IT Support and Hardware for Clinics
32.4K views | +7 today
Follow
IT Support and Hardware for Clinics
News, Information and Updates on Hardware and IT Tools to help improve your Medical practice
Your new post is loading...
Your new post is loading...
Scoop.it!

Obama Signs Cyberthreat Information Sharing Bill

Obama Signs Cyberthreat Information Sharing Bill | IT Support and Hardware for Clinics | Scoop.it

On Dec. 18, both houses of Congress enacted the Cybersecurity Information Sharing Act, which is part of a 2,009-page $1.1 trillion omnibus spending bill (see page 1,729). CISA will establish a process for the government to share cyberthreat information with businesses that voluntarily agree to participate in the program.


The legislation is an important tool to help protect the nation's critical infrastructure, says Daniel Gerstein, former Homeland Security acting undersecretary and a cybersecurity expert at the think tank Rand Corp. "Sharing information between industry and the federal government will allow for development of countermeasure signatures that can be incorporated into networks," Gerstein says. "In the absence of such sharing, protecting networks becomes much more challenging. ... CISA is not intended to be a comprehensive bill for cybersecurity. Rather, it focuses on the exchange of information between industry and the federal government. "


Larry Clinton, president of the industry group Internet Security Alliance, says the approval of the bill by large, bipartisan majorities in both the House and Senate demonstrates the growing realization that the nation faces a major cybersecurity problem. "It speaks to the need to come together in a way rarely evidenced lately in D.C. and begin to attack this problem together," Clinton says. " It's a rare instance of our government system actually working in a bipartisan fashion for the public good."

Winner, Loser

Passage of CISA is seen as a victory for big business and a defeat for privacy and civil liberties advocates.


Consumer advocates say the new law provides limited privacy protections to Americans. They object to the lack of transparency in drafting the measure's provisions in secrecy and then inserting it into a spending bill that keeps the government operational. "This shows disrespect for the people whose privacy is at stake in this process, and who deserve real cybersecurity, not more surveillance," says Drew Mitnick, policy counsel for the advocacy group Access Now. "Simply put, we expect more from our elected leadership."


But business groups generally supported the legislation. "This legislation is our best chance yet to help address this economic and national security priority in a meaningful way and help prevent further attacks," says U.S. Chamber of Commerce President Thomas Donohue. "Government and businesses alike are the target of these criminal efforts, and CISA will allow industry to voluntarily work with government entities to better prevent, detect and mitigate threats."

Key Provisions

At CISA's core are provisions designed to get businesses to voluntarily share cyberthreat information with the government. The main incentive is furnishing businesses with liability protections from lawsuits when they share cyberthreat information, such as malicious code, suspected reconnaissance, security vulnerabilities and anomalous activities, and identify signatures and techniques that could pose harm to an IT system. The new law also will provide antitrust exemption for sharing threat data among businesses.


The liability protections alone won't get many businesses to share threat information. "A bill is not going to prompt an organization to change," says Chris Pierson, chief security officer at invoicing and payments provider Viewpost. "What it will do is help the internal teams that want to share have better ammunition for their legal counterparts and compliance people to understand that sharing of threat data and indicators is being done in a coordinated fashion. The true win here will be the communication around what to share, how to share and the business benefit for companies that share."


CISA designates the Department of Homeland Security to act as the cyberthreat information-sharing hub between government and business. Civil liberties activists wanted a civilian agency, not a military or intelligence entity such as the National Security Agency, to shepherd the flow of cyberthreat information between government and business. But the legislation will not prevent the NSA and other intelligence agencies from getting hold of the cyberthreat information.


One provision of the law will require DHS to establish an automated system to share cyberthreat information in real time with other government agencies. The law also will allow the president, after notifying Congress, to set up a second information-sharing center if needed.


CISA will require the removal of personally identifiable information from data before it is shared. However, the vagueness of the law's language could result in "more private information [being] shared than the privacy community would prefer," says Paul Rosenzweig, a former Homeland Security deputy assistant secretary for policy, who analyzed the measure's language.

Healthcare Industry Study

The omnibus bill also includes language to require the Department of Health and Human Services to convene a task force 90 days after enactment of the legislation to address the cybersecurity threats facing the healthcare sector. This task force would:


  • Analyze how other industries have implemented cybersecurity strategies;
  • Evaluate challenges and barriers facing private healthcare organizations in defending against cyberattacks;
  • Review challenges the industry confronts in securing networked security devices; and
  • Develop a plan to share cyberthreat information among healthcare stakeholders.


The task force would report its findings and recommendations to appropriate congressional oversight committees.

more...
No comment yet.
Scoop.it!

Netflix Is Dumping Anti-Virus, Presages Death Of An Industry

Netflix Is Dumping Anti-Virus, Presages Death Of An Industry | IT Support and Hardware for Clinics | Scoop.it

For years, nails have been hammering down on the coffin of anti-virus. But none have really put the beast to bed. An industry founded in the 1980s, a time when John McAfee was known as a pioneer rather than a tequila-downing rascal, has survived despite the rise of umpteen firms who claim to offer services that eradicate the need for anti-virus.

Now, however, movie streaming titan Netflix NFLX +7.34% is hammering a rather significant nail in that old coffin, one that could well lead to the industry’s final interment. Because Netflix, a well-known innovator in the tech sphere, is the first major web firm to openly dump its anti-virus, FORBES has learned. And where Netflix goes, others often follow; just look at the massive uptick of public cloud usage in recent years, following the company’s major investment in Amazon Web Services.


Let’s take a second to look at the decline of the anti-virus industry. Anti-virus has been the first line of defence for many firms over the last quarter of a century. Generally speaking, AV relies on malware signatures and behavioural analysis to uncover threats to people’s PCs and smartphones. But in the last 10 years, research has indicated AV is rarely successful in detecting smart malware. In 2014, Lastline Labs discovered only 51 per cent of AV scanners were able to detect new malware samples.

Despite its shortcomings, many are still required to keep hold of their AV product because they’re required to by compliance laws, in particular PCI DSS, the regulation covering payment card protections. There’s also the argument that AV is necessary to pick up the “background noise”, as Quocirca analyst Bob Tarzey describes it. “Despite more and more targeted attacks, random viruses are still rife and traditional AV is still good at dealing with these,” he claims. Major players, includingSymantec SYMC +5.00% and Kaspersky, continue to make significant sums, even if results aren’t stellar.


But it’s now possible to dump anti-virus altogether, and Netflix is about to prove it. The firm has found a vendor that covers those compliance demands in the form of SentinelOne. As SentinelOne CEO Tomer Weingarten told me, his firm was given third-party certification from the independent AV-TEST Institute, validating it can do just what anti-virus does in terms of protecting against known threats, whilst providing “an additional new layer of advanced threat protection”. Its end-point security doesn’t rely on signatures, it monitors every process on a device to check for irregularities and does not perform on-system scans or require massive updates like anti-virus, Weingarten said.


“Large enterprises are recognizing that anti-virus is not adding a lot of value to their security posture. Instead of just bolting on more and more layers, companies are looking for ways to reuse their anti-virus budget to achieve better security,” he added.


And that’s what Netflix has done. “It was three years ago we were doing a re-evaluation of anti-virus and out evaluation said that anti-virus is dead, so we’ve been trumpeting that for years,” Rob Fry, Netflix senior security architect, told FORBES. “The problem was there wasn’t really a replacement at the time. Fast-forward three years and now there’s next-generation everything. Then the next question is: how mature are they?


“The direction we decided to go was with a company called SentinelOne, who we’ve been working with for year and a half. They were a true replacement for end-point protection.

“We’re in the process of leaving anti-virus. We did not renew our anti-virus contract this year.”


He complained of poor support from his anti-virus provider, whom he chose not to name, noting Netflix simply “chose the one that sucked the least”. “The AV piece wasn’t even the most valuable thing, it was the URL filtering,” he added, referring to the blocking of malicious websites Netflix staff were visiting whilst on the corporate network.

For any CISOs out there, they’ll need some more convincing that SentinelOne really can do the job of finding low and high-grade malware. Aside from the AV-TEST Institute certification, there’s little in the way of third-party analysis of the company’s kit.


Skeptics on the death of anti-virus will have their voices heard too. “I don’t believe the era of anti-virus software is dead but that we need to evolve the technologies and other defences we use to properly address the variety and sophistication of the threats we face,” noted Brian Honan, security consultant.


But Netflix is unlikely to listen to naysayers. And it isn’t taking it easy on so-called “next-generation” kit either. In recent years, it decided to ditch FireEye, considered a major player in the post-AV anti-malware game. That’s not because of the quality of protection the firm offers, however, but the lack of application programming interfaces (APIs), Fry said.


APIs allow Netflix to hook up its various security systems so they worked concomitantly and could feed on each others’ data to provide more advanced security. When Fry goes looking for fresh vendors, there are two musts: a cloud strategy and APIs. As FireEye wasn’t willing to provide them at the time, Netflix moved over to ProtectWise, another advanced attack detection company, he told FORBES.

A FireEye spokesperson noted that since early 2014 FireEye has had a “rich, secure, documented and formally supported” API across the majority of its products. “These APIs are used by a broad selection of end-customers, reseller/managed service and technology integration partners,” they added.


What’s apparent with the spate of major cyberattacks seen this year, from Ashley Madison to Hacking Team TISI +% and theUS government, the world’s biggest firms are demanding more from the companies that have tried and failed to adequately protect them

more...
No comment yet.
Scoop.it!

We just learned more about Samsung's big competitor to Apple Pay

We just learned more about Samsung's big competitor to Apple Pay | IT Support and Hardware for Clinics | Scoop.it

Samsung announced its new mobile payments system months ago, but we just got our first look at how it actually works.

Samsung Pay will be available in the United States starting in September after first launching in South Korea this month.


