Tag Archive for 2015

| November 17, 2015
Comments Off on Sun Setting on Cat 5e

Sun Setting on Cat 5e

Sun Setting on Cat 5eThe sun is setting on the Cat 5e cabling standard. The long-standing standard defined how most commercial spaces around the world were cabled for nearly 20 years. Starting in 2017 Cat 5e will be considered obsolete for new installations following a decision by the ISO/IEC cabling standards body.

recommendation for Category 6AIn a recent blog post at CommScope (COMM), the ISO cabling standards body JTC1/SC25 WG3 working group agreed to raise the minimum horizontal cabling requirement. The new standard is stated in ISO/IEC 11801-2. Office space requirements change from Class D (Category 5e) to Class E (Category 6). It includes a recommendation for Class EA (Category 6A). Cat 6A will enable a smooth migration to 2.5, 5, and ultimately 10 gigabits per second (Gbps). In the drafts of 11801-5 (data centers) and 11801-6 (distributed services), the minimum requirement is already Class EA cabling.

Ethernet and IP communications everywhere

The original ISO/IEC 11801 standard enabled the explosive growth and mass deployment of Ethernet and IP communications everywhere. In its first edition, the author says the standard defined Class D balanced cabling based on Category 5 copper components. This standard offered an upgrade path from 10 to 100 megabits per second (Mbps) up to 100 meters. At that time, some experts and industry observers argued that 100 Mbps (100BASE-T) to the desk was overkill for the typical office user.

handful of cablesToday, 100BASE-T technology is in a rapid market decline. 100BASE-T is being replaced with 1000BASE-T (1 Gbps) according to the article. 1000BASE-T is commonplace for desktop and laptop PCs. It also benefits a wide range of other devices such as phones, cameras, and wireless access points (WAPs).

The 11801 standard now includes more cabling classes that were introduced to enable support of up to 10 Gbps. The new classes include Class E (Category 6), Class F (Category 7). Even more recently, Class EA (Category 6A) and Class FA (Category 7A).

Technology trends

According to the CommScope blog, a number of technology trends made ISO choose to upgrade the minimum recommendation for horizontal cabling in offices. Some of the trends recognized by the committee that are driving the adoption of speeds beyond one Captain Ethernetgigabit on the horizontal cabling include:

The rapid growth of BYOD is driving infrastructure upgrades to accommodate IEEE 802.11ac. As I have covered before, new IEEE specifications are being developed to accommodate 802.11ac wireless. 2.5GBASE-T is targeted at installed Class D cabling and 5GBASE-T is targeted at installed Class E cabling. It is expected that a sizable percentage of the installed base will be able to support the faster speeds, however, some installed Class D and Class E systems may require some mitigation steps.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , ,
| November 11, 2015
Comments Off on A New Cure for Passwords

A New Cure for Passwords

A New Cure for PasswordsRegular readers of Bach Seat know that passwords suck. The better a password is, the harder it is to remember. So most people just end up choosing passwords they think are safe, but are pretty bad (rb- I have covered crappy passwords many times). University of Southern California researchers Marjan Ghazvininejad and Kevin Knight, have come up with a new solution that they believe solves the crappy password problem.

unique solution for creating passwordsThe USC researchers’ paper “How to Memorize a Random 60-Bit String” (PDF) presents a unique solution for creating passwords that are hard to crack and relatively easy to remember: randomly generated poems.

The researchers believe that the most secure and memorable method for creating a strong password is a short rhyming poem of random words. The Washington Post explains that, even if you pick a fairly uncommon word, like “Troubadour,” and replace some of the letters with other symbols, this combination might only take a computer seconds, minutes, or hours to guess.

short rhyming poem of random words as a passwordThe idea of a short rhyming poem of random words as a password might seem a little odd, but they’re actually very, very secure according to USC’s Knight. At current speeds, he estimates that cracking these rhyming poems of random words passwords would take around 5 million years. By which point, we probably won’t be using Facebook anymore.

