36943435
submission
rtfa-troll writes:
Symantec has just shown that the Crisis cross platform virus is able to spread to Windows mobile devices. Unfortunately the mobile module of the virus has not yet been recovered and analysed, however the implications for malware research are obvious. Where iOS malware is practically non-existent with complaints of 'too much security' and Android malware has had to be deliberately installed from 3rd party app stores it seems that more advance malware with fully automated distribution is going to come back with Windows Phone 8 which is going to be a relief for AV vendors frustrated by Apple's lack of need for security software
Microsoft has been very keen to stress that Windows Phone is a real Windows, using the same NT kernel and providing full integration with other Windows systems. Their hope is that corporate IT departments will push Windows Phone forward where consumers have rejected it. As mobile devices, Windows Phones will be continually exposed to varied external networks. The tight integration of Windows phone with user's existing Windows infrastructure, in contrast to the iOS and Android approach of making the phone fully independent and able to run stand-alone, makes the Windows 8 system an ideal bridgehead for attacks on home and corporate networks. Crisis uses Windows integration via the "Remote Application Programming Interface (RAPI)" to drop an unknown attack module direct to the phone. From that situation it's other major new features — the ability to attack Windows Virtual machines — and follow up into OS/X systems makes
In order to show the existence of the Windows phone module Symantec had to do full code analysis of Crisis, details given in the article. Unfortunately the Crisis attack module for Windows Phone has not yet been captured and is very likely not yet deployed in the wild, waiting for Windows 8 to start replace Windows Phone 7 in Crisis target environments. This means that protecting against any zero day vulnerabilities in the system is currently impossible. Worse; the knowledge of the almost certain existence of these vulnerabilities must inevitably lead to a scramble within the malware industry to work out how to take advantage of the vulnerabilities once they are finally discovered. Crisis is described as an "advanced threat" and seems to be part of a toolkit aimed primarily marketed to police forces.
35696397
submission
rtfa-troll writes:
In a new article on Groklaw, Pamela Jones, the sites founder returns to show how misrepresentation by media figures such as Florian Mueller (a publicity consultant who, as earlier reported here on Slashdot, has been employed by Microsoft and Oracle and sometimes represented in news media as "independent") and Maureen O'Gara seem to have deliberately at set out to cause serious reputation damage to Google.
When this story originally broke it was carried by Slashdot and the original poster was even taken in by the claim that "would 'far exceed any money Google has ever earned with Android'". Now Oracle may have to pay Google $4 million in expenses. Despite this, no apology has been forthcoming. Will the "consultants" compensate those they have damaged? Not likely.
What is not covered in the article is the level of damage done to application companies who split their development work and phone companies like Nokia who believed that Android was at risk and would leave room for a third mobile operating system. Such companies have committed millions or sometimes billions of dollars to projects which now look hopeless or at best pointless. Given Florian's employment at Oracle, maybe that company should be providing some compensation for mistakes made based on his media releases?
34589651
submission
rtfa-troll writes:
The multi-day failure of the computers at the Royal Bank of Scotland has now been directly linked to the hiring of 'Inexperienced' staff in Hyderabad. In their exclusive article about the RBS failure the Register say that this was caused by one of the inexperienced new hires who replaced the recently fired 30 year experienced UK team.
The Register's article shows that, during the oursourcing, recruitment requests in India asked for less than 1/3 of the typical experience of the team which was got rid of. This directly contradicts the CEO of the Royal Bank of Scotland who gave a statement that "I have no evidence of that. The IT centre — our main centre, we’re standing outside here in Edinburgh, [is] nothing to do with overseas". If the Register's article is true it would suggest remarkable ignorance on the part of the CEO who should have been fully informed about a disaster of this level within hours of it's occurrence and certainly a week later.
33562629
submission
rtfa-troll writes:
'GPL enforcement by Software Freedom Conservancy puts electronics makers on notice, leaves business users untouched', says Infoworld, going on to explain 'You are several orders of magnitude more likely to be raided by your proprietary suppliers, in the form of the Business Software Alliance, than to ever hear from SFC, let alone face any action. License compliance is a major and costly issue for proprietary software, but the case concerns an end-user license agreement (EULA), not a source license.' the expertly written article gives a good summary of why having GPL licenses enforced helps everybody except for 'hardware manufacturers — typically those creating low-cost consumer and business electronics' who need to verify that they pass on the same rights to others as they received with the original code.