Samsung's payment system is different than Apple's in one crucial way — it works at standard mobile payment terminals with magnetic stripe readers and NFC terminals. This means you can use Samsung Pay anywhere you can use a credit card, while you can only use Apple Pay and other payment solutions such as Google Wallet at retailers that have NFC terminals.


We've known about this for a while, but Samsung has just told us more about how you'll actually use the service when it launches. If you have Samsung Pay all set up, you can swipe up on the lock screen to select which card you want to pay with, as shown to the right.


This works even if your phone is asleep, so you don't have to turn on the display to start a payment transaction. From there, you can choose to authenticate your purchase by typing in a PIN or by pressing your fingerprint on the home button. Samsung also says its Knox software is integrated into Samsung Pay, which adds real-time hacking surveillance and encryption to the service.


Since Samsung Pay is compatible with both NFC and magnetic stripe terminals, your phone automatically decides to choose one or the other when you're making a purchase. 

more...
No comment yet.
Scoop.it!

Samsung Touts Video Chops With Two More Big Screen Phones

Samsung Touts Video Chops With Two More Big Screen Phones | IT Support and Hardware for Clinics | Scoop.it

As expected (and amply leaked), Samsung has today whipped back the curtain on a pair of new flagship smartphones, announcing two new phablets: the Galaxy Note 5 (pictured above) and the Galaxy S6 Edge+ at press events in New York and London.


The focus for Samsung here is bigger handsets that can do more with multimedia content, letting the user make use of additional screen real-estate for video editing or livestreaming, or multitasking with multiple content windows on screen.


The Korean giant doesn’t normally drop flagship smartphones in August but is presumably hoping to hog the limelight by announcing new kit in what is typically a fallow month for tech news — before the hype cycle spins up again come September, when Apple typically unboxes new iPhones. (In the event, Chinese mobile maker Xiaomi stole a march on Samsung’s phablet new by announcing its own pair of newbies earlier today.)


Here’s a quick rundown of the new additions to Samsung’s handset Galaxy, which will be landing in some 7,000 retail stores in the U.S. for preview starting from tomorrow (but on sale globally later this month):


Galaxy Note 5


The Galaxy Note 5 is the sequel to the 5.7-inch display Note 4, which launched back in September 2014. The display remains the same size (and same quad-HD res), but RAM has been beefed up to 4GB.


The design has also been tweaked to be thinner and slimmer, with a narrower bezel and curved back. The rear camera is still 16MP, but there’s now 5MP on the front. Both are f1.9.


The S-Pen stylus has also had an update — with an “all new” design, and, says Samsung, improved writing capabilities (albeit it said that at the last Note update…), including the ability to jot down info even when the screen is off.


Users can also now annotate PDF files using the S-Pen, and capture a whole website from top to bottom using a Scroll Capture feature. And the pen is easier to extract from its kennel inside the Note, thanks to a “one click” extraction mechanism.


Available colorways for the Note 5 are “Black Sapphire” and “White Pearl”. There are 32GB and 64GB variants (but no microSD card slot — a factor that’s going to continue to grate on long-time Samsung fans).


Galaxy S6 Edge+


The Galaxy S6 Edge+ updates one of two new flagships Samsung unboxed back in March at the Mobile World Congress trade show — namely the S6 Edge.

The flagship feature of that handset was a screen with curved edges. Those curves spill over now to the S6 Edge+ but the overall size of the screen has also been increased to phablet size — so it’s been bumped up from 5.1 inches to 5.7 inches. As with the S6 Edge, the curved edges can be used as a shortcut from any screen to access top contacts and apps, by swiping along the edge.


As with the Note 5, RAM has also been increased to 4GB. And the rear camera is 16MP, with a 5MP lens on the front.


Available colorways for the S6 Edge+ are “Black Sapphire” and “Gold Platinum” (below). And there are also 32GB and 64GB variants (but again no microSD card slot).


 

Multimedia focus


Both devices sport improved video stabilization when shooting from the front or rear camera, according to Samsung.  There’s also a new video collage mode that allows users to shoot and edit short videos more easily, adding various frames and effects. And a 4K Video filming feature to record content for 4K TVs.


A full HD Live Broadcast option lets users instantly stream video straight from the phone to any individual, group of contacts, or through YouTube Live — a la live streaming apps like Meerkat and Periscope. While Samsung touts other camera and audio improvements such as a quick launch feature (by double clicking the home button from any screen to jump into the camera), and support for UHQA for richer audio quality.


Both handsets also support Samsung Pay — the company’s forthcoming NFC and magnetic secure transmission mobile payment tech which it’s lining up as an Apple Pay rival.


There’s also embedded wireless charging on both, but wireless charger pads aren’t included — so that’s an additional accessory you’d have to have or buy yourself.

more...
No comment yet.
Scoop.it!

Windows 10 Ransomware Scam Represents Growing Trend in Malware

Windows 10 Ransomware Scam Represents Growing Trend in Malware | IT Support and Hardware for Clinics | Scoop.it

I don’t usually jump on the new software or device bandwagon immediately. I tend to wait until something has been on the market for a little while and let other people work the bugs out first. However, the release of Windows 10 intrigues me. I had the chance to talk to some people at RSA about it, and I’m not sure the last time I heard so much enthusiasm for a new Microsoft product.


The release came at the end of July, with the upgrade made available for free. Who doesn’t like free, right?

Consumers aren’t the only ones who appreciate a free upgrade, though. Scammers and bad guys are taking advantage of the Windows 10 launch, too, using phishing emails to spoof the arrival of the OS. As PC World explained, the scam does a very good job mimicking a legitimate Microsoft announcement regarding Windows 10. The difference, though, was this:


An attached .zip file purports to be a Windows 10 installer … the attachment contains a piece of ransomware called CTB-Locker that encrypts your files and requests payment within 96 hours, lets your files be encrypted forever.


I can’t imagine that anyone would be surprised that the bad guys would try to take advantage of the OS release. However, according to Cisco’s midyear report, using ransomware is part of a growing trend with hackers using social and breaking news events to deliver ransomware. According to the report, ransomware has really stepped up its game, with improved professional development to encourage innovation and to ensure that the malware brings in financial gains.

The Cisco blog explained more about how it works:


The ransoms demanded are usually affordable, generally a few hundred dollars depending on the bitcoin exchange rate. Criminals appear to have done their market research to determine the right price points for the best results: Fees are not so high that victims will refuse to pay or will tip of law enforcement. Ransomware authors keep their risk of detection low by using channels such as Tor and the Invisible Internet Project to communicate, and they use bitcoin so that financial transactions are difficult for law enforcement to trace.


Will we see more problems with ransomware going forward? I suspect the answer is “Yes,” especially as the developers get smarter about manipulating the ransom for their own gain. (Remember, as successful as Cryptolocker was at locking down a computer’s data, too many weren’t able to pay the ransom with Bitcoin, and, in turn, the developers weren’t able to make the money they planned to make.) We know that the spammers are very good at faking us out with phishing attacks. So enjoy your new Windows 10 upgrade. Just download with a lot of caution.

more...
No comment yet.
Scoop.it!

More Retailers Hit by New Third-Party Breach?

More Retailers Hit by New Third-Party Breach? | IT Support and Hardware for Clinics | Scoop.it

CVS, Rite-Aid, Sam's Club, Walmart Canada and other large retail chains have suspended their online photo services following a suspected hack attack against a third-party service provider that may, in some cases, have resulted in the compromise of payment card data.


The suspected breach centers on PNI Digital Media Inc., a Vancouver-based firm that manages and hosts online photo services for numerous retailers. The incident serves as a reminder of the security challenges that organizations face when it comes to managing their third-party vendors and entrusting them with sensitive customer information.


Numerous chains have confirmed that they are investigating potential breaches - some involving payment card data - after being warned by PNI Digital Media that it may have suffered a hack attack that resulted in the compromise of retailers' customers' names, addresses, phone numbers, email addresses, photo account passwords and credit card information. But none of the retailers involved have so far reported that they believe the breach would affect any of their in-store customers, including anyone who used in-store photo services.


PNI Digital Media did not immediately respond to a request for comment on its reported breach investigation. Until July 17, the company's investors page reported that it worked with numerous retailers, and while that page is now blank, a recent version cached by Google's search engine reads: "PNI Digital Media provides a proprietary transactional software platform that is used by leading retailers such as Costco, Walmart Canada, and CVS/pharmacy to sell millions of personalized products every year. Last year, the PNI Digital Media platform worked with over 19,000 retail locations and 8,000 kiosks to generate more than 18M transactions for personalized products."

CVS Confirms Investigation

On July 17, CVS spokesman Mike DeAngelis confirmed that CVSPhoto.com may have been affected by the suspected PNI Digital Media breach. "We disabled the site as a matter of precaution while this matter is being investigated," DeAngelis tells Information Security Media Group.


The cvsphoto.com site now reads in part: "We have been made aware that customer credit card information collected by the independent vendor who manages and hosts CVSPhoto.com may have been compromised. As a precaution, as our investigation is underway we are temporarily shutting down access to online and related mobile photo services. We apologize for the inconvenience."

CVS says PNI Digital Media collects credit and debit information for customers who purchase online photo services through CVSPhoto.com. Accordingly, CVS recommends that all customers of its online photo service review their credit card statements "for any fraudulent or suspicious activity" and notify their bank or card issuer if anything appears to be amiss. "Nothing is more central to us than protecting the privacy and security of our customer information, including financial information," CVS says. "We are working closely with the vendor and our financial partners and will share updates as we know more."

Rite Aid: No Suspected Card Theft

Drugstore chain Rite Aid has also taken its online and mobile photo services offline. "We recently were advised by PNI Digital Media, the third party that manages and hosts mywayphotos.riteaid.com, that it is investigating a possible compromise of certain online and mobile photo account customer data," Rite Aid's site reads. "The data that may have been affected is name, address, phone number, email address, photo account password and credit card information."


