Tag: Technology

High Speed Wireless Coming To Laptops Next Year

If you’re in the market for a new laptop but can milk a little more life out of the one you’ve got, 2019 will be the year to buy.  The reason?  5G.  AT&T is slated to become the first carrier to offer 5G network connectivity to small segments of its customer base this year (starting in Atlanta, Dallas, and Waco, and then slowly spreading to other areas).

While they’ll be the first, it’s not hard to imagine that their competitors will be hot on their heels, and all the major PC and laptop manufacturers are keenly aware of this.  That’s why Microsoft, Lenovo, HP, Dell, and Intel have all announced that the first 5G-enabled PCs will become available sometime in mid to late 2019, in a bid to take advantage of the awesome new capabilities that 5G promises to make a reality.

While Intel missed the 4G opportunity, the company has every intention of being front and center in the 5G revolution.

In fact, the company had this to say when it made its announcement earlier this week:

“Intel is investing deeply across its wireless portfolio and partners to bring 5G-connected mobile PCs to market, with benefits for users like high quality video on-the-go, high-end gaming, and seamless connections as users traverse WiFi and Cellular networks.”

All true, and a widespread 5G network would truly be a game changer.  The problem though, is that 5G has a bit of an image problem.  It has long been considered the Holy Grail of wireless networking, and Intel and other companies have been hyping its many advantages for years.

The difference of course is that now, companies have the technical capabilities to make it all real, and have firm timetables in place for a rollout, neither of which were true in the past. Even so, 5G now has to swim against a bit of a tide of its own making as it draws closer to becoming reality.

Intel Releases New Patch For Spectre Chip Issue

By now, you’ve probably heard more than you ever wanted to hear about the critical Intel security flaw known as “Spectre.”  The flaw is massive in scope and scale, impacting every chip that Intel has released over the past decade, and if exploited, would allow a hacker to take complete control over the vulnerable system.  Needless to say, once discovered, the company got to work right away on a fix for the issue.

Unfortunately, there were problems.  Whatever form the fix ultimately took, it was going to mean a performance hit to any machine receiving the update.  Early estimates were that performance could be degraded by between 17 and 24 percent.

As it turns out, things were worse than expected.  Intel’s first attempt at patching the issue can only be described as a catastrophic failure, causing updated systems to spontaneously reboot multiple times a day and ruining performance.  The problem got so bad that the company formally recommended not installing the patch and waiting for a better one to be developed.

That better patch is now available, and has been extensively tested to avoid the problems that plagued the release of the first patch.  If you’re running a machine that uses Intel’s sixth, seventh, or eighth generation processor (Kaby Lake, Coffee Lake, or Skylake), or if you’re using a machine running an X-series processor, you should have already received the update via OEM firmware push.  If not, now is the time to grab it.

While it’s true that we’ve seen worse bugs and flaws than Spectre, this is as bad as anything we’ve seen recently. Given how many Intel-based machines there are out there in the wild, the problem posed by Spectre couldn’t get much bigger.  Don’t leave yourself vulnerable.  Get the update today.

Mi-Cam Baby Monitor Video Feeds Vulnerable To Hacking

Do you have a Mi-Cam in your home?  Even if you don’t have kids, you may have one. They’re a highly popular, inexpensive means of keeping tabs on the comings and goings inside your home when you’re not around.

As with so many such devices these days, users have the option of installing either an Android or iOS app on their phones so they can peek in remotely, any time they like, and therein lies the problem.

It’s no secret that the IoT is filled with “smart” devices that don’t live up to their name when it comes to security, and the Mi-Cam is no exception.  Security researchers have discovered that the communications between the company’s cloud servers where the video feeds live and the smartphones of the product’s user based are not secure.

So far, six different vulnerabilities have been identified, all of them critical. Any one of them would allow a hacker to hijack the window into your video feed and use that to scroll through literally every video feed on the company’s cloud, regardless of who owns it.  All told, that’s more than fifty thousand video feeds, accessible from a single point of entry.

