Tag Archive for Microsoft

| October 7, 2014
Comments Off on Patent Wars Are Pointless

Patent Wars Are Pointless

Patent Wars Are PointlessThe Business Insider has new data about the value of the patent wars. BI cites Florian Mueller, the founder of the FOSS Patents blog. He says patent litigation is a waste of resources. His research found that the patent wars cost companies millions of dollars in time and lawyer fees. Mr. Mueller analyzed 222 Android smartphone patent assertions. He found that 90% of those cases have gone absolutely nowhere.

Patent trollAccording to BI Intelligence, Mr. Mueller’s data says that 49% of the assertions have failed thus far. Another 42% of assertions were dropped without a comprehensive settlement or a “comparably negative fate.” It turns out that only 9% of the patent assertions were able to establish liability. Even in that small sample, only 50% of those cases resulted in “lasting injunctive relief.” Mr. Mueller says that number would be even smaller if “the patents underlying Nokia’s German injunctions against HTC (2498) had come to judgment in the Federal Patent Court.”

Business Insier chart

In other words, based on patent cases brought to court by Apple (AAPL), Google (GOOG), Samsung (005930), Microsoft (MSFT), Nokia (NOK), Motorola (MSI), and a host of others, litigation is, more often than not, a serious waste of time and money for all parties involved.

 rb-

Back in 2012 Boston University estimated that patent shenanigans have cost the US economy $29 Billion annually, now there is evidence it is a total waste of time and money and only funds the lawyers.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , ,
| September 16, 2014
Comments Off on Cloud Storage, Back-Up Bust

Cloud Storage, Back-Up Bust

Cloud Storage, Back-Up BustIt is heady times fans of cloud storage these days. In case you haven’t been paying attention, the cloud file storage corner of the IT universe has heated up for the past couple of months. Dropbox, Microsoft (MSFT), Google (GOOG) and Apple (AAPL) have been leapfrogging each other in an apparent effort to buy mind-share.

Dropbox recently announced that its Dropbox Pro plan will now offer 1TB of capacity for $9.99 a month, or $99 for a full-year subscription. Paul Mah at FierceCIO says this is a significant reduction, especially when recent monthly Dropbox Pro storage prices were:

  • Dropbox logo$9.99 for 100GB,
  • $19.99 for 200GB, and
  • $49.99 for 500GB of storage.

Mr. Mah, says the latest move by Dropbox allows them to stay on par with the latest price cuts from Apple iCloud in September, Google Drive in June, and Microsoft OneDrive in May.

In September Apple updated its porous iCloud storage plans. CNET says the basic 5 gigabytes of storage remains free, though prices for paid tiers were significantly reduced and larger storage options were made available. CNET says the new monthly iCloud storage costs are:

  • Free for 5GB,
  • $0.99 for 20GB,
  • $3.99 for 200GB,
  • $9.99 for 500GB and
  • $19.99 1TB

Previously, 10GB of storage would have cost $20 per year, 20GB for $40 per year, and 50GB for $100 per year.

At Microsoft, the cloud-based file storage game also changed. According to Redmond Magazine, the improvements include a new file load limit (10GB max), an easier way to share links to OneDrive folders, and support for folder drag-and-drop operations using the Google Chrome browser. Microsoft is also working on speeding up the synchronization of files with OneDrive. The updated per month prices for OneDrive are:

  • Microsoft One DriveFree for 15GB,
  • $1.99 for 100GB,
  • $3.99 for 200GB,
  • $5.99 1TB

In an attempt to trump MSFT, Google released Google Drive for Work, a paid service targeted at business users and priced at $10 per user per month. FierceCIO noted that the new service offers unlimited storage, the ability to upload files of up to 5TB in size, and access to productivity apps such as Docs, Sheets, Slides, Hangouts, and Sites. Importantly, Google also announced that files uploaded to Google Drive can be encrypted, and will stay that way while in transit or when at rest on its servers. Here are the current prices per month for Google Drive space pace according to CNET:

  • Google DriveFree for 15GB,
  • $1.99 for 100GB,
  • $9.99 for 1TB,
  • $99.99 10TB,
  • $199.99 for 20TB and
  • $299.99 for 30TB.