Unlike CVS, however, Rite Aid reports that it does not believe that its customers' payment-card data is at risk. "Unlike for other PNI customers, PNI does not process credit card information on Rite Aid's behalf and PNI has limited access to this information," it says, adding that it has received no related fraud reports from its customers.

Sam's Club has also taken its online photo service offline, "in an abundance of caution and as a result of recent reports suggesting a potential security compromise of the third-party vendor that hosts Sam's Photo website." As with Rite Aid, however, Sam's Club reports that "at this time, we do not believe customer credit card data has been put at risk."


Costco and Tesco Photo have also suspended their online photo services.


Walmart Canada, which also outsources online photo services to PNI, also may have been affected by the possible breach, according to the The Toronto Star, and the retailer has since suspended its online photo services website. "We were recently informed of a potential compromise of customer credit card data involving Walmart Canada's Photocentre website, www.walmartphotocentre.ca," Walmart states. "We immediately launched an investigation and will be contacting customers who may be impacted. At this time, we have no reason to believe that Walmart.ca, Walmart.com or in-store transactions are affected.


Walmart did not respond to Information Security Media Group's request for comment. ISMG also reached out to office supplier Staples, which owns PNI, but did not get a response.

"PNI is investigating a potential credit card data security issue," a Staples spokesperson told The Toronto Star.

Growing Third-Party Breach Concerns

PNI's potential breach comes just a week after Denver-based managed services provider Service Systems Associates announced that a breach linked to a malware attack against its network had likely affected about 12 of the payments systems it operates for gifts shops at retail locations, which include zoos, museums and parks, across the country.


Service Systems Associates says debit and credit purchases made between March 23 and June 25 may have been compromised.

On July 7, the Financial Services Information Sharing and Analysis Center, along with Visa, the U.S. Secret Service and The Retail Cyber Intelligence Sharing Center, which provides threat intelligence for retailers, issued a cybersecurity alert about risks merchants face when dealing with third parties.


The alert lists a number of security recommendations for managing third-party risks, including using multifactor authentication for remote-access login to point-of-sale systems and including specific policies related to outdated operating systems and software in contracts with vendors.


Earlier this month, Chris Bretz, director of payment risk at the FS-ISAC, warned that managed service providers that offer outsourced services to numerous merchants are increasingly being targeted by cybercriminals.


"Criminals continue to find success by targeting smaller retailers that use common IT and payments systems," Bretz said in an interview with ISMG. "Merchants in industry verticals often use managed service provider systems. There might be 100 merchants that use a managed service provider that provides IT and payment services for their business."

more...
No comment yet.
Scoop.it!

A government key to unlock your encrypted messages has major problems and security experts are up in arms

A government key to unlock your encrypted messages has major problems and security experts are up in arms | IT Support and Hardware for Clinics | Scoop.it

Top computer scientists and security experts are warning that government proposals to gain special access to encrypted communications could result in significant dangers. 

A consortium of world-renowned security experts has penned a report detailing the harm that regulating encryption would cause, writes the New York Times


Hard encryption — which global authorities are now trying to combat — is a way to mathematically cipher digital communications and is widely considered the most secure way to communicate online to avoid external snooping. 


This follows news last week that British Prime Minister David Cameron made a proposal to ban encryption as a way to "ensure that terrorists do not have a safe space in which to communicate."  


Since then, experts have begun weighing in about the effect of such drastic measures. This includes well-known cryptographer Bruce Schneier, who told Business Insider that such a strong encryption ban would "destroy the internet."

The new report, which was released today, takes a similarly hard stance. "The complexity of today’s Internet environment, with millions of apps and globally connected services, means that new law enforcement requirements are likely to introduce unanticipated, hard to detect security flaws," it writes. Not only that, but federal authorities have yet to explain exactly how they planned to gain "exceptional access" to private communications.


The report concludes, "The costs would be substantial, the damage to innovation severe, and the consequences to economic growth difficult to predict." In short, the experts believe that trying to put limitations on encrypted communications would create myriad problems for everyone involved. 


This sort of fissure between security experts and federal authorities isn’t new. In fact, a similar proposal was made by the Clinton Administration in 1997 that also took aim at hard cryptography. Back then, a group of experts — many of whom are authors on this new report — also wrote critically about the anti-encryption efforts.

In the end, the security experts prevailed. 


Now, it’s not so certain. FBI director James Comey has joined the ant-encryption brigade, saying that "there are many costs to [universal strong encryption.]"

He and the US deputy attorney general Sally Quillan Yates are scheduled to testify before Senate tomorrow to defend their views, the New York Times reports.

The question now is whether other federal officials will side with people like Comey and Cameron or the group of security experts. 

In the paper's words, creating such back-door access to encrypted communications "will open doors through which criminals and malicious nation-states can attack the very individuals law enforcement seeks to defend."

more...
No comment yet.
Scoop.it!

Microsoft Rolls Out The Latest Windows 10 Build To Its 5 Million Testers

Microsoft Rolls Out The Latest Windows 10 Build To Its 5 Million Testers | IT Support and Hardware for Clinics | Scoop.it

Late last week, Microsoft kicked out another Windows 10 build, numbered 10162, to the ‘fast ring’ of its testing community.

The larger Windows Insider program has two groups, fast and slow, allowing people to select how raw they want their code.


The build was rolled out to the larger group of testers today, those in the slow ring. Given that Windows 10 is now just 23 days out, it’s worth taking a moment to dig into what is being released.


The 10162 build, according to Microsoft’s Gabe Aul (see below), isn’t focused new features, but instead contains “bug fixing and final polish.” The company has released a number of builds in recent weeks that were of similar ilk, aimed at beating the operating system into shape, instead of expanding its capabilities.


The code was first pushed to the ‘fast ring’ of testers on the second of this month.

So, consider this to be a build akin to done, but not quite. That means that if you are currently testing Windows 10, regardless of what group you are in, you can now use Windows 10 in a nearly-normal capacity. How polished it is remains your own judgement.

Microsoft recently explained to the public how it will roll out Windows 10. The company intends to deploy the final build to its testing community on the 29th of this month. Following, in waves, other groups will be brought into the fold.


Earlier this morning, The Verge’s Tom Warren reported that Microsoft intends to RTM Windows 10 and distribute it to equipment manufactures (OEMs) later this week. That makes it not too surprising that the software company is working to get fresh code out into the hands of its community.


The long Windows 10 dance is nearly to its first conclusory benchmark. Microsoft has made noise for some time now that it will continue to update the code in perpetuity. But all races, even those that don’t end, have a day one.

    more...
    No comment yet.
    Scoop.it!

    Surveillance Software Firm Breached

    Surveillance Software Firm Breached | IT Support and Hardware for Clinics | Scoop.it

    Hacking Team, an Italian developer of "easy-to-use offensive technology" - including spywareand other surveillance software that it sells to police, law enforcement and intelligence agencies - appears to have been breached and large quantities of corporate information leaked.


    On July 5, hackers also appeared to have seized control of the Hacking Team's Twitter account,@hackingteam, after which they changed the company's logo and posted the following message: "Since we have nothing to hide, we're publishing all our e-mails, files, and source code."


    The message included links to a Torrent file that reportedly includes 400 GB of the aforementioned data, including the source code for its "Remote Control System," known as both DaVinci and Galileo. Hacking Team advertises that the software is able to intercept Skype and voice calls, as well as data stored on PCs. The leaked data reportedly also includes passwords for multiple Hacking Team employees and customers, as well as previously disclosed zero-day vulnerabilities.

    The Hacking Team data leak reportedly reveals that the company's customers have apparently ranged from the U.S. FBI and Drug Enforcement Agency to the governments of Sudan and the United Arab Emirates. Credit for the hack and data breach has reportedly been claimed by PhineasFisher, who has previously targeted vendors for allegedly selling surveillance software to repressive regimes. "Gamma and HT down, a few more to go :),"PhineasFisher said July 6 via Twitter.


    Threat intelligence firm iSight Partners says in a research note that it believes that the breach occurred, and that most or all of the leaked data is genuine, because "convincingly fabricating that much information is prohibitively time intensive." It also warns that the source code could soon become part of other hackers' toolsets. "Hacking Team's tools and techniques will likely begin to be incorporated in other malware and surveillance tools." Allegedly leaked Hacking Team code has already been added to the GitHub code-sharing repository.


    Hacking Team did not immediately respond to a request for comment about the breach, so the contents of those alleged customer lists could not be confirmed. Hacking Team senior system and security engineer Christian Pozzi, whose emails and personal passwords - including for multiple social media accounts - appear to have been included in the leak, says via Twitter on July 6: "We are currently working closely with the police at the moment. I can't comment about the recent breach."

    But the authenticity of that message is questionable, since Pozzi's Twitter account later posted a message suggesting that it too had been compromised by hackers: "We are closing down. Bye Saudi Arabia. You paid us well. Allahuhakbah." After those messages appeared, Pozzi's Twitter account appears to have been deleted in its entirety.

    The Company's Customers

    Numerous privacy rights groups say that the data leak provides a rare look into how governments spy on people at home and abroad. "Hacking Team is one of the most aggressive companies currently supplying governments with hacking tools," says Eric King, deputy director of civil rights group Privacy International. "[The] leak of materials reportedly shows how Hacking Team assisted some of the world's most repressive regimes - from Bahrain to Uzbekistan, Ethiopia to Sudan - to spy on their citizens.


