Matt

Pics Some of the feeds and speeds of the Chinese government's Tianhe-2 massively parallel ceepie-phibie supercomputer leaked out in May and then even more came out a week later ahead of the planned big splash at the International Super Computing shindig in Leipzig, Germany. But El Reg has some juicy pics of some of the key components for you to ogle. Many of the details about the machine – particularly relating to the upgraded "Arch" TH Express-2 interconnect that lashes the 16,000 compute nodes in the machine together – remain obscure. But feast your eyes on these. First, here is a picture of the Tianhe-2 chassis. As we previously explained, based on a report of the machine put together by Jack Dongarra, a professor at the University of Tennessee and one of the stewards of the Linpack supercomputer benchmark, the Chinese government's National University of Defense Technology has done a bit of integrating with the updated "Sky River" machine. (Sky River is what Tianhe means when translated to English, and it is what we in the West call the Milky Way when we look to the night sky.) The Tianhe-2 server chassis With Tianhe-2, two Arch-2 network interface chips and two "Ivy Bridge-EP" Xeon E5 compute nodes (each with two processor sockets) are on a single circuit board (even though they are logically distinct). This compute node plus one Xeon Phi coprocessor share the left half of the compute node and five Xeon Phis share the right side. The two sides can be electrically separated and pulled out separately for maintenance. The Arch-2 NICs link to the Xeon E5 chipset through PCI-Express 2.0 ports on the NIC, which is unfortunate given the doubling of bandwidth with the move to PCI-Express 3.0 slots. (Maybe that is coming with the Arch-3 interconnect, if there is one on the whiteboard at NUDT?) There's one Arch-2 NIC per compute node; the three Xeon Phi coprocessors for each node link over three PCI-Express 3.0 x16 ports to the CPUs. Yup, the Xeon Phis can talk faster to the CPU than the CPU can talk to the Arch-2 interface. It is unknown how this imbalance might affect the performance of Tianhe-2. Take a gander at the massive switch backplane circuit board for Tianhe-2: The switch backplane for the Tianhe-2 supercomputer This Arch-2 switch backplane has ports on both sides and it has signals that run at multiple-gigahertz speeds. The ports on the Arch-2 NICs can run at 10Gb/sec or 14Gb/sec. The shiny ports on the Switch RSW Blades below slot into the black ports on the switch backplane and comprise the local Arch-2 interconnect for a group of nodes in the rack. The RSW switch blade for Tianhe-2 One set of RSW switches is rotated 90 degrees in parts of the system for reasons that don't make sense to me – yet. But here is how the components plug together: How the compute nodes, switch, and backplane come together in Tianhe-2 Eight of the ports on the RSW Switch Blade link to four compute drawers (with a total of eight Arch-2 ports) and it looks like the remaining four ports are used to link out to the 576-port switches that represent the aggregation layer in the Arch-2 network. The blades that implement this aggregation layer are called the Switch LSW Blade, and this is what they look like: The LSW switch blade for Tianhe-2 The Arch-2 interconnect has thirteen of these 576-port monsters, which appear to be made from many of these Switch LSW Blades. These switches use an opti-electrical transport technology developed by NUDT as well as a proprietary network protocol. And like all supercomputers, the switching gets a bit messy, particularly when you are linking together 16,000 nodes. In China, presumably they call a tangle of cables noodles, not spaghetti Sursa TheRegister.co.uk

Europe's biggest investigated after internet slowdown claims by US giant The three internet providers raided by European g-men probing allegations of throttled download speeds have been named. The officials burst uninvited into the head offices of Deutsche Telekom, Orange and Telefonica, which operates O2 in the UK, as part of an investigation into alleged anticompetitive behaviour. The trio are accused of limiting the speed of global internet traffic passing through their network from a US rival, while allowing their own packets of data to flow at full speed. Typically, ISPs agree to share the burden of the world's internet traffic fairly and squarely in so-called peering agreements. The European Commission began the data throttling probe earlier this month, but did not name the three firms it raided. News agency Reuters was later able to confirm which telcos were targeted. If found guilty of anticompetitive behaviour, the Euro trio could be fined up to 10 percent of their global turnover. A complaint from international internet provider Cogent, which based in the US, sparked the investigation. It claimed the three ISPs deliberately throttled the speed of internet transfers so that people using its services experienced slower downloads than expected. Orange and Telefonica have said they are cooperating with the commission, while Deutsche Telekom has not yet commented. Deutsche Telekom and Orange confirmed the raid took place. Cogent chief executive and founder Dave Schaeffer said its customers' quality of service suffered because the connections between its networks and those of the accused ISPs were overloaded. "These telcos have refused to upgrade the capacity of the interconnections, resulting in poor quality of service to our customers and theirs," he said. His firm do not have issues with any other ISPs on the Continent. "We have good relationships with many operators in Europe, including Telenor, KPN and Belgacom," he continued. Cogent has already won a dispute with Orange in France, where a regulator ruled that Cogent was not being overcharged for access to Orange's network. Sursa TheRegister.co.uk

