Tag Archive for Cisco

| February 9, 2016
Comments Off on Trivial Taxes for Tech Titans

Trivial Taxes for Tech Titans

Trivial Taxes for Tech TitansJust in time for the start of the U.S. tax season, reports have surfaced that should piss off most tax-paying Americans. The Business Insider is reporting that most of the American tech giants, like Apple, Google and Microsoft are not paying their share of taxes.

the effective tax rate paid by US tech titans is well below the average rate paid by the 100 biggest S&P companies

The U.S. corporate tax rate is about 35%, but according to an analysis by financial research website WalletHub and charted by Statista, the effective tax rate paid by U.S. tech companies, like Apple (AAPL), Microsoft (MSFT), and Google (GOOG), was well below the 28.6% average rate paid by the 100 biggest S&P companies.

Facebook (FB) was the exception with an effective tax rate of 41%, but the social networking company has paid a higher rate in past years and recouped some of the money in tax deductions, according to Quartz.

Infographic: How Much U.S. Tech Companies Pay in Taxes | Statista

One way these tech giants are lowering their tax bills is by stashing most of their profits overseas, where lower international tax rates apply. Despite claims by Apple CEO Tim Cook, that Apple pays all of its taxes, Apple, for example, keeps most of its cash offshore, and openly says it’s keeping it overseas to avoid their U.S. corporate tax bills.

Tax dodgerThe New York Times recently reported that Apple made a deal with Italian tax authorities over a dispute about how much tax the iPad maker should have paid Italy. A spokesman for Italy’s tax authority declined to comment to the NYT on the amount of owed taxes but the BBC reports that the figure is €318m ($348m).

The investigation found that since 2013, Apple had moved roughly $1.1 billion in revenue from its Italian operations through an Irish subsidiary to lower the taxes that the company was obliged to pay under the 27.5% corporate income tax rate in Italy.

The NYT says Ireland’s corporate tax rate, at 12.5%, is one of the lowest in the Western world, compared with 35%, before deductions, in the United States. Of course, Irish officials deny that the low-tax structure represents unfair competition.

rb-

The Tech Titans have long lusted after a tax cut. I cover the 2011 meeting where Tech giants Facebook, Mark Zuckerberg, Apple, Steve Jobs, Yahoo, Cisco (CSCO), Twitter (TWTR), Oracle (ORCL), Netflix, Google, and venture capitalists lobbied Obama for a tax cut on $1 trillion of profits they’ve stashed overseas.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , ,
| December 7, 2015
Comments Off on Let’s Encrypt Lives

Let’s Encrypt Lives

Let's Encrypt LivesLet’s Encrypt, an initiative to set up a free certificate authority (CA) on the Intertubes has entered its public beta phase. All major browser makers including Google Chrome, Mozilla Firefox, and Microsoft Internet Explorer trust Let’s Encrypt certificates. In their announcement Josh Aas, the executive director of California based Internet Security Research Group (ISRG), which runs the Let’s Encrypt service, wrote:

We’re happy to announce that Let’s Encrypt has entered Public Beta. Invitations are no longer needed in order to get free certificates from Let’s Encrypt … We want to see HTTPS become the default. Let’s Encrypt was built to enable that by making it as easy as possible to get and manage certificates.

Encryption to protect communications

Lets Encrypt logoLet’s Encrypt is overseen by folks from Mozilla, Akamai (AKAM), Cisco (CSCO), Stanford Law School, CoreOS, the EFF, and others. Let’s Encrypt was first announced in 2014, (rb- Which I covered here). motivated by a desire to steer organizations towards the use of encryption to protect their communications. A key part of the strategy is offering free digital certificates, which is a radical departure from the very hefty premiums that certificate authorities typically charge.

The Register reports that the free cert is no freebie weakling. Lets Encrypt uses a 2048-bit RSA TLS 1.2 certificate with a SHA-256 signature installed and the server configured to use it. The cert gets an A from Qualys SSL Labs.

Let’s Encrypt to offer free SSL/TLS certs

Secure Socket Layer/Transport Layer Security certificatesLet’s Encrypt plans to distribute free SSL/TLS (Secure Socket Layer/Transport Layer Security) certificates, which encrypt data passed between a website and users. The use of SSL/TLS is signified in most browsers by “HTTPS” and a padlock appearing in the URL bar. Unencrypted web traffic poses a security risk. For example, an attacker could collect the web traffic of someone using a public Wi-Fi hotspot, potentially revealing sensitive data.