    Hacking Team advertises its Galileo and DaVinci software as being "the hacking suite for governmental interception," noting that it can handle "up to hundreds of thousands of targets, all managed from a central place." Some of the software's capabilities have been previously described by Citizen Lab, a privacy project run by the University of Toronto, which says that the vendor's spyware can copy files from the hard drive of an infected PC, record Skype calls and emails, intercept passwords typed into Web browsers, as well as remotely activate webcams and microphones. To employ the spyware, however, government agencies must first sneak it onto targets' PCs, and Citizen Lab says that phishing attacks are likely the most-used technique for accomplishing this.


    Privacy researcher Christopher Soghoian, principal technologist at the American Civil Liberties Union, says via Twitter that according to the leaked information, Hacking Team's customer list "includes South Korea, Kazakhstan, Saudi Arabia, Oman, Lebanon, and Mongolia."


    Soghoian adds via Twitter that according to a leaked March 2013 invoice for the first half of a related payment, Hacking Team also completed a €260,000 ($290,000) deal with the government of Azerbaijan by selling "through a shadowy front company in Nevada" named Horizon Global Group.


    Citizen Lab had previously questioned whether Hacking Team was selling to governments that are widely viewed as being repressive. "We suspect that agencies of these twenty-one governments are current or former users of RCS: Azerbaijan, Colombia, Egypt, Ethiopia, Hungary, Italy, Kazakhstan, Korea, Malaysia, Mexico, Morocco, Nigeria, Oman, Panama, Poland, Saudi Arabia, Sudan, Thailand, Turkey, UAE, and Uzbekistan," it says in a 2014 report. "Nine of these countries receive the lowest ranking, 'authoritarian,' in The Economist's 2012 Democracy Index. Additionally, two current users - Egypt and Turkey - have brutally repressed recent protest movements."


    The company's customer list had also earned it a place on the "Enemies of the Internet" list maintained by civil rights group Reporters Without Borders.


    The Hacking Team's alleged "maintenance agreement" tracker has been published to text-sharing website Pastebin; it says that the company's customers also include the U.S. Drug Enforcement Agency - as news outlet Vice first reported in April - and government agencies across the EU, including the Czech Republic, Hungary, Luxembourg, Poland and Spain. The FBI, meanwhile, is listed in that maintenance agreement as having an "active maintenance contract" with Hacking Team through June 30, 2015, while both Russia and Sudan are listed as being "not officially supported." Again, however, the authenticity of that information could not be confirmed, and it's possible that whoever leaked the files altered, added or fabricated the information.

    The FBI did not immediately respond to Information Security Media Group's inquiry about whether the bureau is, or has been, a Hacking Team customer.

    Hacker Targets

    Cryptography expert Matthew Green, a Johns Hopkins University professor, says that more than any other type of company except bitcoin exchanges, surveillance software vendors should expect to face serious and sustained hacks. Thus, they should harden their defenses accordingly, but few seem to do so, he says.


    Indeed, Hacking Team is not the first surveillance software vendor to have been hacked. In August 2014, Gamma Group - the creator of FinFisher malware, which it spun off as a separate company in 2013 - was also breached by PhineasFisher, who announced via Reddit that a 40GB data dump leaked to BitTorrent included internal documents, as well as price lists and support queries.

    more...
    No comment yet.
    Scoop.it!

    FBI Alert: $18 Million in Ransomware Losses

    FBI Alert: $18 Million in Ransomware Losses | IT Support and Hardware for Clinics | Scoop.it

    In the past year, U.S. businesses and consumers have experienced more than $18 million in losses stemming from a single strain of ransomware called CryptoWall, according to the Internet Crime Complaint Center.


    In total, IC3 - a collaboration between the FBI and the National White Collar Crime Center - says it received 992 CryptoWall-related complaints from April 2014 to June 2015. And it says the reported losses relate not just to ransom payments potentially made by victims, but additional costs that can include "network mitigation, network countermeasures, loss of productivity, legal fees, IT services and/or the purchase of credit monitoring services for employees or customers."

    The quantity of ransomware attacks continues to escalate, security experts say, because it offers criminals the potential for high rewards with little risk (see Crime: Why So Much Is Cyber-Enabled). Indeed, ransomware attacks can be launched en masse by remote attackers and are relatively cheap and easy to perpetrate. Even the process of collecting payments from victims - often payable in bitcoins - and providing decryption keys can be automated.

    "In most cases, once the victim pays a ransom fee, he or she regains access to the files that were encrypted," IC3 reports. "Most criminals involved in ransomware schemes demand payment in Bitcoin. Criminals prefer Bitcoin because it's easy to use, fast, publicly available, decentralized and provides a sense of heightened security/anonymity."

    Because ransomware can rely so heavily on social engineering - tricking - victims into executing related malware or falling for ransom scams, many security experts have urged businesses to continually educate their employees and customers about ways to spot such attacks and defend themselves.

    Click-Fraud Attack Spike


    Earlier this month, security firm Symantec warned that it had seen a spike in attacks that began with the year-old Poweliks Trojan, which was designed to perpetrate click fraud, and which also downloaded CryptoWall onto an infected system. Click fraud refers to infecting systems with malware that is used to make "bogus requests" for online advertising, without the malware revealing its presence to the user of the infected system.

    Using a single piece of malware - or "dropper" - to infect a system and then download and install many other types of malware onto the same system is not a new attack technique.

    For example, authorities have accused the gang behind Gameover Zeus of first using that Trojan to harvest bank credentials, and then infecting systems with Cryptolocker ransomware. The U.S. Department of Justice believes that the Gameover Zeus gang is responsible for more than $100 million in losses via the banking Trojan, and netted $27 million in ransom payments in just the first two months they began using Cryptolocker.

    Attacks Get Modular


    But attackers have been retooling their malware to make it easier to rapidly infect PCs with multiple types of malware. Security firm Trend Micro warned in 2013 that the aging Asprox botnet, which was first discovered in 2007, had re-emerged "with a new and improved modular framework," and been rebranded as Kuluoz malware, which was a dropper designed to download additional malware onto infected PCs.

    By December 2014, the Level 42 threat-intelligence research group at security vendor Palo Alto Networks reported seeing a spike in Asprox-related attack activity. "This malware sends copies of itself over email quickly and to users all around the world and then attempts to download additional malware," it said. The researchers noted that of the 4,000 organizations that it was monitoring, the malware had been tied to "approximately 80 percent of all attack sessions" seen in October and had attempted to infect nearly half of all those organizations.

    Also in December, the Association of National Advertisers warned that U.S. businesses were losing about $6.3 billion annually to click fraud. The same month, a study conducted for the ANA by the security firm White Ops found that botnets were responsible for "viewing" 11 percent of all online advertisement, and 23 percent of all online video advertisements.

    Asprox Botnet Serves CryptoWall


    But click-fraud malware attacks are increasingly blended with other types of malware as attackers attempt to monetize infected PCs as much - and as rapidly - as possible.

    In a recent series of attacks, Asprox malware - now typically distributed via phishing attacks - "phoned home" to the Asprox command-and-control server after it infected a PC, and received back the Zemot dropper malware, according to a new report released by the security firm Damballa. The dropper then downloaded the Rovnix rootkit, as well as Rerdom, which is a click-fraud installer.

    Damballa says that it has also seen Zemot get installed via crimeware toolkit exploits, which can exploit systems using known vulnerabilities, for example if attackers compromise otherwise legitimate websites and use them to launch drive-by attacks.

    Inside enterprises, "click fraud is generally viewed as a low-priority risk," Damballa says. "In reality, click fraud is often a precursor to something more sinister. A device infected with click-fraud [malware] may leave the enterprise susceptible to dangerous downstream infections."

    Indeed, Damballa reports that tests of Asprox-infected machines found that over the course of two hours, a single PC was infected with three different types of click-fraud malware, as well as the CryptoWall ransomware. Even after CryptoWall encrypted much of the infected PC's hard drive, furthermore, the click-fraud malware continued to operate, so long as the machine remained Internet-connected.

    more...
    No comment yet.
    Scoop.it!

    Latest Windows 10 Mobile preview offers more features and bugs

    Latest Windows 10 Mobile preview offers more features and bugs | IT Support and Hardware for Clinics | Scoop.it

    Microsoft has released a new Windows 10 Mobile preview build that adds new features, fixes previous glitches but adds some new bugs of its own.


    Rolled out on Thursday, Windows 10 Mobile Build 10149 is the latest preview edition for Windows Insiders. To elicit feedback from the user population, Microsoft has been regularly rolling out new previews, or builds, of Windows 10 for desktop and mobile devices. The Windows Insider program allows people to freely install and test each edition and offer their comments, questions and criticisms to Microsoft with the aim of improving Windows 10.


    Microsoft has a lot riding on Windows 10, and at this point, the company has a little over a month before the official version launches on July 29. Windows 10 has at least a couple of goals to meet. It has to provide enough of a punch to erase the bad memory of Windows 8. And it has to appeal to PC users and mobile users alike. The phone side is especially critical as Microsoft's share of the smartphone market has been relatively flat at around 4 percent as it's been trounced by Apple and Android. Windows 10 Mobile needs to offer the appeal necessary to start bumping up that market share.


    On the plus side, Microsoft has given itself more breathing room with Windows 10 Mobile. Windows 10 for PCs and tablets will roll out July 29. But the mobile edition won't be seen broadly until later this year, Gabe Aul, head of Microsoft's Windows Insider program, said in a blog posted earlier this month.


    "We've received questions on the final release date for Windows 10 Mobile," Aul said. "While we're making good progress, we need more time to deliver the optimal experience for mobile devices and you can expect Windows 10 Mobile to release broadly later this year."


    So, what are some of the new features in the Windows 10 Mobile preview? In a blog posted on Thursday, Aul described what's new.

    Designed as a simpler, faster alternative to the aging Internet Explorer, Microsoft's new Edge browser is now officially known as Edge, rather than by its older tag of Spartan. In this build, Edge displays the address bar at the bottom, a change based on feedback from Windows testers, according to Aul. There's also an option to view websites in either mobile view or desktop view.