32312853
submission
rtfa-troll writes:
Tomi Ahonen reports that Samsung has become the largest manufacturer of smartphones (overtaking Apple) and of mobile phones (overtaking Nokia). During the first quarter of 2012 Samsung sold 93.5 million phones with 44.5 million (48%) of those smartphones. Apple would still lead on "smart mobile devices" with 52 million sales including iPads but not iPods. The last time the lead in mobile phone changed was in 14 years ago, in 1998, when Nokia overtook Ericsson. Ericsson never recovered and began leaving the mobile phone market three years later creating Sony Ericsson, later Sony Mobile. It looks like the mobile phone market is going to be brutal with Apple and Samsung crushing everybody else except possibly HTC which is still rising and Motorola (which has Google to look after it).
29579627
submission
rtfa-troll writes:
Recently we reported on Microsoft's accusation that Google had been bypassing privacy controls. The story continued with Google attempting to explain the difficulties with P3P. Now, according to Computerworld, it turns out that Google was actually following a Microsoft recommendation and that prior to the accusation against Google, Microsoft deleted the support page with the recommendation (apparently still online at archive.org) which means that Google can no longer point to it to explain why they did what they did. The original article behind this (warning: PDF) goes into more detail about various aspects of privacy and P3P policies including what is wrong with Microsoft's recommendation.
27043040
submission
rtfa-troll writes:
On the very day that Microsoft openly announces a bribe for people who will smear Android security on Twitter Microsoft has managed to revive Nokia's classic 2001 SMS of death bug. Users who are willing to complain in tweets about malware they have downloaded onto their phones will be given a free phone which doesn't even need a download to be cracked wide open. For the users that may end up with a windows phone, security researchers are asking "haven't they suffered enough?".
23583582
submission
rtfa-troll writes:
Bruce Schneier has a good article explaining how the Guardian released the encryption key for the Wikileaks cables and destroyed the main protection against release of informer's personal information. The comments in Schneier's blog fill in details of how exactly Wikileaks secondary file security protections were also bypassed. Now the Guardian has an article that Assange risks arrest by Australia over the latest leaks which include information about an Australian intelligence officer. they even say "We deplore the decision of WikiLeaks to publish the unredacted state department cables, which may put sources at risk," and go on to state that "The decision to publish by Julian Assange was his, and his alone.", something which seems clearly debunked in the analysis on Schneier's blog.
23524126
submission
rtfa-troll writes:
A picture of vodka fountains, indefinite Jaegermiester and sexual harassment is emerging from Microsoft. The former second in command at Microsoft UK was accused of sexual misconduct involving at least five separate women. A Microsoft internal investigation was unable to prove the allegations but decided to fire Simon Negus for having "behaved dishonestly, and thereby acted in a manner calculated or likely to destroy trust and confidence between him and Microsoft" and sue him £75k. Now Negus, who already as a new job as COO at Upstream Systems has struck back with a £10 million false dismissal suit alleging a culture of drunken parties and claiming that other (Male) management at Microsoft were so drunk they followed a female Microsoft UK manager into the ladies’ lavatories. I guess we can now guess why senior managers go away to Microsoft vowing never to buy anything and come back with signed contracts; presumably it was just lying there next to them in the morning and they were too afraid to ask what happened.
23511912
submission
rtfa-troll writes:
Facebook seems to be silently censoring some posts which include Google+ links. Google is not completely adverse to a bit of censorship but I don't think we've seen something nearly this outrageous yet. This seems to be a continuation of the Facebook war against Google which was covered a while ago on Slashdot. With almost no competitors, no right of redress and fewer big companies than even the US media, if Facebook begins censoring then the post Taco world will definitely be interesting.
22012062
submission
rtfa-troll writes:
Microsoft is preparing it's customers for plenty of outage time according to the Register, with a scheme for office 365 which will give customers some money back. The offer seems to be Microsoft's answer to Google offering a '100% uptime guarantee' (they even pay for maintenance time) The most interesting thing about the scheme is that you can have a one and a half day outage every month (or is that 18 solid days a year???) and still expect to pay half price. I wonder Microsoft have put the Sidekick management in charge of their customer's data.
