Tag Archive for MSFT

| January 28, 2010
Comments Off on Privacy Day 2010

Privacy Day 2010

Privacy Day 2010Data Privacy Day is January 28, 2010.  Data Privacy Day is an international celebration of the dignity of the individual expressed through personal information according to its sponsors. In this networked world, in which we are thoroughly digitized, with our identities, locations, actions, purchases, associations, movements, and histories stored as so many bits and bytes, we have to ask – who is collecting all of this – what are they doing with it – with whom are they sharing it?

For its part, Google (GOOG) has released a video highlighting the ways it uses some of that personal data it collects about you to make your life easier and then explains that you can opt-out of some of Google’s data collection policies.

Nicrosoft logoMicrosoft (MSFT) has released the results of a study on data privacy.  According to the Microsoft survey, the results illustrate how we, as a society, are still grappling with the intersection of privacy and online life. For example, 63 percent of consumers surveyed are concerned that online reputation might affect their personal and/or professional life, yet, less than half even consider their reputations when they post online content.

Finally, Fewer than 15%  of consumers in any of the countries surveyed believe that information found online would have an impact on their getting a job.  The Microsoft study found 70% of surveyed HR professionals in the U.S. have rejected a candidate based on online reputation information. Reputation can also have a positive effect as in the United States, 86% of HR professionals stated that a positive online reputation influences the candidate’s application to some extent; almost half stated that it does so to a great extent.

Electronic Frontier FoundationFor its part, the Electronic Frontier Foundation (EFF) has published, “The E-Book Buyer’s Guide to Privacy ” which outlines six elements of Ebook readers’ privacy policies:

The EFF surveyed the policies and found that Google Books and Amazon Kindle will monitor what you’re reading. The EFF also found that all the E-book readers will keep track of book searches and book purchases.  The Kindle, Nook, and Reader shared information collected on your book selections, searches, and purchases is shared outside the company without your consent. The good news is that the a free, open-source FBReader (for Windows/Linux) does not collect data on your book selections or searches.

Google Books and Amazon Kindle will monitor what you're readingThese privacy issues are important for citizens and businesses. Firms have to consider whether they are complying with laws and regulations requiring consumer privacy protections. They know that customers have to trust their technologies and services before they will use and pay for them.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Data protection | Tags: , , , , , , , , , ,
| December 9, 2009
Comments Off on Which Anti-Malware is Best?

Which Anti-Malware is Best?

Which Anti-Malware is Best?In a report, AV-Comparatives compared the base performance of some of the top anti-malware products on the market. The objective of these tests was to identify how well antivirus scanners can detect new malware using their base functions.

Base anti-malware functions included their proactive scanning and heuristics methods, without the advantage of downloading the latest signatures. Forcing a test without the latest virus signatures makes it possible to evaluate the strength of the heuristic-or proactive, technology of the anti-malware engines.

ArsTechnica summarizes that the tests were run on two sets of malware. Set A, which contains malware from December 2007 to December 2008 (of which most products could detect over 97%). Set B, contained 1.6 million samples of malware collected between August 11 and August 17, 2009. This set included the following categories of malware: Trojans (69.5%), Backdoors/Bots (20.7%), Worms (6.1%), other malware (1.5%), and Windows viruses (0.4%).

Results

Ars reported these proactive detection results (rounded to the nearest percent):

After taking these results into consideration and adjusting for false positives, AV-Comparatives rated the security companies from best to worst in three categories:

  • Advanced+:
    • G DATA,
    • Kaspersky,
    • ESET,
    • F-Secure,
    • Microsoft,
    • Avast,
    • eScan.
  • Advanced:
  • Standard:

In September of 2008 NetworkWorld reported on Gartner claims that enterprises are paying too much for security software. Gartner says vendors simply aren’t doing enough to keep up with the prevalence of threats on the Internet. Neil MacDonald, a research vice president at Gartner says that security vendors are “maintaining high-profit margins on firewalls and antivirus software despite these products being nothing more than commodities.NetworkWorld says that during his presentation at the Gartner’s 2008 IT Security Summit in London, Mr. MacDonald was vociferous in his condemnation of how security products are actually increasing their prices over the years across a backdrop of lowered effectiveness, contradicting pricing schemes across the rest of the IT industry.