Mr. Mah argues that price drops are good news for consumers. The extra space would certainly be useful for users who rely on it for long-term file archives or backing up large local files. The author correctly argues that 1TB of online storage does not deliver the same value to business users. The reason is simple: cloud storage is a terrible backup solution for large volumes of data, especially if you need to get it back quickly.

Mr, Mah observed that cloud storage vendors do not share information about any guaranteed uploading or downloading speeds when using them. This is noteworthy considering that 1TB of files can take a really long time to transfer over the Internet.

He explains that downloading 1TB worth of files with zero data overhead–which is impossible, across a reasonable 10Mbps broadband connection would take over 222 hours, or close to 10 days of continuous downloading. You can be assured that real-life conditions on your broadband connection would likely mean that this is at least doubled or even tripled.

And that’s assuming that the cloud service provider isn’t experiencing any congestion on its end, which is not something that cloud vendors are offering any guarantees on. Notwithstanding that, you can check out this nifty online calculator.

So while there is no question about the value of cloud storage for data synchronization across multiple devices, it is important for businesses to understand that the cloud just isn’t ideal for data backup. Mr. Mah concludes that users should use their 1TB of cloud space for all its worth, but users and firms need to do proper local backups for important files, as well as those that need to be restored quickly.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , ,
| August 28, 2014
Comments Off on Millions of PC’s Still Have Stuxnet Bug

Millions of PC’s Still Have Stuxnet Bug

Millions of PC's Still Have Stuxnet BugLately, I have covered a few pieces of old IT business here, here, and here. And here is another piece of old business from Infosecurity Magazine. Tara Seals at Infosecurity Magazine recently pointed out new research from Kaspersky. They are reporting that there are 10’s of millions of systems that are still vulnerable to the most infamous malware families that enabled Stuxnet.

Patched in late 2010

RadarResearch by Kaspersky has found the vulnerability that allowed Stuxnet, Flame, and Gauss malware campaigns (CVE-2010-2568) is still being exploited. They are still being exploited despite the flaw having been patched in late 2010 by Microsoft. Kaspersky Lab reported more than 50 million detections on more than 19 million computers worldwide in the past eight months.

The lack of patching by IT administrators is surprising given that the vulnerability has an infamous history. The author explains that the vulnerability is an error in processing tags in Microsoft (MSFT) Windows OS. The flaw enabled the download of the random dynamic library without the user’s awareness. The vulnerability affects Windows XP, Vista, and Windows 7, as well as Windows Server 2003 and 2008.

Sality worm

MalwareThe first malware exploiting this vulnerability appeared in July 2010: the worm Sality. Sality generated vulnerable tags and distributed them through the LAN. Ms. Seals writes that if a user opens a folder containing one of these vulnerable tags, a malicious program immediately begins to launch. The summer of 2010 then saw the appearance of Stuxnet. Stuxnet is a computer worm that was specifically designed (likely by the US and Israel) to sabotage the uranium enrichment process at several factories in Iran. Subsequently, the state-sponsored Flame and Gauss spyware made use of the security hole.

Windows XP vulnerable to Stuxnet

Infosecurity Magazine dug into the statistics and found that most of the unpatched systems were running Microsoft’s outdated Windows XP. Kaspersky said the report.

Knife in the toasterThe lion’s share of detection’s (64.19%) registered .. involved XP and only 27.99% were on Windows 7 … Kaspersky Lab products protecting Windows Server 2003 and 2008 also regularly report detection of these exploits (3.99% and 1.58% detection’s respectively)

Kaspersky data suggests that the problem is self-inflicted.

The large number of detection’s coming from XP users suggests that most of these computers either don’t have an installed security solution or use a vulnerable version of Windows – or both.

Kaspersky also analyzed the geographical distribution of CVE-2010-2568 detections. According to Infosecurity, the top nations with the vulnerability were:

  1. Vietnam (42.45%)
  2. India (11.7%) and
  3. Algeria (5.52%)

Kaspersky researchers told the author, “So many users of outdated versions of Windows mean these exploits are effective even though almost four years have passed since the disclosure and patching of the vulnerability.”

rb-

C’mon, if you are going to use an orphaned operating system, update it as far as you can and get off it as fast as possible.