    Microsoft has also tidied up the overall look of Windows 10 Mobile. In previous builds, many Live tiles pinned to the Start screen would appear blurry. Now the screen is clearer and crisper. Certain controls, such as the volume control, have new icons. Aul also touted the latest build as "more responsive to use." He conceded that more work has to be done but was happy about the progress made in this build.


    The Cortana voice assistant sports a few improvements, especially in its Notebook, an area used to store settings and other user information. Using the Notebook, you can now set up Quiet Hours, a feature that sends any incoming phone calls to voicemail so as not to disturb you. You can also now tell Cortana to send an email in one fell swoop by including the name of the recipient, the subject and your message in one single voice command.


    Another request made by Windows Insiders was to add a virtual flashlight feature to Windows 10's Action Center. And Microsoft has complied with that request in the latest build, letting you turn your phone into a flashlight. The Photos app has been updated to be more reliable and also now supports animated GIFs. And you can now automatically upload your camera roll photos directly to your OneDrive online storage.


    The latest build also contains several fixes, including ones for text notifications, the Podcast app and the navigation bar. But the build also introduces several new bugs.


    In some cases, the install button doesn't respond if the battery isn't fully charged. Some users may bump into an error trying to upgrade from Build 10136, an issue that Microsoft is striving to fix. Sometimes the PIN keyboard doesn't appear after you swipe the screen to unlock it. In rare occasions, entering your PIN fails to unlock the screen. A Gmail account set up on the phone may prevent incoming and outgoing messages in the Messaging app, an issue that can only be resolved with a reboot.


    Further, in-app purchases of Windows Store apps and games don't work on Windows 10 Mobile just yet. In some cases, the colors of certain apps may appear off kilter. And sometimes the notifications in the Action Center are blank.


    To be fair, the latest 10149 build was released on what Microsoft calls the Fast Ring. The Windows 10 Technical Preview has been available to users in both a Slow Ring and a Fast Ring. The Slow Ring builds come out at a slower pace but are generally more stable. The Fast Rings naturally come out at a faster pace but are generally more buggy. So it's natural that the latest Fast Ring will have its share of bugs.


    Based on this latest build, Aul seemed confident about the state of Windows 10 Mobile. "We've been using this build internally for a few days and have really loved it." Aul said. "It is faster, more stable, and more polished overall and has been lots of fun for us to see come together."

    more...
    No comment yet.
    Scoop.it!

    This startup just raised $500 million from investors like Coca-Cola and Virgin to build a network of internet satellites

    This startup just raised $500 million from investors like Coca-Cola and Virgin to build a network of internet satellites | IT Support and Hardware for Clinics | Scoop.it

    A startup trying to bring internet access to even the most remote of places on Earth just raised a whopping $500 million from investors including Coca-Cola, Virgin Group, Airbus, and others.

    OneWeb, which is a London-based company working to build a satellite network for global broadband connectivity, confirmed the gigantic Series A funding raise in a blog post Thursday.

    OneWeb, in its press release, says that its purpose is to "develop key technologies to enable affordable broadband for rural and underdeveloped locations." 


    The company added that it now plans to building a total of 900 "microsatellites" as part of a joint project with Airbus Defense and Space. It has also acquired 65 commercial rockets (the "largest commercial rocket acquisition") from both the French company Arianespace and Virgin Galactic. 

    OneWeb isn’t the only project out there looking into global internet access. Google’s Project Loon, for instance, has been working to build a network connected by giant drifting balloons.

    Facebook has also been looking into a similar project with Internet.org, although its been met with dissent due due to concerns with its lack of net neutrality. 


    Elon Musk too has reportedly been looking into a global satellite internet project.

    But now there's a third company hoping to bridge the connectivity gap and it has half a billion dollars to play around with.

    OneWeb says that the plan is to formally launch its network by 2019.

    more...
    No comment yet.
    Scoop.it!

    People are freaking out about a new rule that would stop website owners from hiding their personal information

    People are freaking out about a new rule that would stop website owners from hiding their personal information | IT Support and Hardware for Clinics | Scoop.it

    New rules are being proposed about how to register online domains, and privacy advocates are worried.

    Currently, when someone registers a website they are offered the choice of using a proxy registration service. These services act as middlemen so that people’s personal contact details aren’t readily available to the public.

    But the International Corporation for Assigned Names and Numbers (ICANN), which overseas the bureaucratic process of naming online domains, is in the process of proposing new rules. One such proposed rule would make commercial websites not eligible to use proxy registration services. 


    This means that people registering websites for non-personal purposes would have to disclose their name, address, and phone number, which could be easily searchable by anyone.  


    Privacy advocates are none too thrilled about this. This amendment, wrote the Electronic Frontier Foundation in a new blog post, means that website owner could "suffer a higher risk of harassment, intimidation and identity theft."

    The question at hand is: What is considered commercial? While it’s easy to differentiate between huge commercial websites and small personal pages, in some areas it’s not so clear-cut. For instance, if a smaller website is taking ad revenue does that necessarily make it commercial? Even if it’s just one person posting their own posts?

    more...
    No comment yet.
    Scoop.it!

    Apple Malware Outbreak: Infected App Count Grows

    Apple Malware Outbreak: Infected App Count Grows | IT Support and Hardware for Clinics | Scoop.it

    The number of apps infected in the first large-scale Apple App Store malware outbreak is far higher than was first believed, according to the cybersecurity firm FireEye, which reports that at least 4,000 apps were infected with XcodeGhost malware.


    In the wake of the discovery of a six-month malware campaign last week, early estimates were that dozens of apps had been infected with the XcodeGhost malware, which could be used by attackers to steal data from devices, including users' Apple passwords, as well as launch phishing attacks.


    But FireEye now reports that the number of infected iOS apps is far higher than researchers initially suspected. "Immediately after learning of XcodeGhost, FireEye Labs identified more than 4,000 infected apps on the App Store," the company says in a Sept. 22 blog post.

    Apple did not respond to a request for comment on that report and has so far declined to respond to questions about how many apps may have been infected.


    FireEye has not released a full list of all infected apps, but spokeswoman Darshna Kamani tells Information Security Media Group that most of them are aimed at Chinese-language users. Previous reports, meanwhile, had warned that such popular apps as the WeChat messaging app and the Didi ride-hailing app were infected, and that infected apps were used not just by Chinese users, but globally.


    The malware attack was perpetrated by attackers offering for download a pirated version of Apple's free Xcode software - which is used to build iOS and Mac OS X applications - that added malware to every app when it was compiled. An anonymous developer has claimed credit for the attack campaign, saying it was a "mistaken experiment," although numerous security experts have dismissed that claim.

    Apple Squashes Bad Apps

    Apple says that it has seen no evidence that any personal information was compromised. The company says it has been excising all apps that were built using a malicious version of Xcode and working with developers to ensure that they only use the official Xcode tool.

    "We have no information to suggest that the malware has been used to do anything malicious or that this exploit would have delivered any personally identifiable information had it been used," Apple says in an XcodeGhost FAQ. "We're not aware of personally identifiable customer data being impacted and the code also did not have the ability to request customer credentials to gain iCloud and other service passwords. ... Malicious code could only have been able to deliver some general information such as the apps and general system information."


    But other security firms have warned that the malware could have been used for malicious purposes. "XcodeGhost is reported to be the first instance of the iOS App Store distributing a large number of trojanized apps," FireEye says. "The malicious apps steal device and user information and send stolen data to a command and control server. These apps also accept remote commands, including the ability to open URLs sent by the [C&C] server. These URLs can be phishing webpages for stealing credentials, or a link to an enterprise-signed malicious app that can be installed on non-jailbroken devices."

    Chinese social media and gaming giant - and WeChat developer - TenCent published a report on Sept. 20 warning that the malware could be used to remotely control devices and launch man-in-the-middle attacks against users. It also found that at least 76 of the top 5,000 apps in Apple's China app store were infected with XcodeGhost.

    In its XcodeGhost FAQ, Apple has listed the top 25 most popular infected apps - which include WeChat, Didi, Railroad 12306, Baidu Music and NetEase Music - noting that "after the top 25 impacted apps, the number of impacted users drops significantly." It has also promised to make it easier - and quicker - for Chinese developers to download Xcode, because the difficulty of obtaining the official software reportedly drove developers to obtain it from non-official sources.


    China is a massive and growing market for Apple, accounting for $13.2 billion in revenue in its last financial quarter, compared to $20.2 billion in the United States and $10.3 billion in Europe. In January 2014, Apple reported that Chinese developers had already launched 130,000 apps via Apple's app store.


    Before this malware attack, only five malicious apps had ever successfully made it into the App Store, according to cybersecurity firm Palo Alto Networks.

    Timeline: XcodeGhost Discovery

    On Sept. 14, China's Computer Emergency Response Team issued a warning about the danger of using unofficial versions of Xcode. Just days later, Chinese researchers began reporting that at least a handful of apps had been infected with XcodeGhost malware, after which the count of infected apps has continued to skyrocket.


    On Sept. 20, the XcodeGhost-Author account-holder on China's Weibo social media platform claimed credit for the malware campaign, saying the ability to trojanize the Xcode software had been an "accidental discovery," and that it had been distributed as "a one-time, mistaken experiment" to see if it could be used to push advertisements to infected devices, The Wall Street Journal reports.


    The message claimed that the capability had never been exploited and noted that the malware was only ever designed to collect basic user and device data. "And 10 days ago, I actively shut down the server and deleted all the data, so it will not have any effect on anyone," it said.

    While it is impossible to verify those claims, many security experts have dismissed them, saying the attacker's intentions were obviously nefarious. "The entire process was plotted and planned," mobile Internet security expert Lin Wei told China Central Television, pointing to a campaign that used multiple Internet accounts to make the software available - via multiple websites - over a six-month period, The Wall Street Journal reports.

