One of the things that IT security folks don’t appreciate about the proliferation of mobile computing devices everywhere is how trusting those devices are. Every mobile computing device just naturally assumes that a radio signal within its reach is a trusted source of Internet access.
It turns out, however, that digital criminals are starting to abuse that trust by setting up fake wireless networks to hijack those radio signals using a process commonly referred to as “commjacking.” Once a fairly expensive ruse to set up, there are now open source kits that can be had for as little as $29 that enable criminals to set up a wireless network that for all intents and purposes looks like any other open wireless network. Once a mobile device connects to that network the digital criminals that run it simple steal all the data they can, including everything from credit card numbers to any unencrypted emails.
Fighting corruption has reached new heights on the global agenda, driven by the recognition that corruption fuels inequality, poverty, conflict, terrorism and failures of development. Governments in India, Brazil, the UK, Canada, China and some other countries have followed enforcement of the U.S. Foreign Corrupt Practices Act by promulgating national anti-corruption laws that focus on the bribery of public officials by companies, generally with sweeping extraterritorial authority. The appropriate corporate response, we are told, is to build anti-corruption compliance programs; regulators even offer the private sector detailed guidance about best practices. All this has spawned a lucrative consulting industry dominated by investigation companies and accounting and law firms – what the Economist refers to as “FCPA Inc.” With little excuse for ignorance, it would seem that enterprises need only adhere to guidance from regulators and roll out the mandated programs.
It’s not working. Compliance officers tell of delayed rollouts, inadequate budgets, company-wide coordination problems and their own lack of organizational influence. Even when companies get past operational issues, the evidence suggests that a “tick-the-box” approach to compliance is inadequate. Many of the companies currently under investigation by the U.S. Department of Justice and the Securities and Exchange Commission already had hugely expensive, state-of-the-art compliance programs. A recent OECD review of successful corruption prosecutions cites involvement by senior management or Chief Executive Officers in more than 50 percent of global anti-corruption cases to date — revealing deliberately unethical decision making by executives who decisively outrank Chief Compliance Officers. This narrative of systemic degradation is at odds with the dominant “rogue employee under the radar” explanation of wrongdoing. It exposes a legal system that has mistakenly, or perhaps willfully, chosen to focus on a misleading proxy indicator of performance: individual accountability.
It was only a matter of time before there was a serious security flaw affecting the Internet of Things (IoT). It comes by way of a vulnerability in NetUSB, which lets devices that are connected over USB to a computer be shared with other machines on a local network. The vulnerability, which could lead to remote code execution or denial of service if exploited, may affect some of the most popular routers in our homes and workplaces.
Details of the vulnerability were released by SEC Consult. According to Forbes, the weakness is somewhat rare, but it works this way:
When a PC or other client connects to NetUSB, it provides a name so it can be recognised as an authorised device. Whilst the authentication process is ‘useless’ as the encryption keys used are easy to extract … it’s also possible for an attacker who has acquired access to the network to force a buffer overflow by providing a name longer than 64 characters.
A period of upheaval is on the near-horizon for MSPs, and it’s going to be especially hard on providers overly focused on technology. They must adapt by shifting their focus to delivering business solutions, and seek opportunities in cloud and virtual desktop services.
“I think there’s going to be a lot of casualties over the next three to five years in the MSP space, and primarily it’s because many MSPs today have been started by technologists,” Tommy Wald, president of TW Tech Ventures in Austin, Texas, said in a recent interview with MSPmentor.
(TNS) — Colorado will spend $1.2 million over the next two years on a "revolutionary" fire prediction system that uses atmospheric weather data to predict the behavior of wildfires up to 18 hours in advance.
Gov. John Hickenlooper signed House Bill 1129 on Wednesday afternoon at a fire station in Arvada, implementing one of several bills lawmakers drafted in response to wildfires in El Paso County and elsewhere.