SOFTWARE DEVELOPER Microsoft has sued US Customs for not stopping the import of Motorola smartphones following a US International Trade Commission (ITC) ruling to ban them in the States. Microsoft won an ITC ruling against Motorola with the court ruling the smartphone maker, which is owned by Google, infringed its patents. Now Microsoft has sued US Customs for not stopping Motorola smartphones from being imported into the US. The ITC imposed an import ban on Motorola's smartphones in May 2012 that runs until Microsoft's patents expire in 2018. However Microsoft's deputy general counsel David Howard said, "Customs has a clear responsibility to carry out ITC decisions, which are reached after a full trial and rigorous legal review. Here Customs repeatedly ignored its obligation and did so based on secret discussions." Microsoft alleges that Google and US Customs met in secret, with Microsoft not being privy to those meetings. It claims that Google tried to convince the ITC that the patent regarding synchronising does not apply when devices use its servers, an argument Microsoft claims the ITC rejected. Microsoft said in its court filing, "The only conclusion that can reasonably be drawn from [uS Customs and Border Patrol]'s pattern of conduct is that CBP will not enforce the commission's exclusion order absent a court order compelling it to do so. "CBP has repeatedly allowed Motorola to evade that order based on secret presentations that CBP has refused to share with Microsoft." Microsoft and Google did not respond to requests for comment by press time. Sursa TheInquirer.net

Jason Sosa was walking down a Shanghai sidewalk when he stumbled onto a digital image. It was projected onto the floor just inside a burger joint — yes, a burger joint — just off the sidewalk, and if you got close, the image changed. It would show you, say, a pile of leaves, and if you walked through it, the leaves would fly away. This was 2007, and Sosa had never seen anything quite like it. “I was compelled to, well, play with it,” Sosa remembers. “I was engulfed in the technology.” It was a moment that stayed with him. Over the next few years, he was inspired to build a system that could respond not just to movement, but to the way people looked — their clothes and even their faces. If you spotted a young woman, for instance, you could show her a digital advertisement you wouldn’t show to an older man. The result is Cara, a system that’s already under test in various retail stores and malls. Fashioned by a team of eight engineers at Sosa’s New York-based startup, IMRSV, this new-age creation uses simple cameras, including web cams, to detect faces and other discerning personal features, and the hope is that businesses can use this information to hone their operations, including, perhaps, tailoring digital advertisements to suit particular types of people. The tool is just one of several new contraptions that tap cameras in public spaces, using “computer vision” algorithms to track what people are up to — and respond accordingly. Another New York-based startup, Placemeter, is using urban cameras — including street traffic cams — to give the average consumer a way of determining how crowded it might be when they turn up at a local store, restaurant, or some other public place. And though Google has banned the practice, others are looking to build face-recognition applications into Google Glass — those computer-powered specs championed by company founder Sergey Brin. Naturally, such systems are tagged with that catch-all moniker, The Internet of Things. But Placemeter co-founder and chief operating officer Florent Peyre prefers to think of this phenomenon something closer “The Internet of Places.” As with many so-called Internet of Things creations, the aim is to harness at least of portion of our everyday world using computer networks and other tech. In tapping public cameras, Placemeter hopes to create a “platform of data” that can be used by all sorts of applications, some for consumers and some for businesses. “We take all these video streams and make them smart, basically — turn them into data,” says Placemeter’s other co-founder, Alex Winter. The ideas behind these systems are nothing less than intriguing. In touting Cara, the pundits can’t help compare the thing to the ridiculously accurate custom ad system that appears in Steven Spielberg’s science fiction film Minority Report. And when the discussion turns to face recognition and Google Glass, we’re inevitably hit some sort of Terminator analogy. But the truth is that we’re only beginning to approach a world where such science fiction has become reality. Systems like Cara are much simpler — and, due to private concerns, they almost have to be. Monster Media — a company that builds interactive screens for stores, malls, airports, and other settings — recently tested Cara, and though company CEO Chris Beauchamp says the system outperformed competing contraptions from the likes of Intel, he makes it quite clear that it’s a long way from turning in-store advertising on its head. “There are a ton of guys running around saying the same thing, which is: ‘Hey, we can change out your content depending on who’s in front of it, put them in gender categories and age categories,’” he says. “That sounds great, and it works in a room about the size of my conference room, [but] I would never rely on any one software to change the message according to who’s standing in front of a screen. It only takes being wrong one time. If you call a guy a girl or vice versa, you end up on a social network for all the wrong reasons.” In other words, science fiction is still science fiction. “A lot of people get caught up in Minority Report,” Beauchamp says. “There is never going to be a time when a guy is walking through an airport and signs start talking to him. It’s fucking chaos. People are everywhere. They’re wearing hats, scarves, different facial hair. All that plays into this kind of technology.” With these public systems, privacy is also a concern, and that’s why outfits like IMRSV and Placemeter stop well short of true face recognition. Cara does what Sosa calls face detection, meaning that it determines what type of face you have, without trying to identify who you are, and he says that no images are stored on the company’s servers. Meanwhile, Placemeter doesn’t even detect faces. It merely identifies numbers of people. “By nature, we don’t even see faces,” says Alex Winter. “Our images are taken at a distance.” Jennifer Lynch, a staff attorney with the consumer watchdog the Electronic Frontier Foundation, says that any privacy concerns must be examined on case-by-case basis. “You have to look at each system independently,” she says. Judging from what they say about their respective systems, IMRSV and Placemeter seem to sidestep any major privacy concerns. “The key for Cara is that they’re doing face detection, not recognition,” says Natalie Fronseca, co-founder and executive producer for the Privacy Identity Innovation tech conference, who is very familiar with Cara. “Jason does privacy by design, and that will help him avoid the adverse consequences that often come with data collection.” But Lynch says that such a system might still violate your privacy in ways you don’t expect. “It depends on what information they’re collecting,” she explains. “They might just collect gender, but what if they can distinguish race and age? When you put those categories into a system — and you’re using multiple cameras in multiple places — you could get to a point where you could reasonably identify somebody.” Face recognition via Google Glass is another matter entirely — and that’s why Google has banned the practice. Nonetheless, developers, including an outfit called Lambda Labs, are still looking to create face recognition systems for these compu-specs and perhaps similar hardware. Inevitably, we will move towards a world where public cameras not only watch us, but software systems actively analyze what we’re doing and what we look like — and actively share this information with businesses and other citizens. The question is how detailed this information will be — and how soon. Sursa Wired.com

Ultimul post a fost acum 2 ani si 5-6 luni.

