Businesses

Open19 Launches Open Hardware Project Targeting Edge Computing (datacenterfrontier.com) 9

miller60 writes: The Open19 Foundation launched today, positioning its open hardware designs as a platform for edge computing, and an alternative to the Open Compute Project and hyperscale designs. The Open19 designs were created by the data center team at LinkedIn, citing its focus on a 19-inch rack and licensing terms that it said allow participants better control over their intellectual property. Open Compute develops the 21-inch Open Rack but is also supporting several designs for 19-inch racks, including the Project Olympus concept contributed by Microsoft, LinkedIn's parent company. According to Fortune, the Open19 Foundation is a new group established by LinkedIn, Hewlett Packard Enterprise, and General Electric. Its purpose is to make it easier for businesses to buy data center hardware and to encourage companies to build data center hardware more uniformly so that it fits in standardized data racks. The racks themselves are used by businesses to house their computing gear, such as servers and routers. The 19-inch rack is the most commonly used.
Microsoft

Microsoft's New Surface Pro Features Faster Intel Kaby Lake Processor, 13.5 Hours of Battery Life (thurrott.com) 59

On the sidelines of Windows 10 China Government Edition release, Microsoft also announced a new Surface two-in-one laptop. The latest addition to company's hybrid computing line up, the "new Surface Pro" sports an improved design, and houses a newer processor from Intel. From an article: The new Surface Pro features the same 3:2 12.3-inch PixelSense display as its predecessor, providing a resolution of 2736 x 1824 (267 ppi) and 10 point multi-touch capabilities. Surface Pro is based on faster and more reliable Intel "Kaby Lake" chipsets in Core m3-7Y30 with HD Graphics 615, Core i5-7300U with HD Graphics 620, and Core i7-7660U with Iris Plus Graphics 640 variants, which should make for a better experience. As with the previous version, the Core m3 version of the new Surface Pro is fanless and thus silent. But this is new: The Core i5 versions of the new Surface Pro are also fanless and silent. And a new thermal design helps Microsoft claim that the i7 versions are quieter than ever, too. The new Surface Pro is rated at 13.5 hours of battery life (for video playback), compared to just 9 hours for Surface Pro 4. That's a 50 percent improvement. urface Pro can be had with 4, 8, or 16 GB of 1866Mhz LPDDR3 RAM. The new Surface Pro is built around the USB 3-based Surface Connect connector and features one full-sized USB 3 port and one miniDisplayPort port. Microsoft also announced a new Surface Pen (sold separately), and claims that the new pen is twice as accurate (compared to the previous version). No word on the pricing but it will be available in all major global markets in the "coming weeks." The new Surface ships with Windows 10 Pro. (Side note: Earlier Microsoft used to market the Surface Pro devices as tablets that could also serve as laptops. The company is now calling the Surface Pro laptops that are also tablets.)
Microsoft

Microsoft Announces 'Windows 10 China Government Edition', Lets Country Use Its Own Encryption (windows.com) 104

At an event in China on Tuesday, Microsoft announced yet another new version of Windows 10. Called Windows 10 China Government Edition, the new edition is meant to be used by the Chinese government and state-owned enterprises, ending a standoff over the operating system by meeting the government's requests for increased security and data control. In a blog post, Windows chief Terry Myerson writes: The Windows 10 China Government Edition is based on Windows 10 Enterprise Edition, which already includes many of the security, identity, deployment, and manageability features governments and enterprises need. The China Government Edition will use these manageability features to remove features that are not needed by Chinese government employees like OneDrive, to manage all telemetry and updates, and to enable the government to use its own encryption algorithms within its computer systems.
Microsoft

Microsoft Says a Chinese 'Gaming Service' Company Is Hacking Xbox Accounts (theverge.com) 28

An anonymous reader shares a report: Since 2015, a Chinese gaming website has been hacking Xbox accounts and selling the proceeds on the open market, according to a complaint filed by Microsoft in federal court on Friday. On its website, iGSKY presents itself as a gaming service company, offering players a way to pay for in-game credits and rare items -- but according to Microsoft, many of those credits were coming from someone else's wallet. The complaint alleges that the company made nearly $2 million in purchases through hacked accounts and their associated credit cards, using purchases as a way to launder the resulting cash. On the site, cheap in-game points are also available for the FIFA games, Forza Horizon 3, Grand Theft Auto V, and Pokemon Go, among others.
Data Storage