As part of their research, the USC team created their poems by assigning every word in a 327,868-word dictionary a distinct code. The article explains they then use a computer program to generate a very long random number, like
110111000111100100100010100010101100001100010000010010100100, and break that number up into pieces, and then translate those pieces into two short phrases of four or five words. The computer program they use ensures that the two lines end in words that rhyme and that the phrase is in iambic tetrameter, like so:

A techno salmon Benedict
Even Shakespeare had problmes with laptopsperforming under derelict

or:

The baby understand curtailed
a wooden synagogue prevailed

or:

The Oracle email update
equipment pinning demonstrate

rb-

While seemingly nonsensical quips like 

Whereas Chanel control McQueen
accusing glamour magazine

don’t make a lot of sense to 21st-century humans, we should be able to recall 7 or 8 words to better protect our personal information.  The oral record is how most information passed from human to human for generations before Guttenberg. Someone told you something and you remembered it. There are a number of oral traditions that have lasted in one form or another into the 21st century. 

One big problem with the rhyming poem of random words idea is the webserver operating systems. There are a number of web servers out there that cannot take passwords longer than 12 characters. Hey, webmasters wake upUpdate your operating systems.

The researchers have set up an online generator for these poem/password, which you can try here or you can enter your e-mail here, and their program will send you a poetic password.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , ,
| October 30, 2015
Comments Off on Tech Titans Dodge Taxes

Tech Titans Dodge Taxes

Tech Titans Dodge TaxesA recent report by the Center for Tax Justice (CTJ) on the use of tax havens in 2014, identified the 500 largest American companies hold more than $2.1 trillion in accumulated profits overseas to avoid U.S. taxes. The report found that one-quarter of that amount (549.7 billion) is hoarded abroad by ten tech companies alone, as the chart from Statista illustrates.

Greedy AppleAmong the tech titans hoarding cash, Apple (AAPL) has parked the largest amount of cash outside the United States. The article notes that the iPhone maker has stashed a whopping $181 billion overseas. That is almost twice as much as second-ranked Microsoft (MSFT) ($108.3b) and roughly three times the total of IBM (IBM), which ranks third in the tech-list with foreign cash holdings of $61.4 billion. Cisco (CSCO), ranked fourth, stands out with as many as 59 tax haven subsidiaries.

The top twenty tech firms in the order of the amount of money hoarded overseas in 2014 to cheat the taxman in 2014:

  1. BillionairesApple
  2. Microsoft
  3. IBM
  4. Cisco
  5. Google (GOOG) $47,400 millions
  6. HP (HPQ) $42,900 millions
  7. Oracle (ORCL) $38,000 millions
  8. Qualcomm (QCOM) $25,700 millions
  9. Intel (INTC) $23,300 millions
  10. EMC (EMC) $11,800 millions
  11. Western Digital (WDC) $9,400 millions
  12. Xerox (XRX) $8,500 millions
  13. Ebay  (EBAY) $7,900 millions
  14. Cognizant Technology (CTSH) $6,121 millions
  15. Agilent Technologies (A) $5,700 millions
  16. Micron Technology (MU) $4,910 millions
  17. Broadcom (BRCM) $4,850 millions
  18. Symantec (SYMC) $3,600 millions
  19. Computer Sciences (CSC) $2,552
  20. Amazon (AMZN) $2,500 millions

Statista notes that the study found the number of tax haven subsidiaries is not directly connected to the amount of taxes dodged by a company. On the contrary, some companies now report fewer subsidiaries in tax haven countries than they did in 2008 while reporting significant increases in the amount of cash they hold abroad.Center for Tax Justice graphic

The study offers two possible explanations for this occurrence: First of all, some companies may choose not to report all of their subsidiaries because the SEC’s penalties for failing to do so are pretty lax and secondly companies could simply consolidate more income in fewer offshore subsidiaries, often in structures dubbed “Double Irish”.