Stiam de 8 si ceva la Ingineria sistemelor si chiar asa a fost - 8.72 La Automatica 9.25.

Cred ca generatia noastra va prinde si sfarsitul Facebook-ului.Se vor gasi niste baieti destepti sa ii tina jos vreo saptamana apoi vor da quit.

Nu a fost tradus de mine.Eu am citit articolul in engleza. // http://www.computerworld.com/s/article/9240776/_Superman_crystals_could_store_360TB_of_data_forever

The company behind a popular media player software has called out vulnerability management firm Secunia for continuing to list a vulnerability as "unpatched" and threatened legal action. VideoLAN, the maker of the popular VLC media player, threatened to sue Secunia for defamation because the security company had not updated one of its advisories regarding a "highly critical" vulnerability even though a patch was available, Secunia Research wrote on the company blog on Tuesday. Secunia Research said according to its analysis, the root cause of the flaw has not been addressed in the latest stable version, VLC 2.0.7. Within hours, VideoLAN president Jean-Baptiste Kempf had fired back with a blog post of his own, entitled, "More lies from Secunia," and accused the company of defamation. He claimed the security hole was closed very quickly, but that Secunia refused to update the advisory. There is a lot of finger-pointing between the two companies and it's not really clear exactly where the lines of communication broke down. What is known, and agreed upon, is the fact the flaw, as described in Secunia Advisory SA51464, was originally publicly reported by independent security researcher Kaveh Ghaemmaghami on the Full-Disclosure mailing list. The root cause of the vulnerability was in the underlying FFmpeg library, which VLC statically links to. VLC is described as a free and open source cross-platform multimedia player and framework that plays most multimedia files as well as DVD, Audio CD, VCD, and various streaming protocols. Secunia said the vulnerability was the result of a user-after-free error caused when releasing a picture object during decoding of video files, according to SA51464. The issue was first discovered in VLC 2.0.4, and successful exploitation of this flaw would result in arbitrary code execution, according to Secunia. Kempf said the issue was in the third-party libavformat/libavcodec libraries and not in VLC’s main code. Kempf said in his post there was a VLC patch seven days after the proof-of-concept appeared on the Full Disclosure list, yet Secunia posted an advisory a day after calling the issue unpatched. Secunia's blog post alleges that the fix in VLC 2.0.5 was incorrect and did not address the root cause, which is why it issued the advisory. This is where things get a little confusing. Kempf repeatedly insisted in his post that the fix was valid, since the proof-of-concept provided by Secunia no longer crashed the player. "We saw the crash they gave us and we fixed it," Kempf wrote. Secunia Research claimed the VLC team "failed to understand the root cause" of the vulnerability, which was why the patch was invalid. When another researcher independently reported a vulnerability in VLC 2.0.5, Secunia determined it was the same use-after-free flaw in SA51464, but using a different attack vector. At this point, a new proof-of-concept was provided, but the team responded saying the issue had been fixed, according to the Secunia post. Kempf did not address this second proof-of-concept in his post. Both blog posts discussed an unrelated vulnerability—SA52956—when parsing MKV (Matroska) files, which was discovered in version 2.0.6. There is another disagreement here, with Kempf saying the team informed Secunia of the fix "on several occasions," and Secunia Research saying the vendor claimed at one point to not know what vulnerability was being discussed. Despite repeatedly checking the builds, Secunia Research said it continued to see the issue. This was not the first instance where the two companies were not able to communicate with each other. Secunia Research claimed it notified the VLC team the patch was incorrect during an email exchange in February (a copy of the email is linked from the post), but received no response. Kempf claimed Secunia never contacted the team for three months after releasing the advisory. In any of the communications between the two companies, Secunia did not provide a more complete explanation of what the problem was or discussed the technical points, Kempf said. "Who is failing at doing 'coordination between vendors and researchers'?" Kempf wrote. Kempf also claimed the MKV vulnerability in SA52956 was not exploitable, but Secunia Research said its proof of concept "could reliably control the contents of the corrupted memory." Vulnerability research company VUPEN has weighed in on the MKV dispute, claiming the issue was still exploitable in version 2.0.7. VideoLAN posted on its Twitter feed last month that Secunia was threatening them via email. Kempf was also incensed that Secunia had posted on Twitter warning users that VLC had unpatched security issues. Secunia's post said, "At no point did we digress from our disclosure policy, or threaten the vendor in any way, and were merely looking out for the safety of the users of VLC." The entire dispute gets even more surreal when VLC developer TypX responded to Secunia on Reddit. In his post, he confirmed that the MKV vulnerability was fixed in the developer version of VLC 2.1.0 but that the changes had not yet been applied to the 2.0.x series. "If the backport hasn't been done to 2.0 it's my responsibility, since it was late, I procrastinated it and then it slipped out of my mind due to real life contingencies. For that I apologize to our users and the rest of the team that has to deal with this drama," Typx wrote. Secunia Research wrote that its primary responsibility was to "provide accurate information about vulnerabilities" via neutral advisories, but that the task is complicated by "vendors who are overprotective about their code and in denial about the vulnerabilities found in their software." Because both companies appear to agree the MKV issue is fixed in VLC 2.1.0, users should upgrade. But it's not clear what happens next for the two companies. Secunia has said it will no longer cooperate with VLC and will immediately publish vulnerability disclosures instead of giving the company time to address the issues. "The way Secunia deals with this [vulnerability disclosures] was outrageous and I think I have all the rights to be pissed and claim that they do not work 'with vendors,'" Kempf said in response. Sursa Securityweek.com