Anti-malware pricing is broken

Security vendors have maintained a pricing scheme that contradicts the rest of the IT industry, Mr. MacDonald said. Typically with software or hardware, prices go down year after year with the introduction of new and better products. In some cases, however, security software often loses its effectiveness as new threats emerge, while prices stay high. “Why in antivirus year after year do we pay more for something that gives us less?” MacDonald asked. “It’s insanity. Why is information security immune from the trends of the IT industry?

Gartner recommends that firms use the commodity status of security software to their advantage, “I know it’s hard to switch but you have to seriously enter the negotiations,” MacDonald said. “Let the vendors know that you are not afraid to switch.”  And he recommends that buyers should aggressively negotiate for better prices.

rb-

While most malware writers are script kiddies with an affinity to making minor modifications to existing malware there are some very good black hat hackers out there that are not dummies.  These tests are important for buyers to understand which product’s core functionality is more efficient against new threats and not rely on constant updates to augment their capabilities. In the face of new threats, superior heuristic capabilities are crucial to anti-malware software? The weekly, daily, or even multiple times a day, definitions updates are the lifeline of the anti-malware industry. The need for constant updates is what drives the annual payments for subscriptions.

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| December 5, 2009
Comments Off on Techs Add Ads In Everything

Techs Add Ads In Everything

The New York Times is reporting that Apple Computers has filed an application with the U.S. Patent and Trademark Office to patent to puts ads in everything. They  are working on a technology called “Advertisement in Operating System.” Advertisement in Operating System will display advertising on almost anything that has a screen of some kind: computers, phones, televisions, media players, game devices, and other consumer electronics.

The patent application claims the distinctive feature of the patent is it that doesn’t simply invite a user to pay attention to an ad — it also compels attentionApple’s (AAPL) technology, according to the NYT, can freeze the device until the user clicks a button or answers a test question to prove that he or she has dutifully noticed the commercial message. Because this technology would be embedded in the innermost core of the device, the ads could appear on the screen at any time, no matter what one is doing.

Within this new technology, Apple has developed what it calls an “enforcement routine” that makes people watch ads they may not want to watch. What the application calls the “enforcement routine” entails administering periodic tests, like displaying on top of an ad a pop-up box with a response button that must be pressed within five seconds before disappearing to confirm that the user is paying attention.

These tests “can be made progressively more aggressive if the user has failed a previous test,” the application says. One option makes the response box smaller and smaller, requiring more concentration to find and banish. According to the NYT,  the system can require that the user press varying keyboard combinations, the current date, or the name of the advertiser upon command, again demonstrating “the presence of an attentive user.” The system also has a version for music players, inserting commercials that come with an audible prompt to press a particular button to verify the listener’s attentiveness.

The Apple inventors, including Apple CEO Steve Jobs, whose name is the first listed on the application, say the advertising would enable computers and other consumer electronics products to be offered to customers free or at a reduced price. In exchange, recipients would agree to view the ads (rb- and give their personal data). If down the road, users found the advertisements and the attentiveness tests unendurable, they could pay to make the device “ad-free” on a temporary or permanent basis.

Google logoThe Download Squad points out that over at Google (GOOG), a “highly praised” feature of the newly announced Chrome OS‘s “totally new” approach to security sounds similar to Apple’s plan for forced ads. Chrome OS is reported to be self-healing. If the OS detects something it does not like, a “verified boot” will restore files to their previous state as if nothing ever happened. Since it is Google’s OS they get to decide what is or isn’t malicious. It is easy to imagine that anything which interferes with the delivery of Google-powered content would be considered malicious. Applications like AdBlock or AdSweep which block Google ads may not be allowed. Chrome OS will put Google in complete control over the delivery platform its audience is using.

Microsoft logoMicrosoft (MSFT) has experimented with ads in software since June 2007 with Microsoft Works. Now Microsoft is working on placing advertisements in a more conspicuous location next year with a free version of Office. Office Starter 2010 is a free version of Office that is pre-installed on some PCs. It will include a small Microsoft display ad in the lower-right corner of the screen and offers versions of Word and Excel with fewer functions than the regular paid ones.