Infographic: U.S. Tech Companies Hoard Billions in Offshore Tax Havens | Statista

This chart shows how much money U.S. tech companies hold in offshore subsidiaries to avoid U.S. taxes.

You will find more statistics at Statista

The CTJ claims U.S.-based multinational corporations are allowed to play by a different set of rules than small and domestic businesses or individuals when it comes to the tax code. Rather than paying their fair share, many multinational corporations like Apple, Cisco, Google, and Intel use accounting tricks to pretend for tax purposes that a substantial part of their profits are generated in offshore tax havens, countries with minimal or no taxes where a company’s presence may be as little as a mailbox. Multinational corporations’ use of tax havens allows them to avoid an estimated $90 billion in federal income taxes each year.

Uncle Sam in redtapeCongress, by failing to take action to end to this tax avoidance, forces ordinary Americans to make up the difference. Every dollar in taxes that corporations avoid by using tax havens must be balanced by higher taxes on individuals, cuts to public investments and public services, or increased federal debt.

The CTJ recommends the following steps to stop the abuse of offshore tax havens by the tech titans and restore fairness to the US tax system and reduce pressure on America’s budget deficit and improve the functioning of markets.

End incentives to shift profits and jobs offshore. The most comprehensive solution to ending tax haven abuse would be to stop permitting U.S. multinational corporations to indefinitely defer paying U.S. taxes on profits they attribute to their foreign subsidiaries. Ending “deferral” could raise nearly $900 billion over ten years, according to the report.

Reject the Creation of New Loopholes. Reject a “territorial” tax system. The CTJ estimates that switching to a territorial tax system could add almost $300 billion to the deficit over ten years.

Close the most egregious offshore loopholes. Policymakers can take some basic common-sense steps to curtail some of the most obvious and brazen ways that some companies abuse offshore tax-havens. Close the inversion loophole by treating an entity that results from a U.S.-foreign merger as an American corporation if the majority (as opposed to 80 percent) of voting stock is held by shareholders of the former American corporation. These companies should be treated as U.S. companies if they are managed and controlled in the U.S. and have significant business activities in the U.S.

Patent trollStop companies from shifting intellectual property (e.g. patents, trademarks, licenses) to shell companies in tax haven countries and then paying inflated fees to use them. This common practice allows companies to legally book profits that were earned in the U.S. to the tax haven subsidiary owning the patent. Limited reforms proposed by President Obama could save taxpayers $21.3 billion over ten years.

Stop companies from deducting interest expenses paid to their own offshore affiliates, which put off paying taxes on that income. This reform would save $51.4 billion over ten years, according to the CTJ.

Increase transparency. Require full and honest reporting to expose tax haven abuses. Multinational corporations should report their profits on a country-by-country basis so they can’t mislead each nation about the share of their income that was taxed in the other countries.

Michigan-based companies dodging the taxman in 2014 have hoarded almost $55 Billion according to the CTJ. With just a 1% tax on the withheld income, we could probably get the roads fixed. On the list ranked by millions held off-shore by Michigan based firms according to the CTJ are:

  1. Dow Chemical $18,037 millions
  2. General Motors $7,100 millions
  3. Stryker $5,878 millions
  4. Whirlpool $4,900 millions
  5. Ford $4,300 millions
  6. Autoliv $4,000 millions
  7. TRW Automotive $3,400 millions
  8. BorgWarner $2,700 millions
  9. Kellogg $2,200 millions
  10. Lear $1,200 millions
  11. Penske $711 millions
  12. Visteon $245 millions
  13. Kelley Services $111 millions
  14. Conway $32 millions
  15. Masco $12 millions
Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| October 27, 2015
Comments Off on Online Security in Era of Connected Cars

Online Security in Era of Connected Cars

Online Security in Era of Connected CarsKarl-Thomas Neumann, CEO of General Motors (GM) European Opel brand announced that GM would launch OnStar telematics service in vehicles sold in Europe in late 2015. The Opel CEO declared the new technology, “transforms the car into a true part of the Internet of things.” The Detroit Bureau says it raises some of the same concerns consumers face on the Internet, including how to protect their privacy in highly connected cars.