Besides securing your information going across the Internet from spies and thieves, FierceSecurityIT says another key aspect of Let’s Encrypt is to make it easy to generate and install new digital certificates. The Let’s Encrypt CA uses an open source “automated issuance and renewal protocol” that allows for certificates to be renewed without manual intervention.

automated issuance and renewalThe automated issuance and renewal protocol prevents oversights resulting in certificates for live websites expiring, a situation that does happen from time to time. FierceSecurityIT says that short-term certificates also offer better security by reducing exposure in the event that the private keys are stolen.

rb-

Major technology companies including Google, Yahoo and Facebook have made a strong push for broader use of encryption in light of government surveillance programs and burgeoning cyber-crime.

The point of Let’s Encrypt is that anyone who owns a domain name can use Let’s Encrypt to get a trusted certificate at no cost. This will help HTTPS become the default. This is a big step forward in terms of security and privacy.

Instructions for getting a certificate with the Let’s Encrypt client can be found here.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , ,
| November 20, 2015
Comments Off on Shadiest Neighborhoods on the Web

Shadiest Neighborhoods on the Web

The Internet is organized into domains. Readers of Bach Seat are familiar with the .net domain since you got here. You are also probably familiar with other web neighborhoods like .com where Facebook and Google live. The folks in charge of the Intertubes have added more neighborhoods or technically Top Level Domains (TLD), and now we have over 1,000 TLDs, many of which have only been around for the past two years.

This rapid growth raises questions about how well those in charge of these new TLD’s secure their neighborhood against malware and other threats. CSO Online explains that just like any city, the Web has neighborhoods where dubious activities often take place: spam, scams, the distribution of potentially unwanted software (PUS), malware, botnets, phishing, and other suspicious activity.

Web security and WAN optimization firm Blue Coat Systems (BCSI) regularly analyzes hundreds of millions of Web requests from more than 15,000 businesses and 75 million users to track “shady activity” on the Web. In September, it released Do Not Enter: Blue Coat Research Maps the Web’s Shadiest Neighborhoods (PDF), with a list of the 10 top-level domains (TLDs) on the Web that are home to shady sites.

Blocking traffic to the riskiest TLDsBlue Coat recommends that organizations take steps to protect themselves, including blocking traffic to the riskiest TLDs and cautioning users to be careful clicking on any links that contain these TLDs. It further suggests that users who are unsure of a source hover their mouse over a link to help verify that it leads to the address displayed in the text of the link, or “press and hold” links on a mobile device to do the same verification

Blue Coat’s list of TLDs most associated with shady sites is constantly in flux but here is their September list.

  • .review – The .review TLD is shady mostly due to scam sites, Blue Coat’s Larsen says. “Just looking at the list of domain names, I would say all of the top 15 are scam sites,” he adds, “.review does not seem to be making any effort whatsoever to keep the bad guys out.”