Microsoft's bounty program for the Internet Explorer 11 Preview has already begun to payout and payoff. According to Katie Moussouris, senior security strategist at Microsoft Security Research Center, the first researcher to submit a successful vulnerability report for IE 11 has been contacted, and more such emails are on the way. "We have other researchers who have qualified for bounties under the IE11 program as well, and their notifications will be coming from secure [at] Microsoft [dot] com this week and beyond," Moussouris blogged. "We plan to add an acknowledgement page on our bounty web site, listing the researchers who would like to be publicly recognized for their contributions to helping us make our products more secure, so look for that page to appear linked from Microsoft Security :: Security Vulnerability | Report a Vulnerability | MSRC in the near future." So far, more than a dozen issues affecting the IE 11 Preview have been submitted to the company to investigate. In June, Microsoft announced a number of programs to reward researchers for coming forward with vulnerability information. In exchange for finding critical bugs in IE 11 on Windows 8.1, Microsoft is offering up to $11,000. The entry period for this program ends July 26. Microsoft also created the 'Mitigation Bypass Bounty', which pays up to $100,000 for exploits against the Windows 8.1 Preview, and the 'BlueHat Bonus for Defense', which offers up to $50,000 for defensive ideas that accompany any submission to the bypass program. "Vulnerabilities and exploits affecting many vendors’ products have been trafficked for years in the white, grey, and black markets," Moussouris blogged. "For us, the distinction in the markets hinges on the intended use of the vulnerability or exploit that is purchased. There is also a price difference, generally speaking, with significantly higher prices often paid on the black market." "Our goal was not to directly compete with the black (or even grey) market," she added. "Rather, our goal was to attract those researchers who are currently willing to sell in the white market, and get them to come forward directly to us a lot earlier." Sursa Securityweek.com

Nu.Uite aici stire luata de pe Yoda : https://rstforums.com/forum/72115-microsoft-ajutat-nsa-sa-acceseze-datele-criptate-ale-utilizatorilor-sai.rst\ Pe cine crezi ? Pe romani sau pe straini ?

40 de persoane din 10 localitati rurale din jud. Gorj au fost instruite gratuit sa utilizeze computerul de catre bibliotecarii din localitate si au obtinut certificarea ECDL EqualSkills recunoscuta international cu sprijinul ECDL ROMANIA prin proiectul Biblionet. ECDL ROMANIA s-a alaturat proiectului Biblionet prin acordul de parteneriat semnat cu International Research and Exchanges Board (IREX), principalii responsabili de derularea proiectului la nivel national. 10 biblioteci din mediul rural din jud. Gorj au desfasurat programul ECDL EqualSkills pentru membrii comunitatii si joi, 11 iulie 2013, la sediul Bibliotecii Judetene „Christian Tell” din Tg. Jiu, toti participantii s-au intalnit pentru inmanarea certificarilor ECDL EqualSkills. In aceasta primavara, 5 bibliotecari de la Biblioteca Judeteana “Christian Tell” Gorj si 10 bibliotecari din 10 comune din judet au parcurs cu succes un program Train of Trainers prin care si-au insusit cunostintele de predare a programului ECDL EqualSkills. Incepand cu 20 mai 2013, in cadrul bibliotecilor publice din comunele Bustuchin, Jupinesti, Scoarta, Pestisani, Ionesti, Telesti, Licurici, Logresti, Balesti si Pades din jud. Gorj s-a derulat programul de training si certificare ECDL EqualSkills. Cei 10 bibliotecari au pus in practica ce au invatat pe parcursul TOT-ului organizat de ECDL ROMANIA cu sprijinul IREX si al Bibliotecii Judetene Gorj. Astfel, a inceput un program pilot de certificare ECDL EqualSkills pentru un numar de 40 de membri ai comunitatilor rurale mentionate. Programul ECDL EqualSkills s-a desfasurat prin intermediul bibliotecarilor deveniti acum indrumatori ECDL EqualSkills. La finalul programului, participantii au obtinut certificarea ECDL EqualSkills, care atesta cunostintele elementare de utilizare a computerului cu recunoastere la nivel international. „Parteneriatul dintre programul Biblionet si ECDL ROMANIA s-a concretizat ca urmare a identificarii unui obiectiv comun, si anume acela de a crea noi servicii in bibliotecile publice, orientate catre dezvoltarea aptitudinilor si cunostintelor IT in randul membrilor comunitatii. Proiectul pilot, demarat anul acesta in 10 biblioteci locale din reteaua Biblionet a judetului Gorj, cu sprijinul echipei Bibliotecii Judetene Gorj, s-a dovedit a fi un real succes. Ii felicitam pe toti cei care au reusit sa obtina certificatul ECDL EqualSkills prin intermediul bibliotecilor publice din localitatile lor si pe bibliotecarii locali care i-au instruit. Ne bucura foarte mult aceste rezultate si ne incurajeaza sa continuam colaborarea cu echipa ECDL ROMANIA pentru a extinde acest proiect catre toate bibliotecile judetene si retelele lor de biblioteci locale, echipate in cadrul programului Biblionet. Implementat in Romania de catre fundatia IREX, Biblionet este un program de 26,9 milioane de dolari prin care incercam sa oferim bibliotecilor publice acces gratuit la internet prin dotarea cu calculatoare performante si formarea bibliotecarilor care sa ii invete pe cetateni cum sa foloseasca internetul la biblioteca. Suntem in ultimul an al programului, si deja am depasit 2.200 de biblioteci publice partenere in toate judetele din Romania si am instruit peste 4.000 de bibliotecari. Marea noastra dorinta este ca, prin intermediul acestui gen de parteneriate cu sectorul public, non-guvernamental si privat, sa asiguram sustenabilitatea programului nostru si dezvoltarea continua a sistemului de biblioteci publice din Romania” - Paul-Andre Baran - Director program Biblionet si Campion digital al Romaniei la Comisia Europeana “Alaturandu-se Biblionet, ECDL ROMANIA continua procesul continuu de alfabetizare digitala si de asigurare a oportunitatii de a dobandi competente digitale pentru fiecare persoana. ECDL EqualSkills este un program adresat celor care se tem sau care se simt depasiti de noile tehnologii, fiind gandit ca un program flexibil de invatare care ofera o introducere completa in lumea calculatoarelor. Prin parteneriatul creat, ECDL ROMANIA si IREX lucreaza impreuna si promoveaza noi servicii in bibliotecile publice orientate catre dezvoltarea aptitudinilor si cunostintelor IT pentru membrii comunitatii, in special pentru membrii comunitatilor rurale.” – Carmen-Codruta Rentea, Director general ECDL ROMANIA ECDL ROMANIA Permisul european de conducere a computerului (ECDL – European Computer Driving Licence) este cel mai raspandit program de certificare a competentelor digitale recunoscut la nivel international in 148 de tari si numara pana in prezent peste 12 milioane de persoane inregistrate in program. In afara Europei, certificarea este cunoscuta sub numele ICDL (International Computer Driving Licence). Permisul ECDL nu are limita de valabilitate in timp, competentele digitale fiind certificate pe viata, in conformitate cu programele analitice aferente fiecarui modul, aflate in vigoare la momentul sustinerii examinarii. Certificarea ECDL este vendor-independent, examenele pot fi sustinute pe mai multe suite de aplicatii. ECDL ROMANIA este Operatorul National al licentei ECDL in Romania, cu o retea de peste 700 de centre de instruire si testare acreditate pe intreg teritoriul tarii. Programul este administrat la nivel mondial de catre ECDL Foundation, principala autoritate de certificare ECDL. Pentru mai multe informatii accesati ECDL ROMANIA sau European Computer Driving Licence Foundation , Untitled Document . Sursa: ECDL ROMANIA // Apoi daca ar avea toti taranii ECLD toti ar fi hajkeri.