App controlled carEven though a growing number of consumers have embraced the idea of having mobile access to smartphone apps, built-in Wi-Fi, and the safety and security promised by systems like OnStar issues loom that consumers, manufacturers, and regulators need to address. At the 2014 Consumer Electronics Show, Jim Farley,  then the top marketing executive at Ford Motor Company (F),  told an audience that the automaker “know(s) everyone who breaks the law, we know when you’re doing it,” thanks to the data collected by its OnBoard Sync technology system.

Despite a quick backtrack by Mr. Farley, the article says he was being truthful. The fact is, the onboard black boxes in most cars are now equipped with two-way capabilities. Privacy has become “a big issue,” according to Jon Allen, a principal with consulting firm Booz Allen Hamilton who focuses on security issues. Precisely what makes such technology so compelling is why it is also so worrisome. Mr. Allen told The Detroit Bureau,

Connected products provide customization and convenience because of the data they track. Part of the great opportunity to improve the customer experience is producing a vehicle that ‘learns’ your habits and preferences. But that information must be protected.

Data privacyThe EU takes privacy seriously and these types of tracking technology have drawn the attention of regulators in Europe and to a lesser extent, in the U.S. The article describes a measure of just how strongly Europeans feel about the issue that came during Opel chief Neumann’s news conference. Unlike the U.S. version of OnStar, the European system will include a “Privacy” button to let a user “choose whether they want to provide location information or not.”

That choice would only be over-ridden after a crash severe enough to trigger OnStar’s emergency call system, CEO Neumann explained. It’s designed to call rescue crews in the event of an accident severe enough passengers might be disabled.

Don't panicThere have been experiments with marketing that could target motorists much as Google today can toss ads at a web viewer based on information revealed by hidden “cookies.” Imagine, they suggest, being able to send a McDonald’s ad and virtual coupon to a car driving near one of its restaurants around lunchtime.

While some drivers might embrace that possibility, others are appalled. The Detroit Bureau reports the potential to reveal more detailed personal information, as well as allowing a vehicle to be tracked, is raising flags on both sides of the Atlantic.

Digtal trackingIn the U.S., an auto industry alliance recently agreed on an approach called “Privacy Principles for Vehicle Technologies and Services.” (rb- Which I covered here) Meanwhile, both the U.S. Federal Trade Commission and the National Highway Traffic Safety Administration are exploring the issues – though in some cases, they are actually encouraging greater access, noted analyst Allen.

The issue is further complicated by the threat of cyber-criminals exploiting vulnerabilities in-vehicle communications systems.

rb-

I first covered this threat in 2011 here and here. And the theoretical became real in 2015 when researchers demonstrated they could use online systems to take over a Jeep Grand Cherokee.

The threat to personal freedom and privacy in your car has accelerated as Apple (AAPL) and Google (GOOG) join Microsoft (MSFT) in the battle to rule the car. Apple’s automotive ambition does not stop at CarPlay, they are also focused on developing an iCar. Google’s Autonomous Cars ambitions are well known, but their efforts to take over the car cockpit are also taking off with Android Auto.

The government is contributing to the connected car conundrum. The Feds are abetting the Autos by trying to prevent security researchers from doing testing and reverse engineering that could improve security and safety for all of us according to Naked Security.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Cars | Tags: , , , , , , , , , , , , , , , , , , ,
| October 6, 2015
Comments Off on Online Dangerous Celebrities 2015

Online Dangerous Celebrities 2015

Online Dangerous Celebrities 2015It that time of year again! McAfee Intel Security has named the most dangerous celebrities on the Intertubes. And I have no idea who Electronic Dance Music (EDM) DJ Armin van Buuren is. Despite that, he is Intel’s most dangerous web celeb. To regain my street creds – I have been gone to DEMF –YO PEACE OUT. The EDM DJ replaces talk show host Jimmy Kimmel as Intel Security’s most dangerous celebrity to search for online.