Microsoft Wants To Use DNA For Cloud Data Storage (technologyreview.com) 48

Last July, researchers from Microsoft and the University of Washington said that they had successfully encoded about 200 megabytes of data onto synthetic DNA molecules. The company is now planning to take the technology commercial. "Computer architects at Microsoft Research say the company has formalized a goal of having an operational storage system based on DNA working inside a data center toward the end of this decade," reports MIT Technology Review. "The aim is a 'proto-commercial system in three years storing some amount of data on DNA in one of our four centers for at least a boutique application,' says Doug Carmean, a partner architect at Microsoft Research." From the report: Internally, Microsoft harbors the even more ambitious goal of replacing tape drives, a common format used for archiving information. Major obstacles to a practical storage system remain. Converting digital bits into DNA code (made up of chains of nucleotides labeled A, G, C, and T) remains laborious and expensive because of the chemical process used to manufacture DNA strands. In its demonstration project, Microsoft used 13,448,372 unique pieces of DNA. Experts say buying that much material on the open market would cost $800,000. According to Microsoft, the cost of DNA storage needs to fall by a factor of 10,000 before it becomes widely adopted. While many experts say that's unlikely, Microsoft believes such advances could occur if the computer industry demands them.
Botnet

Attackers DDoS WannaCry Kill Switch (venturebeat.com) 72

An anonymous reader quotes VentureBeat: As of late Friday, after many of the deadlines threatening data deletion had passed, few victims had paid ransoms. According to Elliptic Enterprises, only about $94,000 worth of ransoms had been paid via Bitcoin, which works out to less than one in a thousand of the 300,000 victims who were reportedly affected by WannaCry... While not as bad as feared, ransomware (not to mention cybersecurity threats in general) isn't going away. Wired reported that the domain registered by Hutchins has been under intense denial-of-service attacks delivered by an army of IoT devices marshalled, zombie-like, by Mirai.
Security

New SMB Worm Uses Seven NSA Hacking Tools. WannaCry Used Just Two (bleepingcomputer.com) 115

An anonymous reader writes: Researchers have detected a new worm that is spreading via SMB, but unlike the worm component of the WannaCry ransomware, this one is using seven NSA tools instead of two. Named EternalRocks, the worm seems to be in a phase where it is infecting victims and building its botnet, but not delivering any malware payload.

EternalRocks is far more complex than WannaCry's SMB worm. For starters, it uses a delayed installation process that waits 24 hours before completing the install, as a way to evade sandbox environments. Further, the worm also uses the exact same filenames as WannaCry in an attempt to fool researchers of its true origin, a reason why the worm has evaded researchers almost all week, despite the attention WannaCry payloads have received.

Last but not least, the worm does not have a killswitch domain, which means the worm can't be stopped unless its author desires so. Because of the way it was designed, it is trivial for the worm's owner to deliver any type of malware to any of the infected computers. Unfortunately, because of the way he used the DOUBLEPULSAR implant, one of the seven NSA hacking tools, other attackers can hijack its botnet and deliver their own malware as well. IOCs are available in a GitHub repo.

Ars Technica quotes security researchers who say "there are at least three different groups that have been leveraging the NSA exploit to infect enterprise networks since late April... These attacks demonstrate that many endpoints may still be compromised despite having installed the latest security patch."
Windows

