deals with GSM base-station and mobile phone base-band attacks. "These GSM base-band radios are in all the phones and it turns out that the firmware dealing with the radio stuff is not really designed for malicious attack," he said.

There's one mobile phone maker that has stronger radio security than its competitors, but Moss is leaving that revelation for the presenter of the GSM talk.

Perhaps the most highly anticipated talk deals with vulnerabilities in automatic teller machines. The presentation, titled "Jackpotting Automated Teller Machines Redux," is the result of work by Barnaby Jack, director of research at IOActive Labs.

"Everybody wants to see that one because they want to see why there was pressure last year to cancel it," said Moss. "Like this year, Jack announced that he was going to do this talk about ATMs and make all the money come out. A couple of ATM vendors got really nervous and started pressuring him and his employer, and the employer pulled the talk on him. So he then went and quit his employer and found a new one and is doing the talk this year."

Similar pressure this year led to the cancellation of a talk titled "The Chinese Cyber Army: An Archaeological Study from 2001 to 2010."

Moss said he was disappointed to learn about the cancellation of this presentation, which was supposed to reveal data about Chinese military involvement in cyber espionage. "I was really looking forward to it because they had real research and real numbers and real packet captures, nine years of log data," he said. "I thought it was really going to advance the state of the debate because it's not full of speculation."

Unfortunately, he said, "the Chinese government applied pressure to the Taiwanese government which applied pressure to the speakers. The Chinese don't like it when people suggest that they're breaking into [other people's computers]."

When Google said in January that it would no longer censor search results in China, the company attributed its change of policy to a sophisticated cyber attack from China. Some security researchers believe those who hacked Google's systems had ties to the Chinese military.

Conclusive evidence to that effect, if it exists, has not been made public and Chinese authorities have emphatically disputed such claims, as they have done in the past when similar allegations surfaced.

Black Hat USA 2010 begins with training sessions, which run from Saturday, July 24 through Tuesday, July 27. The presentations run from Wednesday, July 28 through Thursday, July 29.

Black Hat and InformationWeek are both properties of TechWeb.

By Thomas Claburn

Read the Original Article at InformationWeek

• 0 comments »

There are many variables to consider when contemplating internal or external cloud options.

While I'm not sure any core application could be sourced externally without segmentation -- which defeats the purpose of cloud computing -- there are a number of variables that insurers need to contemplate in the design of an internal cloud or for the use of external clouds. The internal or external cloud must possess the following components in order to function as desired:

1. Availability. The internal or external cloud must achieve a Data Center Tier 4 availability rating as specified by either the Uptime Institute or by TIA-942 standards.

2. Grid Computing. Clouds must possess automated workload distribution engines. Products such as Radware, Big Iron, IBM and Cisco must be dispersed throughout the data center in order to adequately manage physical layer distribution surges. These should optimize bandwidth, switching and routing.

3. Virtualization. Clouds must have Microsoft (Redmond, Wash.) Hyper-V, VMware (Palo Alto, Calif.) or Citrix (Ft. Lauderdale, Fla.) virtualization solutions. Insurers must contemplate paravirtualization or full virtualization in conjunction with the grid computing infrastructure in order to optimize server resources (blades/SAN) with the grid computing.

4. Provisos. Clouds must include hierarchical authority levels for creating and deleting services and applications, also known as provisioning and deprovisioning. This exists for the end users. Automated code promotion/demotion -- along with branching, merging, tagging and base trunks -- need to exist for developers.

5. Security. Insurers must make sure they know the answers to the following questions: Who owns the data? What will regulators say? What about discovery? How are credit card numbers, Social Security numbers and other sensitive data handled? Does the cloud comply with privacy laws? How does it handle Sarbanes-Oxley (SOX)? Ensure that you have documented answers on a federal, state and auditor level.

Read the Original Article at Insurance & Technology

• 0 comments »

Windows users can look forward to improved malware protection in Adobe's Reader software.
Continuing the security initiative launched last year to deal with rising attacks on its products, Adobe on Tuesday previewed forthcoming security technology in the next major release of its Reader software, which should debut before the end of the year.

Adobe Reader and Acrobat are widely installed applications for reading and creating PDF files. Because one or both are present on most personal computers, they've become targets for malware writers, along with Adobe's Flash software.

Adobe has struggled to keep up and the company's reputation has suffered. In March, security company F-Secure said that Acrobat/Reader was the most targeted application in 2009.

The security initiative that Adobe launched last year represents an attempt to turn things around.