As Kaspersky pointed out, using an outdated version of an operating system is fraught with the risk of cyber-attacks involving exploits, special programs that target vulnerabilities in legitimate software to infect a computer with other dangerous malware.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , ,
| August 21, 2014
Comments Off on MSFT Closing More Windows Support

MSFT Closing More Windows Support

MSFT Closing More Windows SupportIT departments organizations are busy keeping up with XP replacements, Cloud migrations, BYOD implementations and now Microsoft has reminded everybody that there are other fires burning on the horizon. Microsoft (MSFT) is warning that they are ending mainstream support for more popular Windows products. Some of the key products ending mainstream support include; Windows 7, Window Server 2008, Exchange 2010, and SharePoint 2010.

So what does Redmond mean when it ends “Mainstream Support”?

  • Microsoft supportMainstream support is the typically five-year period when Microsoft provides free patches and fixes, including but not limited to security updates, for its products.
  • When a product exits the mainstream support phase, Microsoft continues to provide a period (also often five years) of extended support, which means users get free security fixes but other types of updates are paid and require specific licensing deals.
  • “End of support” means there will be no more fixes or patches — paid or free, security or non-security — coming for specific products. CNET says there are some temporary workarounds, as Windows XP users have discovered, but as a general rule, end of support means, for most intents and purposes, the end.

start planning nowHere are some critical (or not so critical) dates. You may want to circle in red on your calendar and start planning now. Do you have funds in your 2020 capital budget for new hardware? Will cloudifying these be the answer? Are you up to speed on Azure? Are your apps up to speed on Azure?

September 14, 2014 mainstream support ends Windows Phone 7.8.

October 14, 2014, is a critical date, support ends for

  • Office 2010 (Including Viso and Project) with Service Pack 1 mainstream support ends.
  • SharePoint Server 2010 Service Pack 1 mainstream support ends

ending mainstream support for more popular Windows productsJanuary 13, 2015, is a big day for Microsoft support

  • Windows 7, Mainstream, free support ends on for all versions of  Windows 7 (Enterprise, Home Basic, Home Premium, Ultimate, and Starter) as well as Windows 7 SP1.
  • Extended support for Windows 7 lasts until January 14, 2020, so users can expect to continue to receive free security updates, but not feature updates, for Windows 7 until that point.
  • Some industry watchers have speculated that Microsoft will end up pushing out Windows 7’s support dates the way the company did for XP, given Windows 7’s popularity and pervasiveness, but so far, CNET says there is no evidence of it happening.
  • Windows Server 2008 – Mainstream support also ends on all versions of Windows Server 2008 and 2008 R2. Extended support remains in place until 2020.
  • Exchange 2010 – Mainstream support will also end on all versions of Exchange 2010. Extended support remains in place until 2020.
  • Other Microsoft products whose mainstream support ends on January 13, 2015 include :
    • All editions of Windows Storage Server 2008,
    • Dynamics C5 2010,
    • NAV 2009 and NAV 2009 R2
    • Forefront Unified Access Gateway 2010 with SP3
    • Visual Studio 2012
  • Microsoft recommends its customers to get updated, “Customers should migrate to the next available Service Pack to continue to receive security updates and be eligible for other support options.”

extended support cuts offJuly 14, 2015, Microsoft’s extended support period for Server 2003 cuts off (I covered the end of 2003 here). MSFT won’t be issuing patches, updates, or fixes of any kind for that operating system (unless users have pricey Custom Support Agreements in place). Redmond is hoping to move 2003 hold-outs to Windows Server 2012 R2 and/or Azure.

October 13, 2015, is another big deal day

  • Office 2010, Visio 2010, Project 2010 — Mainstream Support ends. Extended support should run into 2020.
  • SharePoint Server 2010 — Mainstream support ends. Extended support should run into 2020.

April 11, 2017 – Extended Support ends for Windows Vista ends. No more updates. Time to upgrade (rb- if you haven’t already moved on).