Almost All WannaCry Victims Were Running Windows 7 (theverge.com) 123

An anonymous reader quotes a report from The Verge: According to data released today by Kaspersky Lab, roughly 98 percent of the computers affected by the ransomware were running some version of Windows 7, with less than one in a thousand running Windows XP. 2008 R2 Server clients were also hit hard, making up just over 1 percent of infections. Windows 7 is still by far the most common version of Windows, running on roughly four times as many computers as Windows 10 worldwide. Since more recent versions of Windows aren't vulnerable to WannaCry, it makes sense that most of the infections would hit computers running 7. Still, the stark disparity emphasizes how small of a role Windows XP seems to have played in spreading the infection, despite early concerns about the outdated operating system. The new figures also bear on the debate over Microsoft's patching practices, which generated significant criticism in the wake of the attack. Microsoft had released a public patch for Windows 7 months before the attack, but the patch for Windows XP was only released as an emergency measure after the worst of the damage had been done. The patch was available earlier to paying Custom Support customers, but most XP users were left vulnerable, each unpatched computer a potential vector to spread the ransomware further. Still, Kaspersky's figures suggest that unpatched XP devices played a relatively small role in the spread of the ransomware.
Microsoft

Linux Distros Won't Run On Microsoft's Education-Focused Windows 10 S OS (betanews.com) 115

Reader BrianFagioli writes: I was sort of hopeful for Windows 10 S when Microsoft made a shocking announcement at Build 2017 that it is bringing Linux distributions to the Windows Store. This gave the impression that students using the S variant of the OS would be able to tinker with Linux. Unfortunately, this is not the case as Microsoft will be blocking Linux on the new OS. In other words, not all apps in the store will be available for Windows 10 S. "Windows 10 S does not run command-line applications, nor the Windows Console, Cmd / PowerShell, or Linux/Bash/WSL instances since command-line apps run outside the safe environment that protects Windows 10 S from malicious / misbehaving software," says Rich Turner, Senior Product Manager, Microsoft. Tuner further explains, "Linux distro store packages are an exotic type of app package that are published to the Windows Store by known partners. Users find and install distros , safely, quickly, and reliably via the Windows Store app. Once installed, however, distros should be treated as command-line tools that run outside the UWP sandbox and secure runtime infrastructure. They run with the capabilities granted to the local user -- in the same way as Cmd and PowerShell do. This is why Linux distros don't run on Windows 10 S: Even though they're delivered via the Windows Store, and installed as standard UWP APPX's, they run as non-UWP command-line tools and this can access more of a system than a UWP can."
Government

CIA Co-Developed 'Athena' Windows Malware With US Cyber Security Company, WikiLeaks Reveals (bleepingcomputer.com) 104

An anonymous reader writes: Today, WikiLeaks leaked documentation about a tool called Athena. According to leaked documents, which WikiLeaks previously claimed it received from hackers and CIA insiders, Athena is an implant -- a CIA technical term for "malware" -- that can target and infect any Windows system, from Windows XP to Windows 10, Microsoft's latest OS version. Documents leaked today are dated between September 2015 and February 2016, showing that the CIA had the ability to hack Windows 10 months after its launch, despite Microsoft boasting about how hard it would be to hack its new OS. [...] The documents reveal that CIA had received help from a non-government contractor in developing the malware. The company is Siege Technologies, a cyber-security company based in New Hampshire, which was acquired on November 15, 2016, by Nehemiah Security, another US company, based in Tysons, Virginia, on the outskirts of Washington and near CIA's headquarters, in a zone peppered with various military and defense contractors.
China

Chinese State Media Says US Should Take Some Blame For Cyberattack (cnbc.com) 82

An anonymous reader shares a CNBC report: Chinese state media on Wednesday criticized the United States for hindering efforts to stop global cyber threats in the wake of the WannaCry ransomware attack that has infected more than 300,000 computers worldwide in recent days. The U.S. National Security Agency (NSA) should shoulder some blame for the attack, which targets vulnerabilities in Microsoft systems and has infected some 30,000 Chinese organisations as of Saturday, the China Daily said. "Concerted efforts to tackle cyber crimes have been hindered by the actions of the United States," it said, adding that Washington had "no credible evidence" to support bans on Chinese tech firms in the United States following the attack. The malware attack, which began on Friday and has been linked by some researchers to previous hits by a North Korean-run hacking operation, leveraged a tool built by the NSA that leaked online in April, Microsoft says.
United States

The Tech Sector Is Leaving the Rest of the US Economy In Its Dust (theverge.com) 155