How to read a URL

  • .country – The security firm says the .country TLD appears to have been colonized by scam networks that like to use a game/survey “reward” or “prize” as bait. Blue Coat’s Larsen told CSO there is a strong connection between some of the supporting ad networks on and known PUS networks (adware and spyware). Mr. Larson says, “So if you’d like to block that entire TLD on your Web gateway, I wouldn’t blame you.
  • Faux-lebrity.kim – The .kim TLD hosts some legitimate domains, most notably a Korean tech blog and several Turkish sites. According to Blue Coat, the TLD earned its shady online reputation due to the presence of scam networks linked to PUS, malware, and at least one domain that hosts a domain generation algorithm (DGA) used to pump out domain names that can be used with malware according to the blog.
  • .cricket – Named for the world’s second-most popular sport, the .cricket TLD is another shady neighborhood on the Web. The author notes that while home to some legitimate sites, researcher Larsen points to many instances of search engine poisoning. For instance, StarWarsMovie.cricket pulls lots of random Star Wars items into one place to get traffic — including images clearly lifted from other places.
  • .science – The .science TLD may be a victim of its own marketing. In trying to raise the TLD’s profile, the registry gave away free .science domains and became one of the shadiest TLD’s on the web. Blue Coat’s Larsen described their downfall in the CSO article. “Generally they tend to run into trouble when they run promotions for bulk registrations for really low prices … If you can register a domain for a buck, generally there will be bad guys there registering domains.” He says the .science domains seem to be largely associated with spam, and scam sites. The shady activity included a sizable network of ebook sites, which led to a download network that’s been associated with PUS activity in the past.
  • .work – The .work TLD seems to be more about spam and scams than malware, though Larsen’s team did find a few tentative connections to PUS networks. There were some legitimate sites, though Larsen notes that they might be worth blocking as well. Examples include a Turkish porn site. 
  • .Party domainparty – Mr, Larson told CSO that a number of the sites on the .party TLD may seem legitimate. However, he warns, “There are some yellow flags.” of search engine poisoning. The TLD also hosts a number of MP3 sites — probably piracy or something malicious. There’s also a site that hosts what appears to be a shady tracker.
  • .gq – The .gq TLD is the country code for Equatorial Guinea which Blue Coat’s Larson notes is in many ways a lifetime achievement award winner. He says, “If we look at all of the .gq sites … nearly 99 percent are shady”. Most of the abuse of .gq noted by Blue Coat has been in the form of search engine poisoning and many cookie-cutter “shady video” sites associated with PUS. It also features some “shocking video” spam/scam sites that spread via social media and a smattering of malware, phishing, and porn sites.
  • Barrel full of monkeys.link – The .link TLD is rife with porn content delivery networks and piracy sites, neither of which is counted as “shady” by Blue Coat. There are apparently a handful of legit sites in .link but beyond these legitimate domains are a host of survey scam sites. “Historically, it’s been a place for spammers to live,” Larsen says.

Of course, there are well-run TLD’s. The best according to Blue Coat are:

Safe web neighborhoods

rb-

These TLD’s are why companies like BluseCoat, Websense, and OpenDNS are in business. (OK- Websense and OpenDNS are no longer stand-alone companies anymore. Websense was gobbled by defense contractor Raytheon and then spit out as ForcePoint and OpenDNS has been assimilated into Cisco (CSCO).

You can use these tools to just block almost anybody from going to these shady parts of the web for the reasons explained above.

Related articles

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , ,
| October 30, 2015
Comments Off on Tech Titans Dodge Taxes

Tech Titans Dodge Taxes

Tech Titans Dodge TaxesA recent report by the Center for Tax Justice (CTJ) on the use of tax havens in 2014, identified the 500 largest American companies hold more than $2.1 trillion in accumulated profits overseas to avoid U.S. taxes. The report found that one-quarter of that amount (549.7 billion) is hoarded abroad by ten tech companies alone, as the chart from Statista illustrates.

Greedy AppleAmong the tech titans hoarding cash, Apple (AAPL) has parked the largest amount of cash outside the United States. The article notes that the iPhone maker has stashed a whopping $181 billion overseas. That is almost twice as much as second-ranked Microsoft (MSFT) ($108.3b) and roughly three times the total of IBM (IBM), which ranks third in the tech-list with foreign cash holdings of $61.4 billion. Cisco (CSCO), ranked fourth, stands out with as many as 59 tax haven subsidiaries.

The top twenty tech firms in the order of the amount of money hoarded overseas in 2014 to cheat the taxman in 2014:

  1. BillionairesApple
  2. Microsoft
  3. IBM
  4. Cisco
  5. Google (GOOG) $47,400 millions
  6. HP (HPQ) $42,900 millions
  7. Oracle (ORCL) $38,000 millions
  8. Qualcomm (QCOM) $25,700 millions
  9. Intel (INTC) $23,300 millions
  10. EMC (EMC) $11,800 millions
  11. Western Digital (WDC) $9,400 millions
  12. Xerox (XRX) $8,500 millions
  13. Ebay  (EBAY) $7,900 millions
  14. Cognizant Technology (CTSH) $6,121 millions
  15. Agilent Technologies (A) $5,700 millions
  16. Micron Technology (MU) $4,910 millions
  17. Broadcom (BRCM) $4,850 millions
  18. Symantec (SYMC) $3,600 millions
  19. Computer Sciences (CSC) $2,552
  20. Amazon (AMZN) $2,500 millions

Statista notes that the study found the number of tax haven subsidiaries is not directly connected to the amount of taxes dodged by a company. On the contrary, some companies now report fewer subsidiaries in tax haven countries than they did in 2008 while reporting significant increases in the amount of cash they hold abroad.Center for Tax Justice graphic

The study offers two possible explanations for this occurrence: First of all, some companies may choose not to report all of their subsidiaries because the SEC’s penalties for failing to do so are pretty lax and secondly companies could simply consolidate more income in fewer offshore subsidiaries, often in structures dubbed “Double Irish”.