As an example of what the company has been doing, Adobe in April introduced a new software updater that can be set to update Reader and other Adobe software automatically for Windows users (Mac OS requires a password for updates, so automatic updating isn't possible at the moment for Mac users).

Automatic updating is considered to promote better security than manual updating because it applies patches consistently.

Adobe's security rebound continues with the introduction of a sandboxing technology called Protected Mode in the next Reader release.

Brad Arkin, Adobe's senior director of product security and privacy, likens it to the Google Chrome sandbox and Microsoft Office 2010 Protected Viewing Mode.

"With Adobe Reader Protected Mode enabled (it will be by default), all operations required by Adobe Reader to display the PDF file to the user are run in a very restricted manner inside a confined environment, the 'sandbox,'" said Arkin in a blog post. "Should Adobe Reader need to perform an action that is not permitted in the sandboxed environment, such as writing to the user’s temporary folder or launching an attachment inside a PDF file using an external application (e.g. Microsoft Word), those requests are funneled through a 'broker process,' which has a strict set of policies for what is allowed and disallowed to prevent access to dangerous functionality."

Adobe's sandbox is Windows-only and will initially be limited to blocking write operations. Later iterations will block read-only activities, such as accessing sensitive information.

While past neglect of Mac development is believed to be one of the reasons that Apple CEO Steve Jobs has taken such a hard line against Adobe's Flash technology, Adobe's focus on Windows need not be taken as a slight. It could be said to be a vote of confidence in the security situation on other platforms. Adobe's rationale for coming to the defense of Windows is that Windows users face the most risk from malware.

"Today, Adobe Reader for Windows represents the overwhelming majority of Adobe Reader downloads," an Adobe spokesperson said in an e-mail. "Adobe is always carefully evaluating the threat landscape to determine the priorities and next steps in the security roadmap for our products."

By Thomas Claburn
Read the Original Article at InformationWeek

• 0 comments »

The zero-day vulnerability appears to be designed for industrial espionage.

Image Gallery: Windows 7 Revealed

Microsoft on Friday issued a Security Advisory stating that it is investigating limited attempts to exploit a vulnerability in the Windows Shell.

The zero-day vulnerability was disclosed last week by Belorussian antivirus company, VirusBlokAda. It takes advantage of Windows shortcut files by making them execute automatically when accessed from a USB drive via Windows Explorer.

The Stuxnet malware, which is believed to have been circulating for about a month, attempts to exploit this vulnerability.

Stuxnet "takes advantage of specially-crafted shortcut files (also known as .lnk files) placed on USB drives to automatically execute malware as soon as the .lnk file is read by the operating system," explains Microsoft on its Malware Protection Center blog. "In other words, simply browsing to the removable media drive using an application that displays shortcut icons (like Windows Explorer) runs the malware without any additional user interaction."

Microsoft says that Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008 are affected.

As workarounds to mitigate the risk of compromise, Microsoft is recommending that administrators disable the display of icons for shortcuts, and disable the WebClient service.

On Sunday, proof-of-concept exploit code was posted at exploit-db.com.

According to computer researcher Frank Boldewin, the malware also targets Siemens SCADA WinCC, an industrial process control system, and its visualization components.

This is precisely the sort of system that government critical infrastructure protection initiatives aim to secure.

The sophistication of the malware's creator is also evident in the code's apparent appropriation of a digital signature from a legitimate chip maker, Taiwan's RealTek Semiconductors, to help install malicious drivers.

By Thomas Claburn

Read the Original Article at InformationWeek

• 0 comments »

As the battle plays out for 4G global supremacy between Long-Term Evolution (LTE) and WiMax, another standard is emerging as a major challenger in China and beyond. Time Division-LTE (TD-LTE) is still well behind the other two standards in terms of deployment, but recent reports show that it is gaining ground.

Large-scale TD-LTE field trials in China will begin soon, according to Ericsson VP Ulf Ewaldsson. "The Ministry of Industry and Information Technology and China Mobile will start large-scale field tests in the fourth quarter of this year. Ericsson will also take part," he said.

The trials will be part of the second stage of testing for the country's TD-LTE network. Ewaldsson said that the first stage and some small-scale field tests were already completed.

The report follows the first-ever demonstration of a TD-LTE end-to-end solution earlier this week at a China Mobile event in Shanghai. Ericsson showcased the system, which used ST-Ericsson devices and showed fast mobile broadband applications, such as video on demand and live video streaming.