Numarul aplicatiilor mobile malware a crescut cu 614% in ultimul an, potrivit studiilor realizate de catre McAfee si Juniper Networks. Studiul Juniper - al treilea raport anual privind amenintarile moobile - a relevat ca majoritatea atacurilor sunt indreptate catre dispozitivele Android, avand in vedere faptul ca piata Android este intr-o continua crestere. Malware-ul destinat dispozitivelor Android a crescut intr-un ritm ametitor incepand cu anul 2010, de la 24% din totalul malware-ului mobil in acel an, la 92% in luna martie 2013. Potrivit datelor oferite de catre unitatea de cercetare Juniper Threat Center (MTC), numarul aplicatiilor mobile malware a crescut cu 614% in ultimul an, ajungand la 276.259, ceea ce demonstreaza "o crestere exponentiala a interesului infractorilor cibernetici in exploatarea dispozitivelor mobile". "Autorii malware sunt din ce in ce mai motivati de profit atunci cand proiecteaza noi atacuri si strategii de distribuire a malware-ului", a declarat Juniper. "Atacatorii isi maximizeaza concentrarea asupra investitiilor prin indreptarea a 92% din totalul amenintarilor detectate de catre MTC catre Android, care se bucura de cea mai mare cota pe piata smartphone-urilor la nivel mondial". Pe langa aplicatiile malware, Juniper Networks a identificat cateva aplicatii legitime gratuite, care ar putea permite scurgerea informatiilor corporate. Studiul a constatat ca aplicatiile mobile gratuite analizate de catre MTC au de trei ori mai multe sanse de a urmari locatia si de 2,5 ori mai multe sanse de a accesa agendele utilizatorilor decat aplicatiile contra cost similare. Aplicatiile gratuite care solicita/obtin acces la informatiile conturilor aproape s-au dublat, de la 5,9% in luna octombrie 2012, la 10,5% in luna mai a acestui an. "Fie ca dispozitivul este detinut de catre companie ori de catre angajatul acesteia, utilizatorul final foloseste acest dispozitiv atat pentru munca, cat si pentru activitatile personale. Datorita acestui lucru, companiile au nevoie de o abordare holistica pentru a gestiona si securiza dispozitivele fizice, precum si aplicatiile care sunt descarcate pe acestea", a declarat Adam Stein, senior director pentru mobile product marketing in cadrul SAP. Studiul McAfee a constatat ca un tip de malware SMS, cunoscut sub denumirea de FakeInstaller, poate fi utilizat pentru a taxa tariful premium de 4 dolari per mesaj, odata ce este instalat pe dispozitivul mobil. O aplicatie FakeInstaller "gratuita" poate costa pana la 28 de dolari, deoarece poate determina dispozitivul consumatorului sa expedieze pana la sapte mesaje catre un numar SMS premium rate. 73% din totalul malware-ului cunoscut implica FakeInstaller, potrivit raportului. "Aceste amenintari pacalesc utilizatorii sa trimita mesaje SMS catre numere premium rate, stabilite de catre atacatori", explica raportul. "In baza cercetarilor MTC, fiecare atac reusit poate genera un profit imediat de aproximativ 10 dolari. MTC a constatat, de asemenea, ca atacatorii mai sofisticati dezvolta botnet-uri si atacuri targeted mai complicate, capabile de a perturba accesarea datelor de mare valoare pe retelele corporate". Raportul Juniper a identificat peste 500 de terte magazine de aplicatii Android la nivel mondial, multe dintre acestea cu un nivel foarte scazut de responsabilitate si supraveghere, cunoscute pentru gazduirea malware-ului. Dintre tertele magazine de aplicatii malware identificate de catre MTC, 60% provin din China si Rusia. Sursa: Computerworld - IT news, features, blogs, tech reviews, career advice