It gets worse.  The attack is trivial to perform, because no SSL certificate is needed.  All that’s required is a copy of either the Android or iOS mobile app.

The manufacturer of the Mi-Cam has been notified of these critical security flaws, but as of now, none have been addressed. The company has not released any information about when they might be.  In light of that, if you have one, your best bet is to simply stop using it until the company can at least employ some rudimentary security protocols.

New Android OS To Improve Lower End Phones

Google has another new product out.  A slimmed down, streamlined version of the Android OS called “Go.”  Unfortunately, it’s release didn’t gather as much press as you’d expect when a new OS is released.  The reason for that is simple.  The new, slimmer, sleeker Android Go was designed for low-end phones with limited storage capacity, which don’t typically get much press either.

Despite the relative lack of fanfare, Android Go is an interesting app that deserves some attention, even if you don’t own a low-end phone.  At first glance, it’s got a lot going for it, although it remains to be seen if users will embrace it and make full use of its capabilities.

The first major noteworthy difference between Go and the standard Android OS is the fact that it doesn’t take up nearly as much space.  Counting the OS itself and the Android default apps, the entire package requires just over 3GB, which is a significant space savings. This makes a real difference on low-end phones, which typically have no more than 8GB of storage to begin with.

Second, it comes with an app called “File Go” that offers users suggestions on files that can be moved to the cloud or safely removed altogether.  Another app known as “Datally” makes tools available to manage how much data other apps on the phone are using, especially helpful for people who have limited data plans.

Third, there’s a special “YouTube Go” version of the standard YouTube app that gives users three different video streaming options: basic, standard, and high quality. This comes with information about how much data each of the three options will eat up.

In addition to those changes, Google has added a special section to its Play Store, highlighting apps that don’t require a lot of space.

Android Go is aimed specifically at users in developing nations, as this is where the highest concentration of low-end smartphones can be found.  As to how successful the new OS will be, only time will tell, but early indications are encouraging.

Biometric Authentication Seeing Wide Adoption In Businesses

According to a new report published by Spiceworks, nearly 90 percent of businesses will use some type of biometric technology for authentication by the year 2020.  In fact, some 62 percent of companies already use biometrics in some form, with another 24 percent stating their intention to do so within the next two years.

The particulars break down like this:

  • 57 percent of companies using biometric authentication use fingerprint scanners
  • 14 percent use facial recognition
  • Five percent make use of hand geometry recognition
  • Three percent use iris scanners
  • Two percent use voice recognition
  • Two percent use palm-vein recognition

There are only a handful of companies that provide biometric solutions. Of those, Apple dominates the space, providing 34 percent of fingerprint scanning solutions and 14 percent of facial recognition solutions.

The rest of the market breaks out as follows:

  • Lenovo Fingerprint Manager is used by 13 percent of companies that utilize biometrics
  • Samsung fingerprint readers are used by 13 percent
  • Microsoft’s Windows Hello (face login) is used by 13 percent
  • Android’s Face Unlock is used by seven percent

As widespread as biometric adoption has been, only 10 percent of CIOs felt that biometric solutions were secure enough to be the sole means of authentication.  IT security professionals have reached largely the same conclusion, with just 23 percent of them thinking that biometrics could replace traditional text-based passwords within the next two years.

The two biggest hurdles they see are the relative lack of transparency provided by biometric solutions providers about flaws and vulnerabilities discovered in their systems, and the lack of transparency around the biometric data collected by vendors.

Peter Tsai, a senior technology analyst at Spiceworks had this to say about the report: “Many IT professionals aren’t convinced biometrics can serve as a secure and reliable replacement for the standard username and password combo.  Unless technology vendors can address the security issues and privacy concerns associated with biometrics, the technology will likely be used side-by-side in the workplace with traditional passwords or as a secondary authentication factor for the foreseeable future.”

SSD Drive Makers Adding Features To Reduce Duplicate Data

Big changes are in the works in the SSD-based storage ecosystem. It includes three different vendors all making similar announcements regarding designs to help companies that rely on SSD-based storage systems to reduce duplication and control data creep.