"This bill will predict the intensity and the direction of fires 12 to 18 hours ahead of time. That is really important so we know where to direct our planes, the aircraft we had a bill for last year, and our firefighters," said Rep. Tracy Kraft-Tharp, D-Arvada, who introduced the bill. "This is really revolutionary."
(TNS) — Congressman Tom Cole (OK-04) introduced legislation this week that would help families rebuilding their homes after disasters. Currently, the Small Business Administration provides homeowners, renters and personal-property owners with low-interest loans to help recover from a disaster.
The Tornado Family Safety Act of 2015, introduced by Cole, clarifies that SBA disaster loans can be used by homeowners for construction of safe room shelters within rebuilt homes.
“Oklahomans are no strangers to severe weather and the terrible destruction that can result from it,” said Cole. “Considering the yearly risk and unpredictability of tornadoes that exists, it is not a matter of ‘if’ but ‘when’ it will occur.
This legislation underscores the type of projects that are eligible for these SBA disaster loans, which includes loans for construction of safe rooms. Under current law, SBA can increase the size of a home disaster loan up to 20 percent of the total damage to lessen the risk of property damage by future disasters of the same kind.
The typical organization loses 5% of revenue each year to fraud – a potential projected global fraud loss of $3.7 trillion annually, according to the ACFE 2014 Report to the Nations on Occupational Fraud and Abuse.
In its new Embezzlement Watchlist, Hiscox examines employee theft cases that were active in United States federal courts in 2014, with a specific focus on businesses with fewer than 500 employees to get a better sense of the range of employee theft risks these businesses face. While sizes and types of thefts vary across industries, smaller organizations saw higher incidences of embezzlement overall.
According to the report, “When we looked at the totality of federal actions involving employee theft over the calendar year, nearly 72% involved organizations with fewer than 500 employees. Within that data set, we found that four of every five victim organizations had fewer than 100 employees; more than half had fewer than 25 employees.”
Smart Picture calculates measurements with smart phone photos – just snap, measure, and share!
BRAINTREE, Mass. – OnSource, the platform that connects insurance companies with third-party vehicle and property photo inspections via smart phone apps, has recently partnered with Smart Picture Technologies to improve the speed and accuracy of collecting and recording measurements, right from the photo.
Smart Picture Technologies' patent-pending technology platform enables users to capture Smart Picture images which contain millions of measurement data points. Measurements are calculated instantaneously and users can edit and share Smart Pictures directly from OnSource's portal. This process can save considerable time when collecting measurements in the field.
"Smart Picture has created powerful solutions in the home improvement and real estate industries so we're very enthusiastic to bring SmartPicture to the insurance industry, as well," says founder and CEO, Kari Myllykoski. "Our technology uses any smart phone and increases productivity, improves accuracy, prevents human errors, and saves time and money spent in any type of work or process which requires measuring and estimating, like processing an insurance claim"
This technology can be used by OnSource's photo inspectors and with their suite of customer self-serve inspection apps. By using OnSource's photo claims apps, customers can snap photos using a "smart target" and all measurements are automatically captured.
"We're really excited to partner with Smart Picture. Adding this technology to our current inspection process makes a lot of sense for our clients who want to make collecting measurements easier and more accurate than ever before," says OnSource co-founder Tim Schneider.
Headquartered in Braintree, MA, OnSource enables companies to get fast, fair and efficient auto and property inspections through intuitive self-serve smartphone apps and an extensive national network of more than 14,000 photo inspectors. Backed by a team of quality assurance analysts and support professionals, inspections are completed quickly, accurately, and cost-effectively each and every time. To learn more, visit www.onsourceonline.com.
About Smart Picture
Smart Picture Technologies (SPT) provides a unique, powerful, and patented "measurement by picture" Cloud & Mobile platform for users to make measurement from smartphone pictures. Just snap a picture to start measuring on any smartphone - or upload the picture to the SPT cloud to make measurements on any device with a browser – and collaborate with anyone in the world. SPT radically increases productivity and eliminates errors in any industry or personal pursuit where measurement capture is important – Home Improvement, Insurance (claims and underwriting), Home and Commercial Real Estate, and many others. For more information, visit www.smartpicture3d.com.