Yesterday afternoon, the S&P 500 closed at a record high, and is up over $1.5 trillion since the start of 2017. "And the companies doing the most to drive that rally are all tech firms," reports The Verge. "Apple, Alphabet, Facebook, Amazon, and Microsoft make up a whopping 37 percent of the total gains." From the report: All of these companies saw their share prices touch record highs in recent months. This is in stark contrast to the rest of the U.S. economy, which grew at a rate of less than 1 percent during the first three months of this year. That divide is the culmination of a long-term trend, according to a recent report featured in The Wall Street Journal: "In digital industries -- technology, communications, media, software, finance and professional services -- productivity grew 2.7% annually over the past 15 years...The slowdown is concentrated in physical industries -- health care, transportation, education, manufacturing, retail -- where productivity grew a mere 0.7% annually over the same period." There is no industry where these players aren't competing. Music, movies, shipping, delivery, transportation, energy -- the list goes on and on. As these companies continue to scale, the network effects bolstering their business are strengthening. Facebook and Google accounted for over three-quarters of the growth in the digital advertising industry in 2016, leaving the rest to be divided among small fry like Twitter, Snapchat, and the entire American media industry. Meanwhile Apple and Alphabet have achieved a virtual duopoly on mobile operating systems, with only a tiny sliver of consumers choosing an alternative for their smartphones and tablets.
Businesses

Microsoft Commits $5 Million To 'Landmark' United Nations Technology Partnership (venturebeat.com) 21

Microsoft and the United Nations (UN) have announced a five-year "landmark" partnership to develop technology to "better predict, analyze and respond to critical human rights situations," according to a statement issued today. From a report: Additionally, Microsoft will support work being carried out by the UN Human Rights Office by contributing $5 million to a grant in what the UN called an "unprecedented level of support" from a private organization. An example of the kind of technology the duo have been working on is an information dashboard called Rights View that gives UN employees access to real-time aggregated data on rights violations by country. This, it's hoped, will "facilitate analysis, ensure early warning of emerging critical issues, and provide data to guide responses," according to Microsoft.
The Almighty Buck

Big Banks Will Fall First To AI, China's Most Famous VC Predicts (qz.com) 64

An anonymous reader writes: Wall Street will be one of the first and largest industries to be automated by artificial intelligence, predicts Kai-Fu Lee, China's most famous venture capitalist and former Microsoft and Google executive. Lenders, money managers, and analysts -- any jobs that involve crunching numbers to estimate a return -- are at risk. "Banks have the curse of the baggage they have, like Kodak letting go of film," Lee says. "Their DNA is all wrong." [...] The big banks that dominate now, the venture capitalist predicts they will be outmaneuvered by smaller startups able to deploy new technology much faster.
Intel

Apple To Refresh Entire MacBook Lineup Next Month, Air and Pro To Feature Kaby Lake (bloomberg.com) 232

Apple will unveil new laptops during its annual developer conference, known as WWDC, next month, reports Bloomberg. The company is going to refresh the MacBook Pro (as well as Air and just the 'MacBook' models) with new seventh-gen processors from Intel, the newest available, the report adds. Last year, Apple launched three new MacBook Pro laptops with older sixth-generation chips, which means people who already own the newer model may be a bit dismayed by Apple's refresh. From the article: Apple is planning three new laptops, according to people familiar with the matter. The MacBook Pro will get a faster Kaby Lake processor from Intel, said the people, who requested anonymity to discuss internal planning. Apple is also working on a new version of the 12-inch MacBook with a faster Intel chip. The company has also considered updating the aging 13-inch MacBook Air with a new processor as sales of the laptop, Apple's cheapest, remain surprisingly strong, one of the people said.
Security

Group Linked To NSA Spy Leaks Threatens Sale of New Tech Secrets (reuters.com) 105