In Office Starter 2010, Microsoft is not seeking revenue from advertising. They are using the ads only to promote the full-featured, commercial versions of Office. The company plans to take customers “along a journey to educate them about the product,” said Bryson Gordon, a director on Microsoft’s Office team said in the NYT piece. Microsoft will use a gentle approach to the up-sell. Customers can ignore the ads, which will sit passively in the corner of the screen,

rb-

The tech world is moving backward taking cues from Free-PC and ZapMe because the public is cheap. Apple, Google and MSFT are counting on the fact their product are so “insanely great” and integrated into our lives that we as consumers can’t live without Gmail or iTunes. Now that we are all junkies of cheap tech, the tech firms are going to exploit this. The price of free starts with a text ad then it will be a banner ad then a pop-up and then a full video where you have to interact with the device to use it.

MSFT, Apple, and Google have huge organizations to run, CEO’s and Wall $treet bankers that need their bonuses so the move to monetize all their services has just begun. The big question is how far will this go? Will the pillars of tech add so many clicks, surveys, ads, and forced interactions to eventually make their products unwieldy and useless. Look where FreePC and ZapMe are today.

Forced advertising is not some new idea lots of malware force their victims to view web pages they did not request.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , ,
| November 14, 2009
Comments Off on Tech Layoffs

Tech Layoffs

Tech LayoffsIt has been just over a year since Wall $treet and the Bankers lead the global economy to the edge of collapse. Thanks to Obama-money our money Wall $treet and the Bankers are making million-dollar bonus’ again while worker layoffs continue. All must be right in the economy, right?

According to my information, nearly 550,000 tech-related jobs have been eliminated since October 2008. January 2009 saw almost 164,000 jobs eliminated by the biggest names in tech. Ericsson. Google, IBM, Intel, Microsoft, NEC, and Sprint-Nextel all eliminated 5,000 or more jobs in January 2009. While this is old news, unless you are still trying to live through one of these “right-sizing” it is also important because we are coming back around to the lay-off season.

Global Tech Layoffs

This year’s lay-off season is trending up after several months of decline. From a record high in January tech layoffs declined to a modest 4,336 layoffs in June 2009. Since reaching that bottom the tech layoff rate has increased to levels not seen since May 2009. August 2009 had almost 5,000 layoffs. The number of layoffs in September doubled to 10,246. The trend has been increasing since with 12,704 layoffs in October and in the first half of November, there have been already been 12,749 layoffs. Some of the same firms that had “resource reduction actions” in January had laid off more people in November, including Ericsson (700), Microsoft (800), and Sprint-Nextel (2,500).

Tech Layoffs Last Quater 2009

It appears to me that despite Wall $treet bonus’. the rest of us are still in for at least 12 more months of questionable job prospects

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , ,
| November 11, 2009
Comments Off on Microsoft Cop Tool Leaked

Microsoft Cop Tool Leaked

Microsoft Cop Tool LeakedI recently wrote about Microsoft’s COFEE computer forensics tool here. Three weeks later, Yobie Benjamin at SFGate writes that Microsoft COFEE, “One of the most important tools in computer forensics and law enforcement,” was apparently uploaded to bit torrent site What.CD on November 09, 2009, and is now available on the Internet.

What.CD management issued a statement, “Suddenly, we were forced to take a real look at the program, its source, and the potential impact on the site and security of our users and staff… And when we did, we didn’t like what came of it. So, a decision was made. The torrent was removed (and it is not to be uploaded here again).

Microsoft logoDarkReading says that COFEE was so sought after in the computer underground that an enormous bounty of 1.6 terabytes of capacity was offered to the first one who would upload the software. Robert Graham on DarkReading explains that the version on COFEE om BitTorrent has only Microsoft tools, so I don’t know for certain what other tools it might run. Yet similar forensics toolkits all run the same sorts of programs. They run standard tools for grabbing the browser history (from Firefox and IE). The tools can run versions of “pwdump” to grab the password hashes for offline cracking. The browser cache can be captured by these types of tools. They look for recently changed files. They might scour the hard drive and take an MD5 hash of all the files. Similar tools look for unique device IDs, such as your MAC address or built-in hard drive ID.

Steve Ballmer is mad

Who took my COFEE

One of the worries is that now that the tool is public, criminals can now defend against it. This is nonsense according to Graham. Police forensics are already well-known, and criminals already know how to defend against them. Graham, concludes that tools like COFEE don’t do anything extra that is unknown or secret. What makes them dangerous (to criminals) is that law enforcement agents can run them without much training, in an automated fashion.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
« Older Entries   Recent Entries »