Looking forward my expense forms have getting eaten by the cloud so I have to fill them in again.
17734810
submission
rtfa-troll writes:
Even with the pre-Christmas buying rush, the Register writes that Microsoft is already desperately offering a new buy one get one free offers similar to the ones they gave for the KIN.. According to the register article, "Windows Phone 7 devices can't even manage two per cent of the fortnight's sales.". These aren't official Microsoft figures, they come from online shopping sites, but since Microsoft official sales figures seem subject to manipulation (also discussed on /.) this is may be one of the better guesses we will get at the success of Windows 7 until well into next year. Also this strongly backs up other reports of deeply disappointing phone sales. Even Microsoft supporters have been wondering for a while whether it's time for Ballmer to go? If the sales reports are true then it looks like he may be pushed before he jumps.
13462998
submission
rtfa-troll writes:
Beef TACO is a Firefox extension which allows a mass opt out from tracking and targeted advertising by many ad networks. The Register reports that the original system TACO has become proprietary and has added new "features" best described as bloatware. I guess this should serve as a warning for users to always prefer software under a copyleft license where possible and best if any company involved has handed it over to a foundation such as the FSF or KDE e.V or Apache foundation which will guarantee that future releases will maintain their F/OSS character. If Google had chosen a license with better protection, such as the GPL, when they released their opt out tool this problem would have been much less likely. This also shows why forks are so important when software development begins to get messy.
6523297
submission
rtfa-troll writes:
In an earlier Slashdot story Microsoft claimed to have restored all sidekick data; however it turns out that only contacts and not photographs, notes, to-do lists, marketplace data and high scores have been restored for affected users; the "The Danger / Microsoft team continues to work around the clock" fixing he problem.. In the meantime, Microsoft's damage limitation strategy is to blame other vendors involved for the fault whilst claiming that it's other services such as SharePointare somehow different and failing to explain why there was no adequate backup of their user's data. Unfortunately for Microsoft, it seems that information is leaking. It's already clear that the failure must have involved doing an upgrade without an adequate backup however the implication was that this was because danger was a small company staffed by IT incompetents. In the meantime an alternative explanation has been doing the rounds. According to this story there was a backup and danger's engineers had already started to make an up to date backup before the SAN upgrade failure which destroyed all sidekick user's data. However, the backup was terminated on Microsoft Management decision (supposedly from Roz Ho, Corporate Vice President, Premium Mobile Experiences) If true then there is a common factor putting all Microsoft cloud services at risk. Microsoft Management.
5552839
submission
ex-nokian-beliver writes:
Nine years ago, Nokia was market leader who beat all, it guessed about the "mobile internet" and by 2005 it had already delivered Maemo, a Linux based platform with most of the ideas and potential of the iPhone. However, even now in 2009 and despite years of rumours Nokia has still to deliver a Maemo based phone, it's market share is declining drastically in key mature markets and it's symbian based smart touch phone, the N97 looks frankly pathetic. On the same day that Nokia made the classic sad Novell/Borland style losers move of announcing a partnership with Microsoft (not the first mobile phone company to do so, and a move that can only end in yet more lawsuits), we see that Nokia's lead in the key smartphone market is disappearing and major investors are giving up on the company. Where did Nokia go wrong? How can it be that Nokia's main rival Samsung will deliver a Linux phone before Nokia can?
Nokia has already had disasterous partnerships with Microsoft on DRM and music where Nokia's OVI store ("a complete disaster") has failed to deliver anything like the success of iTunes. Nokia's new Microsoft partnership is reminiscent of the desperate moves Ericsson made just before being forced into a joint venture with Sony. Does Nokia have any chance to salvage it's old market lead? How can Nokia recapture from Apple the kind of "cool" it used to enjoy? What kind of senior management change is needed to give Nokia back it's old edge? Can Nokia get it's marketing people out of the way, it's head out of Microsoft and actually start to produce things consumers actually want to use? How can Nokia escape from Microsoft's warm embrace?