For the ninth year in a row, The Intel Security Most Dangerous Celebrities™ study revealed that searches for certain musicians and comedians tend to expose Internet searchers to more possible viruses and malware.

The presser from Intel (INTC) Security warns that cybercriminals are always looking for ways to take advantage of consumer interest around popular culture events including award shows, TV shows, and movie premieres, album releases, celebrity breakups, and more. They capitalize on this interest by enticing unsuspecting consumers to sites laden with malware, which enables them to steal passwords and personal information.

Stacey Conner, online safety expert at Intel Security says that trying to download or listen to free music can be especially risky.

Celebrity names combined with the terms ‘free MP4, ‘HD downloads,’ or ‘torrent’ are some of the most searched terms on the Web … When consumers search for music that is not made available through legitimate channels, they put both their digital lives and devices at risk.

Top 10 risky celebrities

The top 10 celebrities from the 9th annual Intel Security Most Dangerous Celebrities™ study with the highest risk percentages are:

  1. Armin van BuurenBetty White one 2015s most dangerous celebs online
  2. Luke Bryan
  3. Usher
  4. Britney Spears
  5. Jay Z
  6. Katy Perry
  7. Amy Schumer
  8. Betty White
  9. Lorde
  10. Nina Dobrev

Musicians are 7 of the top 10 riskiest online celebrities (and good click-bait). Other risky artists in the top 20 are:
Justin Bieber (No. 11),
Rihanna (No. 12),
Jennifer Lopez and Kenny Chesney (tied at No. 13),
Selena Gomez (No. 14),
Zendaya (No. 15),
Kanye West (No. 16),
Afrojack and Miley Cyrus (tied at No. 19), and
Nick Jonas (No. 20).

Other celebrities who round out the 20
Sandar Bullock one 2015s most dangerous celebs onlineriskiest online celebrities.
Antonio Banderas (No. 14),
Nicole Kidman (No. 15),
Zac Efron (No. 17),
Natalie Portman (No. 18),
Paul Wesley (No. 18)
Sandra Bullock (No. 19),
Jennifer Lawrence (No. 20),

Riskiest celebrities around the world

Better Protect Yourself

While doing your star-struck surfing, Intel Security offers some suggestions on How You Can Better Protect Yourself:

  • Katie Perry one 2015s most dangerous celebs onlineBeware of clicking on third-party links. You should access content directly from the official websites of content providers. For example, visit reputable site ComedyCentral.com to find Amy Schumer’s latest episodes.
  • Use web protection that will tell you of risky sites or links before you visit them and it’s too late. Stick to official news sites for breaking news.
  • Only download videos from well-known, legitimate sites. Most news clips you’d want to see can easily be found on official video sites and don’t require you to download anything.
  • Use caution when searching for “HD downloads.” This term is by far the highest virus-prone search term. Consumers searching for videos or files to download should be careful not to unleash unsafe content such as malware onto their computers.
  • Always use password protection on all mobile devices. If you don’t and your phone is lost or stolen, anyone who picks up the device could have access to your personal information online.
  • Don’t “log in” or give other information. If you receive a message, text, or email or visit a third-party website that asks for your information — including your credit card, email, home address, Facebook login — to grant access to an exclusive story, don’t give it out. Such requests are a common tactic for phishing that could lead to identity theft.
  • Search online using a tool, such as McAfee® WebAdvisor software, which protects users from malicious websites and browser exploits.

rb-

Maybe I’m just being grumpy, but McAfee has done this for 9 years and people are still falling for this online celebrity malware staff – sigh – They were right – One born every day.

 

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , , , , ,
« Older Entries   Recent Entries »