It’s not hard to see why they’re scrambling.  Although the price of SSD-based storage systems are coming down, it’s a slow process.  Currently, a gigabyte’s worth of SSD storage costs about forty cents, versus about five cents per gigabyte of HDD storage.  Less data duplication means less data to store, making the SSD drives utilizing the new technology more efficient.

Here’s a quick overview of the solutions offered by the three major vendors in this space:

  • Hitachi – Hitachi is working to upgrade all-flash F-Series and its hybrid flash/hard disk G-Series of drives, as well as its SVOS operating system. The improvements to the operating system include new AI-based container and operations support and introduced a new feature in the form of the “Hitachi Infrastructure Analytics Advisor.” This provides real-time analysis of your data center optimization across all storage devices, networks, servers and virtual machines in a bit to more efficiently predict data center needs and optimize/troubleshoot data storage.
  • HPE – The company has upgraded their “Nimble” storage line, which includes an array of all-flash products, a hybrid disk-flash product line and a secondary flash line. The big change here is that the company’s products now support inline, variable block size deduplication.  The company claims this change makes their products “the most efficient hybrid arrays in the industry by a wide margin.”
  • IBM – IBM has issued an upgrade to its Storwize arrays, the first in more than two years. The update improves cloud integration, overall disk performance and an array of enhanced deduplication tools, claiming as much as a 5:1 data reduction while retaining 100 percent data availability (provided you’re using IBM HyperSwap).

How big an impact these changes will have remains to be seen, but kudos to all three companies for taking decisive steps to bolster the performance of their storage devices.

New Vulnerability May Expose Encrypted Emails 

Security researchers at the Electronic Frontier Foundation (EFF) have discovered a dangerous new email vulnerability called “Efail.”  Exploiting this new email vulnerability would allow hackers to decrypt emails encrypted with either PGP or S/MIME – including emails that were sent several years earlier.  Both of these encryption tools are commonly used by politicians, journalists and other professionals who need a secure means of electronic communication. Since the standards are so well established, they’re used widely and regarded as fool-proof.  Sadly, that’s no longer the case.

EFF researchers had this to say about the newly discovered vulnerability:

“In a nutshell, Efail abuses active content of HTML emails (for example, externally loaded images or styles) to exfiltrate plaintext through requested URLs.  The attacker changes an encrypted email in a particular way and sends this changed encrypted email to the victim.  The victim’s email client decrypts the email and loads any external content, thus exfiltrating the plaintext to the attacker.”

In simpler terms, it’s about as bad as it could possibly get.  Once a hacker has access to your email account, they can use the embedded HTML tags inside your mail to force your email system to decrypt those messages so the hackers can see exactly what they contain.

EFF’s recommendation is that if you rely on either PGP or S/MIME for email encryption, your best bet is to simply disable them, and uninstall the tool or tools used to decrypt those messages.

It should be noted however, that there are others in the security community who disagree with this assessment.  A spokesman for ProtonMail tweeted out the following response:

“Efail is a prime example of irresponsible disclosure.  There is no responsibility in hyping the store to @EFF and mainstream media and getting an irresponsible recommendation published (Disable PGP), ignoring the fact that many (Engimail, etc.) are already patched.”

Despite the divided opinion, if it’s something you’re concerned about, you can neatly side step the problem by simply opting for plain text messages, rather than using HTML-emails.

New Chips Support Increased Network Speeds To 400Gbps

Marvell Semiconductor has a new product out, and it’s a game changer.  Their new “Alaska” chip (the Alaska C 88×7120) is the first on the market to support the new 802.3 standard.  The 802.3cd is on tap to eventually replace current Ethernet ports running at 25Gbps to 100Gbps with ports that will run at 50Gbps, 200 Gbps, and 400 Gbps.

The future is now.