Competitive Advantage Paper From DCIG Says Dot Hill's Hybrid Storage Array With RealStor Delivers Enterprise-Class Technology to Small and Midsize Organizations
LONGMONT, Colo. – Dot Hill Systems Corp. (Nasdaq:HILL), a trusted supplier of innovative enterprise-class storage systems, today announced availability of a new Competitive Advantage report published by DCIG entitled, "Dot Hill AssuredSAN® 4004 Tops Nimble Storage CS500 in Real-time Data Center Efficiencies, Flexible Multi-Protocol Support and an Enterprise-ready Platform." Authored by Chuck Cook, DCIG analyst, the report analyzes the architectural designs and key features of hybrid storage solutions from Dot Hill and Nimble and concluded that the AssuredSAN 4004 is an exceptional platform.
Offering up to 84TB of storage capacity per rack unit, the Dot Hill AssuredSAN 4004 with RealStor™ offers 3.5X the storage density of the Nimble Storage CS500, which is limited to 24TB of raw storage capacity per rack unit.
"The versatility of the AssuredSAN 4004 allows it to fit in diverse environments while optimizing performance for business-critical applications," said Cook. "Superior data center efficiency, flexible protocol support and enterprise-ready features combine to make the Dot Hill AssuredSAN 4004 platform a better fit than the Nimble Storage CS500 for many enterprise deployments."
"This DCIG Competitive Advantage report validates what we've seen in our labs and in the field," said Bill Wuertz, senior vice president, products and solutions, Dot Hill. "Dot Hill's unique RealStor storage operating system stands alone in its ability to provide true autonomic, real-time data movement to accelerate storage operations delivering data where customers need it, when they need it—in real time. Real time matters."
The Dot Hill AssuredSAN 4004 goes beyond the CS500's read caching, and utilizes flash for multiple functions including application as a high performance storage tier, along with read caching; and packs 3.5X the raw data into each rack unit. "Unlike Nimble Storage, network port types can easily be changed by replacing the SFPs provided by Dot Hill," the report says.
According to the report, the AssuredSAN's active-active controller configuration is an enterprise expectation. With active-active controllers, data requests are executed through concurrent access to all logical volumes. If one controller goes offline, the remaining controller services requests without interruption. "This architecture efficiently utilizes all of the system resources (CPU, memory and ports). With Nimble's active-standby configuration, half of its resources sit idle," the report states.
Dot Hill's AssuredSAN 4004 provides concurrent iSCSI and Fibre Channel connectivity for block storage. "In contrast, the Nimble Storage CS500 is a block-only storage array supporting iSCSI or Fibre Channel but not concurrently," notes DCIG. "The AssuredSAN 4004's multi-protocol capability means the AssuredSAN 4004 can fit into a broader range of data center infrastructures and provide storage for a broader range of applications."
About Dot Hill RealStor
RealStor is Dot Hill's next-generation storage operating system that delivers simple, smart, and efficient storage management services. The AssuredSAN 4004 with RealStor utilizes flash to achieve up to 100,000 I/Os per second (IOPs). Included standard with powerful Dot Hill AssuredSAN 4000 Series hybrid storage solutions, RealStor fuels a powerful set of autonomic efficiencies including:
- RealCache™ - SSD caching
- RealTier™ - SSD and HDD tiering in real-time
- RealThin™ - thin provisioning
- RealSnap™ - zero-impact snapshots
- RealQuick™ - rapid RAID rebuilds
- RealPool™ - autonomic storage resource pooling
A new and improved management interface streamlines deployment and simplifies routine storage configuration and management tasks.