    Recommendation: Uninstall Apps

    Pending updates from every developer that shipped an infected app, information security experts recommend that users uninstall all apps that were known to be infected. "Developers are releasing updated, clean versions of their apps. The best fix, if one of your apps is listed, is to uninstall it," says Lee Neely, a senior IT and security professional at the U.S. Department of Energy's Lawrence Livermore National Laboratory, in a recent SANS Institute newsletter.


    Neely says that both iOS developers and Apple are to blame for the XcodeGhost malware outbreak. "This malware made it into the Apple App store due to social engineering of developers and a shortfall of Apple's code review process," he says. "When you own the compiler/IDE [integrated code environment], you own the apps created with it."

    more...
    No comment yet.
    Scoop.it!

    Apple adds Windows 10 support to Boot Camp for all Macs released after 2012

    Apple adds Windows 10 support to Boot Camp for all Macs released after 2012 | IT Support and Hardware for Clinics | Scoop.it

    If you're one of those people who runs Windows on your Mac, good news: Apple has just released Boot Camp 6, which brings updated drivers and official support for Windows 10 to the company's hardware. New installs of Windows using the Boot Camp Assistant tool should download the new drivers automatically, and those of you performing upgrade installs can use the Windows version of Apple's Software Update tool to download the new drivers before performing the Windows 10 upgrade install.


    The new Boot Camp update supports all iMacs, Mac Minis, Mac Pros, MacBook Pros, MacBooks Airs, and MacBooks released after 2012; that's not to say that you can't get it working on older Macs, but you're on your own. If that seems a bit stingy, remember that most PC OEMs aren't officially supporting systems older than 2012 either. The Boot Camp software still supports Windows 8.1, too, but official Windows 7 support was dropped back in March.


    Boot Camp 6 brings new drivers but not many other features—the Boot Camp Control Panel is still barebones, and still uses OS X 10.4-era folder icons. If you want to do anything more complicated than tap-to-click with your multitouch trackpad, you'll need to use a third-party driver like TrackPad++, which actually does do a decent job of supporting Windows 10's new trackpad gestures once you've played with the settings a bit.


    Otherwise, upgrading from a fully activated version of Windows 7 or 8.x to Windows 10 on a Mac with a Boot Camp partition will work pretty much the same way as it does on a PC, including the oddities involved in getting a new product key and performing clean, properly activated installs.

    more...
    No comment yet.
    Scoop.it!

    Classic Shell and Start10 banish Windows 10 Live Tiles, bring back Windows 7 look

    Classic Shell and Start10 banish Windows 10 Live Tiles, bring back Windows 7 look | IT Support and Hardware for Clinics | Scoop.it

    For anyone having regrets about upgrading to Windows 10, there are now two good options for bringing back the look of Windows 7.

    This week, Classic Shell officially added Windows 10 to support for its free Start menu and File Explorer replacement. With this program (pictured above), users can switch to Windows 7’s dual-column view, with pinned and recent applications on the left, and common folders and locations on the right. Classic Shell also includes a classic version of the Windows File Explorer, with a customizable toolbar and a more useful status bar that shows both free disk space and the size of any selected folder.


    Meanwhile, Stardock has just released Start10 out of beta for $5. Much like Classic Shell, Start10 allows for a two-column view that resembles the Windows 7 Start menu, and brings back the ”all programs” menu that groups applications into folders. There’s also an option to hide Cortana from the Windows 10 taskbar, while restoring program and file search in the Start menu proper.



    I gave each of these programs a quick go-round, and in practice the differences between them are subtle. If you’re just looking for the familiarity of Windows 7, either one should do the trick (though Classic Shell has the advantage of costing nothing). Start10 may be more useful for people who still want access to Windows Store apps, as you can preserve them in the right-hand column while tweaking other aspects of the Start menu. Both apps have plenty of customization options, however, and are far more flexible than the default Start menu.


    While Classic Shell is free, Start10 does offer a 30-day free trial, so you can try them both to figure out which Start menu replacement suits your needs.


    Why this matters: Although Microsoft has dialed back some of the radical changes that it made to the Start menu in Windows 8, it can still feel pretty unfamiliar coming from Windows 7. If you’re not really using Windows Store apps, the emphasis on Live Tiles in Windows 10 isn’t much help, especially since it comes at the expense of Jump Lists, quick Control Panel access and the old Recent Items shortcut. It’s unlikely that these replacements will see the tens of millions of downloads that they did with Windows 8, but they’re still helpful for people who’d rather keep things the way they used to be.

    more...
    Scoop.it!

    New Android 'Certifi-gate' Bug Found

    New Android 'Certifi-gate' Bug Found | IT Support and Hardware for Clinics | Scoop.it

    Following the news of the discovery of the Stagefright flaw - characterized by many security researchers as the worst vulnerability ever to be found on devices that run Google's Android operating system - details of yet another major flaw in were unveiled August 6 at the Black Hat conference in Las Vegas.


    But Google and some original equipment manufacturers have finally promised that they will soon begin releasing monthly platform and security updates for some Android devices, to better safeguard users against such vulnerabilities.


    Security vendor Check Point Software Technologies says the new flaw, which it has dubbed "Certifi-gate," is due to components present in the Android operating system that are digitally signed, but vulnerable to attack, and that these flaws could be "very easily exploited" to gain full, unrestricted access to vulnerable devices. As the result of a successful attack, accordingly, attackers could infect the devices with malware, exfiltrate data, remotely activate and monitor microphones or built-in cameras, and track the device's location.


    "Certifi-gate is a set of vulnerabilities in the authorization methods between mobile Remote Support Tool (mRST) apps and system-level plugs on a device," Check Point says in a blog post. "[These apps] allow remote personnel to offer customers personalized technical support for their devices by replicating a device's screen and by simulating screen clicks at a remote console."


    Check Point says the vulnerabilities are present in hundreds of millions of Android devices, including smartphones and tablets manufactured by HTC, LG, Samsung and ZTE. It says the flaw affects a number of versions of the Android OS, including the latest Android "Lollipop" versions 5.0 and 5.1. The security firm says it has notified Google and all affected manufacturers, and that some related updates are starting to be released. Check Point also launched a free tool - the Check Point Certifi-gate Scanner - that will scan an Android device for the presence of the flaw.


    Google did not respond to a request for comment about the flaw or related patches. But Check Point says that the vulnerable Android components' certificates cannot be remotely revoked by OEMs, and that they will have to issue a new, patched version of Android for each device they still support. But while some vendors patch quickly, others have been slow to release fixes - if at all.

    Coming Soon: Stagefright Fixes

    Google has long maintained Android as an open source project, and stated that it is up to manufacturers and carriers to decide how or if they will patch their own devices. The only exception to that approach has been the Nexus range of devices, which Google manufacturers, and which run a stock version of Android.


    But the severity of the Stagefright flaw - and many equipment manufacturers' and carriers' slow or nonexistent patching practices - has triggered serious existential questions about the future of the Android operating system, including whether enterprises should now begin treating unpatched Android devices as a security threat and blocking them.


    Appearing to respond to such criticism, Google this week reported that many manufacturers - including Samsung, HTC, LG, Sony, Android One and Google's own Motorola - will begin releasing Stagefright patches later this week. In an Aug. 5 blog post Adrian Ludwig, lead engineer for Android Security, and Venkat Rapaka, director of Nexus product management, reported that patches were already starting to be released for all devices from Nexus 4 to 10, as well as Nexus Player. "This security update contains fixes for issues in bulletins provided to partners through July 2015, including fixes for the libStageFright issues," they said. "At the same time, the fixes will be released to the public via the Android Open Source Project."

    The same day, speaking at Black Hat, Ludwig also promised that OEMs will soon begin releasing related fixes. "My guess is that this is the single largest software update the world has ever seen," Ludwig said. "Hundreds of millions of devices are going to be updated in the next few days. It's incredible."

    Some Monthly Android Patches Promised

    But the need for Google to rally manufacturers for a one-off fix for such a serious flaw also highlights how existing approaches too often fail to put fixes for critical bugs on users' devices, at least in a timely manner. Finally, responding to years of criticism from security experts over the paucity of patches for Android devices, Samsung and LG have promised to implement monthly patch updates for their Android devices, as has Google with its Nexus line.


    "Nexus devices will continue to receive major updates for at least two years and security patches for the longer of three years from initial availability or 18 months from last sale of the device via the Google Store," Ludwig and Rapaka say in their blog post.


    The move echoes a similar monthly patch-release strategy introduced by Microsoft for Windows, beginning in October 2003, to combat the rise in serious vulnerabilities found in its operating system.

    Samsung and LG have also promised to release monthly patches, although have not stated how long they will support devices, after they have been released. "With the recent security issues, we have been rethinking the approach to getting security updates to our devices in a more timely manner," says Dong Jin Koh, who leads the mobile research and development group at Samsung Electronics, which makes the popular Galaxy series of smartphones and tablets, amongst other devices that run Android. "Since software is constantly exploited in new ways, developing a fast response process to deliver security patches to our devices is critical to keep them protected."


    Likewise, an LG spokeswoman says in a statement that "LG will be providing security updates on a monthly basis which carriers will then be able to make available to customers immediately" and that "we believe these important steps will demonstrate to LG customers that security is our highest priority." What is not clear, however, is how quickly carriers might then distribute those fixes to their subscribers.

    more...
    No comment yet.
    Scoop.it!

    What hospitals need to know about Windows 10

    What hospitals need to know about Windows 10 | IT Support and Hardware for Clinics | Scoop.it

    The arrival of a new Microsoft operating system does not exactly bring the same excitement that it once did.


    Indeed, since about the time Windows Vista launched, subsequent operating systems have come – and in the odd case of Windows 9 essentially vanished – without the fanfare of Windows 95, XP or 2000.