Infographic: U.S. Tech Companies Hoard Billions in Offshore Tax Havens | Statista

This chart shows how much money U.S. tech companies hold in offshore subsidiaries to avoid U.S. taxes.

You will find more statistics at Statista

The CTJ claims U.S.-based multinational corporations are allowed to play by a different set of rules than small and domestic businesses or individuals when it comes to the tax code. Rather than paying their fair share, many multinational corporations like Apple, Cisco, Google, and Intel use accounting tricks to pretend for tax purposes that a substantial part of their profits are generated in offshore tax havens, countries with minimal or no taxes where a company’s presence may be as little as a mailbox. Multinational corporations’ use of tax havens allows them to avoid an estimated $90 billion in federal income taxes each year.

Uncle Sam in redtapeCongress, by failing to take action to end to this tax avoidance, forces ordinary Americans to make up the difference. Every dollar in taxes that corporations avoid by using tax havens must be balanced by higher taxes on individuals, cuts to public investments and public services, or increased federal debt.

The CTJ recommends the following steps to stop the abuse of offshore tax havens by the tech titans and restore fairness to the US tax system and reduce pressure on America’s budget deficit and improve the functioning of markets.

End incentives to shift profits and jobs offshore. The most comprehensive solution to ending tax haven abuse would be to stop permitting U.S. multinational corporations to indefinitely defer paying U.S. taxes on profits they attribute to their foreign subsidiaries. Ending “deferral” could raise nearly $900 billion over ten years, according to the report.

Reject the Creation of New Loopholes. Reject a “territorial” tax system. The CTJ estimates that switching to a territorial tax system could add almost $300 billion to the deficit over ten years.

Close the most egregious offshore loopholes. Policymakers can take some basic common-sense steps to curtail some of the most obvious and brazen ways that some companies abuse offshore tax-havens. Close the inversion loophole by treating an entity that results from a U.S.-foreign merger as an American corporation if the majority (as opposed to 80 percent) of voting stock is held by shareholders of the former American corporation. These companies should be treated as U.S. companies if they are managed and controlled in the U.S. and have significant business activities in the U.S.

Patent trollStop companies from shifting intellectual property (e.g. patents, trademarks, licenses) to shell companies in tax haven countries and then paying inflated fees to use them. This common practice allows companies to legally book profits that were earned in the U.S. to the tax haven subsidiary owning the patent. Limited reforms proposed by President Obama could save taxpayers $21.3 billion over ten years.

Stop companies from deducting interest expenses paid to their own offshore affiliates, which put off paying taxes on that income. This reform would save $51.4 billion over ten years, according to the CTJ.

Increase transparency. Require full and honest reporting to expose tax haven abuses. Multinational corporations should report their profits on a country-by-country basis so they can’t mislead each nation about the share of their income that was taxed in the other countries.

Michigan-based companies dodging the taxman in 2014 have hoarded almost $55 Billion according to the CTJ. With just a 1% tax on the withheld income, we could probably get the roads fixed. On the list ranked by millions held off-shore by Michigan based firms according to the CTJ are:

  1. Dow Chemical $18,037 millions
  2. General Motors $7,100 millions
  3. Stryker $5,878 millions
  4. Whirlpool $4,900 millions
  5. Ford $4,300 millions
  6. Autoliv $4,000 millions
  7. TRW Automotive $3,400 millions
  8. BorgWarner $2,700 millions
  9. Kellogg $2,200 millions
  10. Lear $1,200 millions
  11. Penske $711 millions
  12. Visteon $245 millions
  13. Kelley Services $111 millions
  14. Conway $32 millions
  15. Masco $12 millions
Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| October 1, 2015
Comments Off on HPE Been Busy

HPE Been Busy

HPE Been BusyHP (HPQ) has been busy since it divorced itself and spawned HP Enterprise and HP Inc. There has been more enterprise activity in the past month than in the past years, as the spun-out HP Enterprise (HPE) side of the tech megalith tries to make a more relevant name for itself.