Microsoft a negat afirmatiile potrivit carora compania ar fi ajutat serviciile americane de inteligenta sa spioneze utilizatorii prin intermediul chat-urilor web, emailurilor si datelor stocate in cloud. Acuzatiile au fost facute in cele mai recente rapoarte de catre The Guardian, bazandu-se pe documentele furnizate de catre Edward Snowden cu privire la programul SUA de supraveghere internet - Prism. Potrivit rapoartelor, Microsoft ar fi ajutat Agentia Nationala de Securitate (NSA) a SUA chiar sa eludeze propria criptare a companiei. Microsoft neaga, insa, aceste acuzatii, potrivit BusinessInsider.com. Compania a declarat ca ofera date cu privire la utilizatori doar in baza unor proceduri legale si ca nu "furnizeaza niciunui guvern acoperire sau acces direct la SkyDrive, Outlook.com, Skype sau orice alt produs Microsoft". Microsoft este una dintre cele noua companii de top in domeniul tehnologiei care au fost relationate cu controversatul program Prism, insa toate aceste companii au negat ca ar fi oferit NSA acces direct la sistemele lor. In cel mai puternic raspuns de pana acum la aceste acuzatii, Microsoft a declarat ca exista principii clare care ghideaza raspunsul la cereri de informatii referitoare la clienti, in ceea ce priveste aplicarea legii si problemele de securitate nationala. Compania a precizat ca ofera date cu privire la clienti doar ca raspuns la procese juridice , iar echipa sa examineaza toate cererile foarte indeaproape, pentru a verifica daca acestea sunt valabile, iar Microsoft urmeaza procedurile mentionate doar cu privire la anumite conturi sau identificatori. Cu toate acestea, declaratia a solicitat o transparenta mai mare referitoare la aceste procese, "care ar ajuta intreaga lume sa inteleaga si sa dezbata aceste probleme importante". Saptamana trecuta, Yahoo a cerut, la randul sau, mai multa transparenta in ceea ce priveste implicarea sa in programul Prism. Compania doreste ca instanta care aproba solicitarile guvernamentale de date in baza Foreign Intelligence Surveillance Act (Fisa) sa elibereze documente care sa dovedeasca faptul ca Yahoo s-a opus cu inversunare ca agentiile de inteligenta sa ii acceseze datele. Documentele se refera la un caz din 2008, cand Yahoo a incercat sa se opuna solicitarilor NSA privind informatiile despre clienti, insa obiectiile sale au fost respinse. Ulterior, cazul a fost folosit de catre guvernul SUA pentru a convinge companiile de tehnologie sa coopereze cu programul Prism. Potrivit legii federale, ordinul si argumentele Yahoo impotriva acestuia au fost tratate ca informatii clasificate. Furnizarea de informatii suplimentare cu privire la aceasta chestiune ar "informa dezbaterea si ar preveni neintelegerile", a declarat compania. In ciuda negarii implicarii de catre companiile din domeniul tehnologiei , buletine informative NSA interne, clasate drept secrete, sugereaza o cooperare profunda si in curs de desfasurare intre comunitatea de informatii si companii, potrivit celui mai recent raport The Guardian. Sursa: ComputerWeekly.com | Information Technology (IT) News, UK IT Jobs, Industry News

Datele pot fi pastrate in cristale care pot rezista la temperaturi de 1.000 grade celsius. Cercetatorii au demonstrat capacitatea de a citi si scrie date utilizand un proces de inregistrare cinci-dimensional intr-un cristal sintetic, pentru a stoca cantitati masive de date pe durata nelimitata. Cercetatorii, condusi de catre Jingyu Zhang, din cadrul Universitatii din Southampton, Marea Britanie, au inregistrat cu succes o copie digitala de 300KB a unui fisier text pe o sticla nanostructurata in 5D, utilizand laser ultrarapid si intense pulse. Fisierul a fost scris in trei straturi de puncte nanostructurate, separate de cinci micrometri (cinci milionimi de metru). Oamenii de stiinta au utilizat un laser femtosecunda, care emite pulsuri de lumina in femtosecunde (o milionime dintr-o miliardime de secunda). Laserul 5D scriere/citire poate inregistra pana la valoarea estimata de 360TB/disc pe sticla nanostructurata, care are o stabilitate termica de pana la 1000 grade celsius si, practic, o durata de viata nelimitata. Intr-o declaratie data saptamana trecuta, cercetatorii au denumit sticla "cristalul de memorie Superman", facand aluzie la "cristalele de memorie" utilizate in filmele Superman pentru a stoca cunostintele colective cu privire la istoria si civilizatia planetei Kryptonite. Cercetatorii Universitatii din Southampton au inregistrat prin nanostructuri auto-asamblate, create in cuart topit, despre care acestia au afirmat ca au capacitatea de a stoca cantitati imense de date, pentru mai mult de un milion de ani. Codificarea informatiilor vine in cinci dimensiuni, care includ dimensiunea si orientarea in plus fata de cele trei pozitii dimensionale ale acestor nanostructuri. Potrivit unei lucrari publicate recent, nanostructurile auto-asamblate schimba modul in care lumina trece prin sticla, modificand polarizarea luminii, care poate fi citita, apoi, prin combinarea unui microscop optic si a unui polarizator, similar celor care se regasesc in ochelarii de soare Polaroid. Studiul a fost realizat ca parte a unui proiect comun cu Universitatea de Tehnologie Eindhoven. "Suntem in curs de dezvoltare a unei forme de memorie portabila foarte stabila si sigura, utilizand sticla, care ar putea fi extrem de utila pentru organizatiile cu arhive mari", a declarat Jingyu. "In acest moment, companiile trebuie sa isi asigure arhivele la fiecare cinci pana la zece ani, deoarece memoria hard-drive are o durata de viata relativ scurta". Sursa: Computerworld - IT news, features, blogs, tech reviews, career advice