    The company has at least managed to create enough wattage around Windows 10, however, that some 5 million so-called Windows Insiders installed early versions to test the software in development – and word slipped out this week that the planned flagship Microsoft store on Fifth Avenue in Manhattan will open in the fall.


    A critical piece of the renewed interest is how Microsoft is breaking new ground with a phased approach to what CEO Satya Nadella dubbed the "One Windows" strategy, beginning July 29 when the OS became available for PCs and tablets.


    The aim is to upgrade systems currently running Windows 7 and 8 in the near-term and follow that with Windows 10 Mobile later this year, and devices from Microsoft’s harem of hardware partners are slated to become available before the holiday season. Beyond that, Microsoft intends Windows 10 to serve as the operating system for a range of Internet of Things devices, including its own Surface Hub conference systems and HoloLens holographic glasses, among others.


    When that “One Windows” day comes, the sales pitch goes, hospitals will be able to consolidate varying devices onto Windows 10 and the fact that the upgrade is free for systems already running Windows 7, 8.1 or 8.1 Mobile should entice many IT shops to install it; for those still using an older OS, the price tag is $199 for the professional version.

    Microsoft, in the meantime, has incorporated some healthcare-centric functionality into Windows 10.


    On one of its web pages the company showed the operating system’s capability to “snap together” different applications and, in so doing, enable a clinician to view a patient’s EMR next to a home health app.

    A Power BI function can "gather, analyze and visualize quality of care data," while the Power Map feature enables users to combine and compare a hospital's own information with population health statistics. Microsoft also pointed to programs including Office 365, OneNote, SharePoint and Skype that can be used for care management and information sharing.

    Later this year, when Windows 10 Mobile becomes available, it will make syncing apps across smartphones, tablets and PCs easier. Now, that’s not likely to inspire CIOs to rip and replace existing smartphones anytime soon, but the ability to coordinate a Windows-based phone with a Surface tablet will invariably have some appeal to a select crowd.


    That’s just a taste and Microsoft said that it will be showing more of Windows 10 health capabilities moving forward.


    The new OS also brings many broader functions, such as the return of the old Start menu, the new Edge browser, Cortana virtual assistant, and the usual suspects of upgraded apps for mail. Maps, music, photos, and OneDrive to back them up.


    Much like its competitors Apple, IBM, Google and Oracle, Microsoft has been ramping up efforts particular to healthcare lately. Earlier this month, for instance, when it unwrapped the Cortana Analytics Suite, Microsoft also revealed that Dartmouth-Hitchcock is already using the tools in a personalized medicine pilot project.


    Whether Windows 10 will enjoy the widespread adoption of XP or languish like Vista remains to be seen. But at this point – and with Microsoft's marketing machine stating that the company is gunning to upgrade 1 billion devices to Windows 10  the former appears more likely than the latter. 


    What's your perspective? Just another Microsoft OS or a great reason to upgrade?

    more...
    Scoop.it!

    Adobe patches Flash zero-day found in Hacking Team data breach

    Adobe patches Flash zero-day found in Hacking Team data breach | IT Support and Hardware for Clinics | Scoop.it

    The massive Hacking Team data breach led to the release of 400GB worth of data including a zero-day vulnerability for Adobe Flash. Adobe has released an out-of-band patch for the flaw just two days after it was discovered.


    The vulnerability was described by the Hacking Team in a readme file in the data dump as "the most beautiful Flash bug for the last four years". Accompanying the readme in the data was a proof-of-concept exploit of the flaw.


    Adobe categorized the vulnerability (CVE-2015-5119) as critical and said it affects Flash Player versions 18.0.0.194 and earlier on Windows and Mac, and versions 11.2.202.468 and earlier on Linux. Successful exploitation of the flaw could allow remote code execution.


    Security researcher Kafeine found that the vulnerability has already been added to the Angler, Fiddler, Nuclear and Neutrino exploit kits. Because of this, admins are recommended to apply the patch as soon as possible.


    Also found in the Hacking Team data was another Adobe Flash zero-day (CVE-2015-0349), which was patched in April, and a zero-day affecting the Windows kernel. The inclusion of these zero-days has caused experts to question if these exploits are being used by Hacking Team clients, including law enforcement and governments.


    "As many governments move to try and control malware and offensive security tools, some have been caught with their own hands in the cookie jar, leading many to wonder how and why governments and agencies listed as Hacking Team clients are using these tools and if they are doing so lawfully," said Ken Westin, security analyst for Tripwire. "Given the depth and amount of data compromised in this breach, it will reveal a great deal about the market for offensive tools designed for espionage with a great deal of fallout and embarrassment for some organizations."


    Hacking Team spokesman Eric Rabe confirmed the breach and said that while law enforcement is investigating, the company suggests its clients suspend the use of its surveillance tools until it can be determined what exactly has been exposed.


    In a new statement, Rabe warned that its software could be used by anyone because "sufficient code was released to permit anyone to deploy the software against any target of their choice.


    "Before the attack, HackingTeam could control who had access to the technology that was sold exclusively to governments and government agencies," Rabe wrote. "Now, because of the work of criminals, that ability to control who uses the technology has been lost. Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so. We believe this is an extremely dangerous situation."

    more...
    No comment yet.
    Scoop.it!

    Messaging And The Apple Watch

    Messaging And The Apple Watch | IT Support and Hardware for Clinics | Scoop.it

    Although the Apple Watch boasts the ability to instantly notify users with important updates — breaking news stories, changes to their bank account or the achievement of a fitness goal — its 42mm screen can be a major constraint for developers and designers.


    This is especially true for messaging applications, which must figure out how to create an essentials-only design that enables two-way communication without the luxury of a keyboard. When designing a messaging application for the Apple Watch there are several key considerations that must be kept in mind to ensure developers are creating something people will actually use.

    Is the Apple Watch Worthy?

    Jonathan Ive’s team developed the Apple Watch to help solve the problem they themselves created: smartphone addiction. Between the constant influx of notifications and the 24/7 connectivity to work, we are prisoners of our own devices.


    Reluctantly, I’ll admit that I’m guilty of this in my personal life. As I play with my kids on a Saturday afternoon in the park, I can’t help but discreetly sneak a look at my phone every few minutes. We just cannot free ourselves from the thought of missing something important.


    While critics claim otherwise, the Apple Watch actually frees us from our constant surreptitious phone-checking habit. By filtering the most important alerts and providing immediate notifications that can be absorbed with a glance, the Apple Watch causes users to pick up their phone less frequently and only for matters that involve a response.

    Between the constant influx of notifications and the 24/7 connectivity to work, we are prisoners of our own devices.

    Given the nature and purpose of the Apple Watch, the first question companies should ask is whether or not their business app interaction is worthy of immediate interruption. For enterprise messaging, the answer is a resounding Yes. The instant nature of messaging lends itself naturally for a new communication medium like the Apple Watch.

    Starting From Scratch

    Just like every app does not belong on the Apple Watch, every iPhone interface will not transfer to the face of a wristwatch. Over-simplification is important. You may think your iPhone app is sleek and simple, but everything changes when you drastically reduce the screen size.

    Simplifying isn’t just about design; it’s about reducing the number of available features on the app. Many of the browsing or text-heavy portions of a smartphone platform are no longer applicable on the watch form factor, requiring developers to determine which features are used the most and eliminate the rest.

    Color palettes on the Apple Watch also matter. Despite the assumption that a color palette would be the easiest part of the Apple Watch transition, it usually cannot be replicated from the smartphone. The Apple Watch’s black background and small screen size completely change the game, meaning that the de-saturated colors often used in traditional branding appear muted and are difficult to read, which forces designers to switch over to bright, high-contrast colors.

    The Need For Context-Intelligent Responses

    First and foremost, the Apple Watch is a notification platform. Punching out a lengthy message isn’t feasible without a keyboard, so messaging apps face a unique challenge not met by notification-based platforms. As we worked to solve this problem, we kept coming back to one central theme: speed.


    Apple Watch users should be able to glance down at their wrist, instantly absorb the information they need and move on with their day. This is why Apple’s User Interface Guidelines suggest that app developers keep all interactions with the watch to less than 30 seconds.


    With a 30-second time constraint, how do you empower users to read a notification and reply, while avoiding the often-awkward voice response? We focused on context-intelligent emojis and canned text responses to reply quickly. While the basic forms of both of these technologies have been available for years, they lacked context and the ability to accurately predict a user’s reply. That’s beginning to change.


    Right now, enterprise messaging applications offer a series of canned responses, such as “Yes, I’m available now” or “We closed the deal.” Eventually, messaging applications will be able to gather relevant data to enable the creation of personalized and relevant response options.

    For example, if a colleague asks to do lunch at 1pm, the app could gather information from a user’s calendar, current location, past preferences and outside data (such as access to OpenTable) to suggest personalized responses, such as “I’m not available until 1:30. Let’s meet at Salt House on Mission Street. They have tables available at that time.”

    Looking Ahead

    With the recent watchOS 2 announcement, which will support native apps as well as third-party complications, it is clear Apple views enriched third-party apps as critical to delivering a fully integrated wearable experience. Still, the full potential of messaging apps will not be realized until the Apple Watch can function without the iPhone.

    Independent of this crutch, and with the capabilities of everything from instant communication to project management, the Apple Watch stands to become the ultimate convener, allowing users to seamlessly manage both their personal and professional lives.

    more...
    No comment yet.
    Scoop.it!

    Skype for Business arrives on Windows Phone, but lacking a key feature for Office 365

    Skype for Business arrives on Windows Phone, but lacking a key feature for Office 365 | IT Support and Hardware for Clinics | Scoop.it

    Although Microsoft has now brought Skype for Business to Windows Phone, its own business customers—those who subscribe to Office 365—may be disappointed to learn that one key feature hasn’t yet been implemented: conversation syncing.