HPE layoffs

HP Enterprise logoFirst, Tim Stonesifer the CFO of the new HPE says that up to another 30,000 people will be laid off. The Business Insider reports these cuts will be focused on HP’s Enterprise Services Division, the consulting arm of the company.

During CEO Meg Whitman‘s tenure, HP has let go 85,000 workers with this latest round of layoffs. And they aren’t over yet claims CIO.com. Ms. Whitman and CFO Cathie Lesjak said that HP would lay off another 5% of staff.

Michigan lawsuit

State of Michigan is suing HPMore bad news as the State of Michigan announced it is suing HP. Michigan’s Secretary of State Ruth Johnson is charging HP with failing to deliver on a $49 million contract after 10 years, according to a press release from the state.

FierceCIO reports that the project was supposed to replace a legacy mainframe system that has run 131 Secretary of State offices. However, since 2005, and after $27.5 million was paid to the company, the state said that not a single promised function was delivered. In the press release she states:

 I inherited a stalled project when I came into office in 2011 and, despite our aggressive approach to hold HP accountable and ensure they delivered, they failed … We have no choice but to take HP to court to protect Michigan taxpayers.

MichiganThe state alleged that following a set of failed negotiations over the past few months, it rescinded its contract on Aug. 28 with a termination for cause letter. The article says the state argued, according to the terms of the contract, HP was supposed to provide support services for the state for some extended period of time. The state said that, instead, HP employees stopped reporting as of Aug. 31.

HP responded to a request for comment from FierceCIO with the following email statement: “It’s unfortunate that the state of Michigan chose to terminate the contract, but HP looks forward to a favorable resolution in court.

HPE 3PAR

On the product side, HPE has updated the software that runs all of its HP 3PAR StoreServ Storage products to boost the performance of its SAN and other storage products an HP presser announced.

HP 3Par logoOne of the changes to the HP 3PAR Operating System. HP has added a new feature in the HP 3PAR Priority Optimization software. Fierce Enterprise Communications reports that the software now enables users to set specific latency goals as low as 0.5 milliseconds in the hopes of ensuring consistent performance levels in multi-tenant environments. The intention is to boost the quality of service for improved application performance.

VMware support

For data protection, HPE also added support for VMware (VMW) vSphere 6.0 with VMware Virtual Volumes to StoreOnce Recovery Manager Central for VMware. The update also includes more granular recovery of individual virtual machines and files, simplifying data recovery.

VMWareWith these changes, another Fierce Enterprise Communications article observes that HP is getting cozier in its relationship with VMware as the company unveiled new consulting and support services for VMware’s NSX SDN product.

There’s actually a laundry list of new aspects of the two companies’ partnership, according to the article. The partnership includes a variety of HP services and products that tie into different VMware software-defined data center and end-user computing products, but the networking aspect comes in the form of HP Network Virtualization Services.

Consulting The consulting and support services will be available starting in January 2016. According to an HP announcement at VMworld, the services were “designed to transform and operate the network when combining physical and virtual network resources, functionality and management to ready a network for virtualized cloud, network functions virtualization or SDI.”

HP plans to implement a novel idea by putting consulting and support services under the HP Network Virtualization Services umbrella to provide a 24/7/365 single place to connect with networking, virtualization, and NSX experts in the hopes of quickly resolving issues.

Security changes

HP Fortify logoOn the security front, HP announced new enterprise security tools that can detect communications between malware and a remote server as well as uncover bugs in enterprise software using machine learning.

The first called HP DNS Malware Analytics, uses an algorithm to detect enterprise machines infected with malware by analyzing Domain Name System traffic between the devices and remote servers according to a FierceCIO article. A one-year subscription to HP DMA starts at $80,000 to analyze up to 5 million DNS packets per day. Frank Mong, vice president of solutions at HP Security, claims, “This solves the problem of finding an infected host that has been missed by anti-virus and endpoint security”.

HP also introduced HP Fortify scan analytics, machine-learning technology, as part of HP Fortify on Demand, which uses an enterprise’s app security data to improve the accuracy and efficiency of app security. This technology integrates into existing app security testing workflows, increasing the efficiency of the app security audit process and the relevancy of findings, HP explained.

rb-

Color me skeptical but I’m not sure that HP is the best horse for VMware to bet on in their battle with former partner Cisco (CSCO).

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , ,
« Older Entries   Recent Entries »