TD-LTE is a 4G wireless mobile network standard developed by China Mobile, China's largest telecom operator. It builds upon the company's TD-based 3G standard and is largely compatible with LTE, a competing 4G standard that is gaining a foothold in European and American markets.

TD-LTE's main advantage over LTE is that it uses cheaper radio spectrum. Meanwhile, WiMax towers can be upgraded for use by TD-LTE at a relatively low cost.

Some wireless operators have already begun making moves to build TD-LTE networks outside China. Qualcomm has purchased spectrum in India that it may use for a TD-LTE compliant network, and the Russian operator Yota has decided to launch TD-LTE in frequencies it had previously set aside for WiMax.

"We understand that there are at least 100 operators that are interested in the performance of TD-LTE. Among these operators, we see two major camps. One includes operators with LTE spectrum that are considering using spectrum that is idle. Another includes operators that originally were using WiMax but are considering switching to TD-LTE," Ewaldsson said.

By Mike Clendenin

Read the Original Article at InformationWeek

• 0 comments »

IBM has upgraded its Security Network Intrusion Prevention System line of appliances, which combine an intrusion prevention system (IPS) with web application firewall capabilities.

IBM said the new 4.1 firmware release for the appliance, automatically available to some customers with current maintenance contracts, offers more capabilities for securing data and web applications, including "client-side application protection, data security, web application protection and application control," as well as monitoring to detect confidential information that may be exiting the network.

The appliance will also works with IBM Rational AppScan, which can automatically generate custom security policies for the device, to help protect web applications against specific vulnerabilities identified by AppScan. IT managers also get a single interface for managing all of the security tools on the appliance.

Notably, the appliance also includes virtual patching technology, which can filter what goes into or comes out of an application, to block against known attacks. The capability can be a boon to IT managers, because it helps free them from having to immediately patch against every newly discovered vulnerability, at least right away.

Equally, they can rapidly protect systems for which a vulnerability has been discovered, and which is being exploited by attackers, but for which no patch exists. For example, according to the IBM X-Force Trend and Risk Report for 2009, 52% of vulnerabilities reported last year still had no vendor-supplied patch by the year's end.

Numerous vendors, including IBM, augment their virtual patching technology with update services that proactively provide virtual patches against newly discovered threats that may have not yet been disclosed publicly. For example, IBM said that in 2009, for the top 61 security threats of the year, its researchers created and released working virtual patches, on average, "340 days before the vulnerability was publicly disclosed." According to IBM Managed Security Services, the typical corporate IT infrastructure sees about 60,000 attacks per day, ranging from targeted attacks and intrusion attempts to worms to phishing attacks. Given that volume of attacks, "effective threat and vulnerability management needs to focus on preventing problems, not responding to them," said Steve Robinson, general manager of IBM Security Solutions, in a statement.

By Mathew J. Schwartz

Read the Original Article at InformationWeek

• 0 comments »

The investigation into Gizmodo's acquisition and publication of iPhone 4 details in April will continue without editor Jason Chen's computers.

Image Gallery: Apple iPhone 4, A True Teardown
(click for larger image and for full photo gallery)

Gizmodo editor Jason Chen, who acquired an Apple iPhone 4 prototype and published details of the phone prior to its release, will be getting his computer equipment back.

Chen's computers, hard drives, and other electronics were seized on behalf of the San Mateo, Calif., District Attorney's Office in April as part of an investigation into circumstances of the iPhone 4 prototype's disappearance and subsequent acquisition by Gizmodo.

The seizure was controversial both because it raised questions about the rights of journalists to protect their sources amid a related criminal investigation and because the group conducting the seizure, the Rapid Enforcement Allied Computer Team (REACT), has an advisor on its steering committee from Apple.

The investigation remains underway. Neither Gawker Media nor the San Mateo District Attorney's Office responded to requests for comment on the status of the investigation.

On Friday, the San Mateo District Attorney's Office asked the judge overseeing investigation to withdraw the warrant it had previously requested.

As a consequence, Chen's possessions will be returned.

The Electronic Frontier Foundation, which opposed the warrant as violation of the California Penal Code, hailed the warrant's withdrawal.

"As EFF repeatedly noted at the time, the warrant-backed search of Chen's home was illegal as it violated California Penal Code section 1524(g)'s prohibition against the issuance of warrants for 'unpublished information obtained or prepared in gathering, receiving or processing of information for communication to the public,'" the cyber-rights group said.

According to The Wall Street Journal, Gawker Media has agreed to cooperate with investigators.

By Thomas Claburn

Read the Original Article at InformationWeek

• 0 comments »