August 11, 2017 – Extended Support ends for Exchange Server 2007. No more updates. Time to upgrade.

January 10, 2018, Mainstream support for Windows 8.1 ends for all versions of Windows 8. Customers still running Windows 8 have until January 12, 2016, to update to Windows 8.1 in order to stay supported.

rb-

Remember this – running out-of-date software which no longer receives security updates is playing into the hands of online criminals and hackers.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , ,
| August 12, 2014
Comments Off on Who Needs Two-Factor Authentication

Who Needs Two-Factor Authentication

Who Needs Two-Factor AuthenticationThe recent epidemic of online security breaches has shown the folly of passwords as the sole protector of your online data. As I have covered several times, most users depend on the same passwords. So what are we to do? One solution is Two-Factor Authentication.

John Shier at SophosNaked Security blog provided a primer on multi-factor authentication. Two-Factor Authentication is a subset of Multi-factor authentication (MFA).  MFA is an authentication process where two of three recognized factors are used to identify a user:

  • Sommulti-factor authenticationething you know – usually a password, passphrase, or PIN.
  • Something you have – a cryptographic smartcard or token, a chip-enabled bank card, or an RSA SecurID-style token with rotating digits
  • Something you are – fingerprints, iris patterns, voiceprints, or similar

How two-factor authentication works

Two-factor authentication works by demanding that two of these three factors be correctly entered before granting access to a system or website. So if someone manages to get hold of your password (something you know), the article says they still will not be able to get access to your account unless they can provide one of the other two factors (something you have or something you are).

Data breachThe author explains that secure tokens with rotating six-digit codes can be used to remotely access internal systems via a VPN session. Users need to give a username, a password, and the six-digit code from the secure token appended to a PIN. Home users can use a sort of two-factor authentication using SMS code verification. This is where, in addition to correctly entering your password (something you know), you must also correctly enter a numeric passcode sent to your mobile phone via SMS (something you have).

The availability of mobile network service and the unreliable nature of SMS can make SMS 2FA difficult. However, some services allow you to use an authenticator app in addition to your password which presents you with a different numeric one-time password (OTP) for each service that you register with the app. Both Google and Windows make these apps freely available in their respective stores.

Authenticator apps can be great for signing into sites like Google, Facebook, and Twitter even when your phone does not have service (mobile or otherwise).

Two-factor authentication makes it harder

SPAM emailParker Higgins at the EFF, says normal password logins, which use single-factor authentication, just check whether you know a password. This means anybody who learns your password can log in and impersonate you. Adding a second factor, like a PIN, something you know, with your ATM card, something you have, makes it harder to impersonate you. You need to both have a card and know its PIN to make a withdrawal.

Online two-factor authentication brings the same concept to your services and devices by using your phone—which means that even if your password is compromised by a keylogger in an Internet café, or through a company’s security breach, your account is safer according to the EFF.

That’s important because phishing, which is one of the most common ways in which accounts are compromised, only gets information about passwords. By adding a different factor, phishing attacks become much more complicated and much less effective according to Mr. Higgins.

APhishings two-factor authentication systems become more popular, they have gotten increasingly user-friendly; the EFF believes it doesn’t have to be a difficult trade-off of convenience for security. Major services like Twitter, Google (GOOG), LinkedIn (LNKD), Facebook (FB), Dropbox, Apple (AAPL), Microsoft (MSFT). GitHub, Evernote, WordPressYahoo (YHOO) Mail and Amazon (AMZN) Web Services have enabled two-factor authentication.

rb-

Users should get used to two-factor authentication. 2FA is not available everywhere but many of the most popular sites and services on the internet use the technology.  Hopefully, this will compel the rest to follow suit. There is Android malware in the wild that is specifically designed to steal SMS verification codes trying to thwart 2FA so you still need anti-malware on your mobile devices.

In the wake of recent POS attacks (which I covered here), DHS has recommended 2FA for POS systems. While it is not bulletproof, it does increase your security by making it harder for your accounts to be compromised. All users will need Two-Factor-Authentication Authentication.

Related articles
  • Fending off automated attacks with two-factor authentication (cloudentr.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , ,
« Older Entries   Recent Entries »