Hacker group Shadow Brokers, which has taken credit for leaking NSA cyber spying tools -- including ones used in the WannaCry global ransomware attack -- has said it plans to sell code that can be used to hack into the world's most used computers, software and phones. From a report on Reuters: Using trademark garbled English, the Shadow Brokers group said in an online statement that, from June, it will begin releasing software to anyone willing to pay for access to some of the tech world's biggest commercial secrets. In the blog post, the group said it was setting up a "monthly data dump" and that it could offer tools to break into web browsers, network routers, phone handsets, plus newer exploits for Windows 10 and data stolen from central banks. It said it was set to sell access to previously undisclosed vulnerabilities, known as zero-days, that could be used to attack Microsoft's latest software system, Windows 10. The post did not identify other products by name. It also threatened to dump data from banks using the SWIFT international money transfer network and from Russian, Chinese, Iranian or North Korean nuclear and missile programs, without providing further details.
Microsoft

Microsoft Job Posting Hints At VR MMO (roadtovr.com) 18

sqorbit writes: Microsoft has posted a job opening for a Senior Design Manager for a mixed-reality team. The posting states they are "looking to build a massively social gaming and entertainment experience for both the PC and the console." It looks like they are targeting both PC and Xbox Platforms for a VR socially geared development project. The requirements: "The Xbox Mixed Reality team is looking for an experienced senior design manager with deep expertise and passion around crafting immersive social systems and experiences. [...] Here is an opportunity to join a fun and collaborative team that experiments with the latest toys, works with state of the art tech, and crafts the future of entertainment." Road to VR notes that the company says they're looking for someone who has "Shipped at least 3 AAA consumer entertainment products" and has 7+ years using design tools; bonus points if they've got experience in "NUI, VR, AR, game design, art direction, and video storytelling."
Windows

'Don't Tell People To Turn Off Windows Update, Just Don't' (troyhunt.com) 507

Security researchers Troy Hunt, writing on his blog: Often, the updates these products deliver patch some pretty nasty security flaws. If you had any version of Windows since Vista running the default Windows Update, you would have had the critical Microsoft Security Bulletin known as "MS17-010" pushed down to your PC and automatically installed. Without doing a thing, when WannaCry came along almost 2 months later, the machine was protected because the exploit it targeted had already been patched. It's because of this essential protection provided by automatic updates that those advocating for disabling the process are being labelled the IT equivalents of anti-vaxxers and whilst I don't fully agree with real world analogies like this, you can certainly see where they're coming from. As with vaccinations, patches protect the host from nasty things that the vast majority of people simply don't understand. This is how consumer software these days should be: self-updating with zero input required from the user. As soon as they're required to do something, it'll be neglected which is why Windows Update is so critical.
Android

Slashdot Asks: In the Wake Of Ransomware Attacks, Should Tech Companies Change Policies To Support Older OSs Indefinitely? 358

In the aftermath of ransomware spread over the weekend, Zeynep Tufekci, an associate professor at the School of Information and Library Science at the University of North Carolina, writes an opinion piece for The New York Times: At a minimum, Microsoft clearly should have provided the critical update in March to all its users, not just those paying extra. Indeed, "pay extra money to us or we will withhold critical security updates" can be seen as its own form of ransomware. In its defense, Microsoft probably could point out that its operating systems have come a long way in security since Windows XP, and it has spent a lot of money updating old software, even above industry norms. However, industry norms are lousy to horrible, and it is reasonable to expect a company with a dominant market position, that made so much money selling software that runs critical infrastructure, to do more. Microsoft supported Windows XP for over a decade before finally putting it to sleep. In the wake of ransomware attacks, it stepped forward to release a patch -- a move that has been lauded by columnists. That said, do you folks think it should continue to push security updates to older operating systems as well?
Security

Cyberattacks From WannaCry Ransomware Slow But Fears Remain (bbc.com) 76

WannaCry ransomware, which has spread across 150 countries, appears to be slowing down with few reports of fresh attacks in Asia and Europe on Monday. A report on BBC adds: However staff beginning the working week have been told to be careful. The WannaCry ransomware started taking over users' files on Friday, demanding $300 to restore access. Hundreds of thousands of computers have been affected so far. Computer giant Microsoft said the attack should serve as a wake-up call. BBC analysis of three accounts linked to the ransom demands suggests only about $38,000 had been paid by Monday morning.

Slashdot Top Deals