Granted, the Alaska chips aren’t for sale just yet, but they are sampling to customers (“Sampling” in the chip world is akin to beta testing in software).  The chip supports sixteen 50 Gbps ports, four 200 Gbps ports, and two 400 Gbps ports, which will quadruple network output.  Even better, the new chips support both copper and fiber-optic wiring, as well as SerDes (long-reach serialization/deserialization) on system and line side interfaces, allowing OEMs to use the chips for wide-area interfaces.

Also of interest, the new chips use PAM4 (pulse-amplitude modulation), which is a four-level signaling scheme that’s designed to replace NRZ (non-return to zero) binary modulation, and even better, the new PAM4 protocol will be backwards compatible with NRZ hardware.

The port density on the new chip has been optimized to enable both Quad Small Form Factor Pluggable – Double Density and Octal Small Form Factor Pluggable port types for 500 GbE, 200 GbE, and 400 GbE deployments.

If all of those technical details make your head spin, not to worry.  The short of it is that once these chips go mainstream, network output is going to increase dramatically, which means that network speeds are about to get even faster.

Unless you run or manage a huge data center, you’ll probably never have direct contact with these chips. However, as big data centers begin deploying them, you’ll absolutely see the benefits.

New Freemium Offer Mines Cryptocurrency

Freemium software is certainly nothing new.  They are free apps that offer premium features if you don’t mind ads displaying while you’re using it or paying a small fee to have the ads removed.  At least one company is trying a new business model on for size, albeit with limited success.

The company is Qbix, and their freemium app is called “Calendar 2.”  It’s a solid calendar app with more features than Apple’s default app, and the Qbix offers its users premium features if they’re willing to allow the company to make use of CPU cycles to mine cryptocurrency.

Hackers around the world have been enslaving the computers of unsuspecting users and using their processing power to mine cryptocurrency, all while making millions in the process. However, this is the first instance we’ve seen of a company attempting to bring the business model mainstream.

Unfortunately, there were two issues with the release of the latest version.  First, there was a bug in the way the mining app was implemented that kept it running, even if users opted out of the default setting (which is, of course, to accept the arrangement).

Second, and even more disturbing, the mining software consumed twice as much processing power as the calendar app claimed that it would.  Both flaws were discovered by Calendar 2 users, who did not have nice things to say about the app and expressed their concern that Apple had allowed the app on the App Store in the first place.

For Apple’s part, the company seems to have no problem with the revenue scheme, provided that the offering company gets the consent of the user. Although given Calendar 2’s less-than-spectacular-success with the idea, the company may well change their Terms of Service to forbid it going forward.

You Can Now Search Google From iMessage With App Download

There’s a fun, new update for Apple’s iMessage app that will probably make lots of power users happy.  As long as you also have Google’s iOS app installed, you’ll be able to perform Google searches from within iMessage itself.

In order to make it work, you’ll have to go into the app drawer (App Store icon) and enable the iMessage extension.  Once enabled, all you have to do to use Google search is to tap on the Google shortcut icon to get the search box.  Even better, the update includes shortcuts for watching trending YouTube videos, scoping out nearby restaurants, checking out local weather conditions, and even a handy GIF search.  There’s also a quick news search option.

If you search for restaurant recommendations, the new app makes the results easy to share in the conversation you’re having. Although curiously, this feature doesn’t carry over to YouTube videos or news.  Even so, it can be situationally useful.

In a similar vein, Google’s keyboard app, “GBoard” also now has search built into it.  In fact, you don’t even have to have GBoard installed.   As long as you’ve got the core Google App, the search extension will appear in iMessage’s app drawer.

These are small changes, but if you spend a lot of time texting, you’ll find them invaluable.  Think back to prior text conversations you’ve had.  There have probably been a number of occasions when you found yourself wishing you could do a quick search on whatever topic you were talking about.

It’s great to see these kinds of changes as the cellphone market continues to grow.  When the iPhone first burst onto the scene, apps were few and far between.  Now, not only are there untold thousands of apps on the market, but they are becoming increasingly integrated.  That’s very good to see.