Cancelarul german Angela Merkel a aparat duminica ideea crearii unei reglementari europene in vederea unei mai bune protectii a datelor private ale europenilor pe Internet, intr-un interviu pentru televiziunea publica. Ea si-a exprimat dorinta ca "societatile de Internet, Facebook, Google si altele, sa fie obligate sa spuna tarilor europene cui transmit datele" utilizatorilor lor. O asemenea masura este necesar, in opinia sa, sa faca "parte dintr-un acord european privind protectia datelor", relateaza AFP. Intr-o reuniune a ministrilor europeni ai Afacerilor Interne si Justitiei la sfarsitul saptamanii, Germania va apara "o pozitie foarte stricta", a dat ea asigurari. Ea a evocat totodata rezultatele vizitei la Washington, saptamana trecuta, a ministrului de Interne Hans-Peter Friedrich, in vederea obtinerii unor clarificari din partea Guvernului american, in unor dezvaluiri despre un program de supraveghere la nivel mondial a comunicatiilor electronice de catre Statele Unite. "I s-a spus foarte clar ministrului de Interne ca nu exista un spionaj industrial vizand intreprinderi germane", a dat ea asigurari. Cancelarul Germaniei, acuzat ca stia despre spionajul informatic american Merkel a apreciat ca "vitala", saptamana aceasta, activitatea serviciilor de informatii in statele democratice, intr-un interviu pentru saptamanalul Die Zeit, aparand in mod implicit autoritatile americane. Impreuna cu Statele Unite, "actionam impotriva terorismului, insa, pe de alta parte, este necesar sa fie asigurata protectia datelor cetatenilor", a declarat ea duminica. Dezvaluiri ale fostului consultant al Agentiei Nationale americane pentru Securitate (NSA) Edward Snowden despre programul de supraveghere al Statelor Unite au provocat emotie in Germania, o tara marcata de doua dictaturi - national-socialismul si apoi comunismul in fosta Germanie de Est - care au spionat cetateni in mod sistematic. Subiectul a intrat in campania electorala, cu aproximativ doua luni inainte de alegerile legislative, opozitia acuzand-o pe Merkel ca a fost la curent cu spionarea unor cetateni germani. Principalul sau opozant, social-democratul Peer Steinbruck, a reclamat crearea unei comisii de ancheta a Parlamentului, in editia de duminica a cotidianului Bild. "In calitate de cancelar, doamna Merkel a depus juramantul sa protejeze poporul german. De-acum aflam ca s-a adus atingere in mod masiv drepturilor fundamentale ale cetatenilor germani", a declarat el in acest inteviu. Sursa Business24.Ro

We wondered last week or so how advertising giant Google could appear in a Gartner chart comparing sales in the enterprise flash drive market. Apparently the web goliath makes its own solid-state drives for its sprawling customised storage systems, and the amounts are big enough to register on Gartner's market-scanning radar screen. Google was responsible for almost 9 per cent of enterprise SSD sales in 2012, said Gartner, and fourth after Intel, Fusion-io and Samsung. A Gigaom report quotes a Gartner research veep Joe Unsworth on the topic: "We have to associate a revenue number to the Google consumption, although admittedly it is closer to cost than any of the other vendors since they consume it all internally (they wouldn’t pay themselves the margin of course).” Hmm. The storage desk at Vulture Central doesn't know if it agrees with Unsworth's take on the situation. Does building flash chips for your own use count as an enterprise SSD sale? Where are the factories? Stuff your thoughts in this forum topic please. ® Sursa TheRegister.co.uk

'Fix' for flaw in codec has video editors screaming and gamers steaming Last week's Patch Tuesday has reportedly gone sour, with one of patches released by Redmond causing trouble for video playback. The 34-bug patches issued on July 9 include a fix for Microsoft's WMV codec used in wmv9vcm.dll, wmvdmod.dll for WMF Runtime 9 and 9.5, and wmvdecod.dll in WMF runtime 11 and Windows Media Player 11 and 12. The vulnerability in the codecs could be attacked with a crafted media file that gets past input validation features, crashing them and giving remote attackers the ability to execute arbitrary code. However, InfoWorld is now reporting that the patch is causing problems in video playback, with the most common symptom being that it blacks out the top half of the video content. Adobe users have found that the blackout applies to high-quality large video files under Premier Pro CS6, with the symptom also appearing in exported files. Adobe describes the problem here, with the recommendation that if users need WMV files, they need to roll back the relevant patch. Other reports of the problem listed by InfoWorld include TechSmith's Camtasia Studio and Serif MoviePlus X6. The bug's also upsetting people in gamer-land: as soon as they installed the update, Steam users started suffering the same symptom in cut scenes for Dust: An Elysian Tail and Ion Assault. The only workaround right now is to uninstall the patch associated with MS13-057. ® Sursa TheRegister.co.uk