About Dot Hill AssuredSAN 4004 Hybrid Arrays
Dot Hill AssuredSAN 4004 hybrid arrays maximize capacity and performance while keeping costs at a minimum. Built on Dot Hill'sninth-generation RAID stack, Dot Hill 4004 storage systems deliver exceptional performance for sequential workloads. All highly reliable AssuredSAN systems deliver proven 99.999 percent availability and feature platinum-rated power supplies. With fully redundant and hot-swappable components, Dot Hill AssuredSAN storage solutions provide easy serviceability, resulting in lower support costs throughout the life of the product. Backed by a 36-month "bumper-to-bumper" warranty, AssuredSAN storage solutions are available with the latest high-bandwidth interfaces, including 12Gb SAS, 16Gb Fibre Channel, 10Gb iSCSI or dual personality 16Gb Fibre Channel/10Gb iSCSI.
DCIG empowers the IT industry with actionable analysis that equips individuals within organizations to conduct technology assessments. DCIG delivers informed, insightful, third party analysis and commentary on IT technology. DCIG independently develops and licenses access to DCIG Buyer's Guides and the DCIG Analysis Suite. It also develops sponsored content in the form of blog entries, customer validations, competitive advantage reports, executive white papers, special reports and white papers. More information is available at www.dcig.com.
About Dot Hill
Leveraging its proprietary Assured family of storage solutions, Dot Hill solves many of today's most challenging storage problems - helping IT to improve performance, increase availability, simplify operations, and reduce costs. Dot Hill's solutions combine breakthrough software with the industry's most flexible and extensive hardware platform and automated management to deliver best-in-class solutions. Headquartered in Longmont, Colo., Dot Hill has offices and/or representatives in China, Germany, India, Japan, Singapore, the United Kingdom, and the United States.
For more information, visit us at www.dothill.com.
SIEGEN – For the last 20 years, technology developed by INVERS, a world market leader based in Netphen near Siegen (Germany), has made it possible to turn a conventional vehicle into a smart car-sharing automobile. The company is now announcing an expansion to the product line with the addition of the INVERS CloudBoxx.
Starting in May 2015, the new solution will enable car-sharing operators to offer car-sharing based solely on smart phones and regardless of the vehicle’s manufacturer. The product was optimized for the seamless integration of customer smart phones in the car-sharing process. In this way, INVERS is following the “bring your own device” trend, and will ultimately make chip cards or user terminals in the vehicle unnecessary.
The development of the CloudBoxx is based on the wealth of experience INVERS has gained over the years in equipping 45,000 vehicles to date worldwide. All hardware and software components are developed by INVERS, certified according to automotive standards, and produced in Germany.
The INVERS CloudBoxx platform includes both the in-car technology as well as a cloud API and optimized communication solutions for the efficient interaction between the smartphone, vehicle, and the INVERS Cloud.
An always-on architecture allows for live communication between the components using minimal power consumption. Simultaneous GSM and Bluetooth utilization as communication channels lets users be independent of the vehicle’s location, and they can begin and end their drive without mobile phone reception. With that, INVERS has solved a currently widespread problem affecting car-sharing, while at the same time simplifying the use of underground garages.
A simple cloud API for the straightforward connection of the company’s own applications, such as leasing software, websites, and apps, is already available for use. For developers working on their own applications, there is already a special development kit for testing purposes. The flexible and appealing pricing models let customers choose a model that best fits their respective needs.
Multiple pilot projects with car-sharing and corporate car-sharing operators are already ongoing. INVERS CEO Alexander Kirn says, “The high level of interest in the market shows that the time for a reliable and purely smartphone-based solution has come. The scope of the projects extends from startups to automobile manufacturers, who can also license individual components. In the pilot projects carried out to date, we were especially impressed by how quickly our customers were able to develop innovative mobility solutions on the CloudBoxx platform – something they can now do in days instead of weeks. We’re excited to see what kind of creative ideas our customers can continue to generate using the CloudBoxx platform.”
To learn more about this product, please go to www.cloudboxx.invers.com.