    Skype for Business has already replaced Lync on desktop PCs and the Web, and Windows Phone 8.1 phones will automatically download the new Skype for Business app to replace Lync 2013. (Windows Phone 8.0 users can continue using Lync 2013 or Lync 2010; those phones won’t be able to update to the new app.) 



    Given the fact that a phone has limited space with which to work, one change that Microsoft has made to the app is to “wall off” extraneous conversations. If a new message arrives on your phone, you’ll have the option to answer it without other clients' grabbing the conversation, Microsoft said. Microsoft has also encrypted your conversation and voice mail history by default.


    One of the complaints Skype users have had, however, is that conversations that roam between various platforms don’t sync appropriately, meaning that you might end up with notifications being sent to your PC some time before they arrive on your phone. Microsoft apparently solved that problem, provided you’re running the latest server software—just not for Office 365 users. That capability will be coming soon, the company said.


    Otherwise, the new Skype for Business app for Windows Phone features the Skype UI and 100 new emoticons, to give it a bit of extra punch.


    Last week the Skype for Business team previewed a “broadcast” feature that will allow meetings to be shown to up to 10,000 participants. The app now also works with traditional telephones, so that users can simply dial in to conference calls.


    Why this matters: To its credit, Microsoft has launched Skype for Business on Windows Phone, ahead of iOS and Android—not always the case, to be sure. Still, I suspect that some IT admins wish that Microsoft would get its ducks in a row before releasing the Windows Phone app. Not knowing where you are in a business conversation can give the appearance that you’re unprofessional—and it’s also just plain annoying.

    more...
    No comment yet.
    Scoop.it!

    Windows 10 likely to land at PC makers this week

    Windows 10 likely to land at PC makers this week | IT Support and Hardware for Clinics | Scoop.it

    Microsoft keeps wending its way past the mile markers en route to getting Windows 10 out to the public on time.


    The software titan is putting the finishing touches on the operating system software and will finalize its prerelease development by July 10, The Verge is reporting, citing people who claim to have knowledge of the company's plans. This version ofWindows 10, called "release to manufacturing," will then be sent to PC makers to be bundled into their products.


    Windows 10, which is slated to launch on July 29, comes at a critical time for Microsoft. While Windows overall remains the dominant force in desktop operating systems, running on over 90 percent of computers worldwide, according to NetMarketShare, the last big release -- Windows 8 -- proved a marked disappointment. According to NetMarketShare, Windows 8 musters just 13 percent market share worldwide, far behind the 61 percent share for Windows 7 and just ahead the 12 percent share for the now ancient Windows XP.


    The issues with Windows 8 were numerous, ranging from Microsoft's design choice, called Metro, to a steep learning curve for those used to the old days of Windows. Windows 8, which launched in 2012, also came as consumers and business users were increasingly attracted to tablets and smartphones, which typically ran either Apple's iOS software or Google's Android.


    Microsoft tried to respond by offering its own tablet, the Surface, and partner with third-party tablet manufacturers. The efforts, however, have done little to kick Android and iOS from the top spots.

    Realizing its own miscues and the changing market dynamics, Microsoft has tried to address its Windows 8 woes with Windows 10.


    The Start button is back and the design a bit more traditional, while Microsoft CEO Satya Nadella has made clear that Microsoft is a "mobile-first (and cloud-first)" company that will allow for Windows 10 to run on multiple device types without sacrificing features. To boost adoption, Microsoft will offer free upgrades to customers currently running Windows 7 and Windows 8 -- a first for the company. Microsoft has even softened its stance in its longstanding battle with pirates, saying that any pirated copy of Windows can be upgraded to Windows 10 free-of-charge.


    For months now, Microsoft has been offering preview versions of Windows 10 to developers and consumers who want to take the operating system for a test drive. Operating systems go through a series of "builds," or versions, during their development phase. Once the company's development team has finalized the operating system, it goes into RTM phase, which means it's ready to be passed on to hardware vendors for bundling into the PCs they sell. Assuming the report is accurate, hitting the RTM phase this week would ensure Windows 10 would be available later this month, as anticipated.

    That said, while Microsoft seems to be on-pace for a July 29 launch, the company has cautioned thatthe rollout could be slow going.


    Microsoft said last week that it "will start rolling out Windows 10" on July 29, but will roll out the operating system "in waves" after that date.

    "Each day of the rollout, we will listen, learn and update the experience for all Windows 10 users," the company said in a blog post. "If you reserved your copy of Windows 10, we will notify you once our compatibility work confirms you will have a great experience, and Windows 10 has been downloaded on your system."


    The blog post seems to indicate that while Windows 10 may be released to PC vendors soon, it will continue to fine-tune the operating system after the July 29 launch date.


    Microsoft has yet to say when its operating system will hit the RTM phase, but in the past, the company has announced the milestone on its site. Microsoft will likely do the same with Windows 10, once it has officially gone RTM.

    more...
    No comment yet.
    Scoop.it!

    Apple’s next big iPhone update will turn your iPhone 6 into an iPhone 5/5s to save battery life

    Apple’s next big iPhone update will turn your iPhone 6 into an iPhone 5/5s to save battery life | IT Support and Hardware for Clinics | Scoop.it

    Apple's next big iPhone update comes with a feature that helps you get the most out of your iPhone's battery, especially when it's already running low on juice.


    Naturally, this means your iPhone has to cut back on some of its normal functionality to conserve power.


    New tests run by blog MacRumors show us just exactly how much this low power mode dials back your iPhone's performance.


    MacRumors used GeekBench, a popular tool used to measure how a smartphone's processor performs, to conclude that low power mode reduces performance by about 40%. This means your iPhone 6 would be on par with an iPhone 5s or iPhone 5 in terms of performance, as 9to5Mac points out.


    If you turn on the feature, your iPhone will automatically kick into Low Power Mode when it's nearly out of battery. Your iPhone will cut back on background activity, such as fetching email, automatic downloads, and visual effects such as the parallax wallpapers.


    It seems like a welcome trade-off though — during its annual developers conference keynote earlier this month, Apple said Low Power Mode in iOS 9 can extend your iPhone's battery life by three hours.  


    Adding new features like this is important for both iPhone and Android. In general, battery technology for smartphones hasn't really advanced dramatically in the past several years. So it's up to the companies making software for smartphones to make sure their operating systems are optimized to get the most out of these batteries. 

    more...
    No comment yet.
    Scoop.it!

    Apple Obtains Touch ID-Related Patents From Biometric Security Firm Privaris

    Apple Obtains Touch ID-Related Patents From Biometric Security Firm Privaris | IT Support and Hardware for Clinics | Scoop.it

    Apple has been working to acquire the intellectual property assets of Charlottesville, Virginia-based biometric security firm Privaris, according to CNN. Privaris recently transferred 26 of its 31 patents to the iPhone maker, including 4 patents in December 2012 and dozens more in October 2014

    The patents are primarily related to fingerprint and touchscreen technology that could lead to Touch ID improvements on future devices. Last February, well-informed KGI Securities analyst Ming-Chi Kuo told investors that the next iPhone will have animproved Touch ID with reduced errors.


    "For example, one of Privaris' patents covers the ability to use a touchscreen and fingerprint reader at the same time. Another invention of Privaris' could allow you to open a door with your iPhone by scanning your fingerprint and holding your phone up to a reader, similar to how you pay for items with Apple Pay."


    While the transferred patents have fueled acquisition rumors, the Privaris website has not been updated since 2010 and seemingly none of the company's senior executives or other employees have updated their LinkedIn profiles with positions at Apple. 

    Accordingly, it is more likely that Privaris has scaled down or went out of business and Apple has acquired the company's patent portfolio and other intellectual property. However, the possibility of an acquisition cannot be entirely ruled out. 

    Privaris, which reportedly raised $29 million in funding, developed a lineup of PlusID personal biometric devices to access computers, networks, websites, software, VPNs, secured printers and online apps. 

    The company has also offered several other products and services related to access control systems, fingerprint authentication, biometric computer security, biometric security software and access cards, all technologies that fall within the realm of Touch ID. 

    more...
    No comment yet.
    Scoop.it!

    Archos $99 Windows 10 PC-on-a-stick is best deal yet for a tiny PC | News | Geek.com

    Archos $99 Windows 10 PC-on-a-stick is best deal yet for a tiny PC | News | Geek.com | IT Support and Hardware for Clinics | Scoop.it

    It wasn’t that long ago that geeks walked around with a pocket full of flash drives. Today, you can stuff them with entire computers instead — like this new one from Archos. Intel has their Compute Stick. Lenovo has the IdeaCentre Stick 300. So, what did Archos whip up? Fittingly enough, they call it the Stick PC.


    Like Lenovo did with their stick, Archos stayed true to Intel’s reference design. The PC Stick runs on the same quad-core Intel Atom Z3735F clocked at 1.3GHz, has just 2GB of RAM, and 32GB of internal storage. You’ll have less available to use since Windows 10 comes pre-installed, of course, but you can pop in a microSD card or connect an external hard drive or SSD to the Stick PC’s full-sized USB port. As far as connectivity goes, Bluetooth 4.0 and 802.11bgn WiFi support is built in.


    The Stick PC measures just 4.4 inches tall by an inch-and0-a-half wide, and it’s about half of an inch thick. You’ll barely notice it in your pants pocket, and there’s a good chance it might end up going through a wash cycle or two as a result.


    Really, the only big difference you can see between the Archos PC Stick and the other two I’ve mentioned here is that it’s blue. Well, that, and the ridiculously low price tag. Archos plans to sell the PC Stick for just $99. That’s a heck of a good deal considering it’s the same thing Lenovo wants to sell you for $129 and the Compute Stick is priced at $149.

    more...
    No comment yet.