Chocolate Factory's 'http://search' plan may 'harm security of internet' The Architecture Board (IAB) has issued a statement in which it all-but-rules-out Google's plan to take over some new top-level domains and offer them in “dotless” configurations that would enable web addresses like “http://search". Google outlined its plans for .search, .app and cloud back in April. The idea of Google owning or operating the domains earned a frosty reception. Now the IAB, a a committee of the Internet Engineering Task Force (IETF) that among other things “ … provides oversight of, and occasional commentary on, aspects of the architecture for the protocols and procedures used by the Internet” has put the kybosh on the idea. The Board's reasons why are explained here in a statement that says “dotless domains will not work as intended by TLD operators in the vast majority of cases” because the Internet wasn't built to support them. Such domains can work, the statement says, if organisations configure their own “search lists” to make them possible. That's even a feature of DNS, “ … because most users entering single-label names want them to be resolved in a local context, and they do not expect a single name to refer to a TLD.” But not everyone does so, which means “dotless domains will not behave consistently across various locations”. That leads the IAB to suggest “they have the potential to confuse users and erode the stability of the global DNS”. Worse still, dotless domains may hurt internet security. Here's why: The Board concludes that it “believes that the current IETF recommendations against the use of dotless domains are important to the continued viability and success of the Internet, and strongly recommends that the Internet community strictly adhere to them.” ® Sursa TheRegister.co.uk

Research tracks 25m browser warning messages, says Chrome users most reckless You're surfing the 'net when Chrome decides not to bring you the web site of your choice, but instead a page warning that the site you'd hoped to visit might be bogus or contain malware. Do you: (a) Click on “Proceed anyway” because you really want to see the cat picture someone Tweeted to you; ( Click “Back to safety” because it's not worth having crims empty your bank account for a peek at one cute kitty. If you picked the first option and ended up being pwned by something nasty, there's no need to feel completely stupid: a new study by Google has found that over 70 per cent of people ignore some such warnings. The study, Alice in Warningland: A Large-Scale Field Study of Browser Security Warning Effectiveness ((PDF) collected “25,405,944 warning impressions in Google Chrome and Mozilla Firefox in May and June 2013” and found that plenty were ignored. Here's the basic data. Interestingly, users are less circumspect when using early versions of software, as this block of data reveals. Keen-eyed Reg readers have probably noticed the table above also shows Chrome users ignoring more warnings than most. The study's authors, one Googler and Devdatta Akhawe of the University of California, Berkeley, are not sure why Chrome users are so blasé. False positives are one possible reason, differing levels of competence among users are also found to account for another point or two of difference. “Warning fatigue” is advanced as another reason users ignore warnings, and the study re-learns one of the lessons of Windows Vista by pondering if fewer warnings may be one way to improve security. “Our findings motivate more work on browser security warnings, with particular attention paid to demographics,” the paper concludes. “At Google, we have begun experimenting with new warning designs to further improve our warnings.” ® Sursa TheRegister.co.uk

Internet Igors have fused genomes from two of the web's most noxious scam strains to create a repulsive chimaera. The new ransomware doing the rounds locks up victims' PCs before forcing their users to complete a survey in order to receive an unlock code. Traditional ransomware scams typically involving locking up systems before accusing prospective marks of some fictitious crime, from distributing music or films on file-sharing networks to circulating child-abuse images. Victims are typically coerced into coughing up a "fine" of about £100 using untraceable cash vouchers in order to obtain codes to unlock their computers. Tying things up in survey scams is a new and arguably less ambitious tactic. Survey scams typically involve attempts by dodgy marketing affiliates to trick consumers into completing a survey that offers the "chance" to win an iPad or similar. In reality the ruse is purely designed to harvest personal information. In more extreme cases victims are tricked into handing over their mobile number and signed up for expensive but lame premium rate services, such as daily horoscopes by SMS. Packaged scams to get victims (referred to as "slaves") to complete online surveys using ransomware have begun appearing in underground cybercrime forums. Webroot has a write-up on one such scam, together with screeenshots, in a blog post here. The ransomware strain blocks Task Manager, CMD, Regedit and the Start Menu. "Despite the fact that the ransomware doesn’t pose any sophisticated features ... it [still] provides an example of an efficient business model aiming to utilize cost-per-action (CPA) affiliate networks in an attempt to generate revenue for the market participants," writes malware researcher Dancho Danchev. ® Sursa TheRegister.co.uk

Nu ne intereseaza.

Auzi ba isecity .. ce pula mea ma intereseaza pe mine ca ai picat nu stiu ce cacaturi de site-uri ? Posteaza-le pe forumul tau nu aici.

Nu sunt admin dar probabil ca m-am saturat sa vina unul precum "romanu" sa faca dintr-un topic ceva ce nu este. Ne-am spus parerea despre video ca e fake , etc. Nu e nevoie sa vii tu sa ne injuri fara motiv . Apoi sa spui de mine ca sunt metinar nu ai nimerit-o , sincer iti spun.

romanu : Calm ca n-a facut nimeni nimic din topic-ul asta.Mai usor cu injuraturile ca aici chiar sunt fara rost.