TEXTS FOR READINGText 1. Google two-step verification: a must for business email 29 May 2013 By Kevin Partner
http://www.pcpro.co.uk/realworld/382114/google-two-step-verification-a-must-for-business-email
I decided to cancel my subscriptions to WishList, a plugin I use to handle memberships on one of my websites, which integrates with PayPal to accept payment and then assigns access rights to the appropriate ages. WishList itself works very well, but I’d also signed up for its support service, WishList Insider, so I targeted this for termination. Imagine my surprise when I browsed to the WishList site to cancel and was met with a page telling me the site had "stopped". It turns out the Gmail account of Stu McLaren, one of WishList’s founders, had been hacked, and, as email is the main verification method used by domain registration companies, the perpetrator had managed to get WishList’s domain name transferred to him. He had also altered the DNS settings so the URL pointed to his own server, and, for good measure, had used Gmail to gain access to Stu’s PayPal account and help himself to some cash. The hairs stood up on the back of my neck when I read Stu’s account of this affair, as I thought about just how much damage might have been done had my own Gmail account been hacked. I’ve been aware of Google’s two-step verification system for some time, but I felt my strong password was adequate protection, and I was concerned the system might be a hassle to use. Stu’s experience showed me I was deluded about the former, so I decided to find out what was involved. The two-step system uses both a password and a numerical code tied to your mobile phone, which can be sent by Google via SMS or generated by a smartphone app. It means a prospective hacker would need to obtain both your password and your phone to access your account. When you want to sign in to your Google account, you must type the password and then the code, but you only need to go through this full process once every 30 days on any particular device, so, once done, using your computer or smartphone feels exactly the same as before. Actually, it isn’t quite friction-free, since some Google services (including, surprisingly, Chrome Sync) aren’t yet integrated with two-step verification, so you’ll need to create an authorisation token for them. Overall, though, my misgivings were entirely unfounded, and, while no system can be 100% secure, this is definitely a step in the right direction that ought to become mandatory for business email.
Text 2. How to deal with a ransomware attack
The ransomware threat has grown over the years as criminals seek ways to monetize their malware endeavors by holding your data to ransom. Symantec reckons it’s a crime that turns over more than £3 million a year, and the evidence suggests it has spread far from its original eastern European base (where it was concentrated until fairly recently). Indeed, to the best of my knowledge, there are now approaching 20 different ransomware malware families, each with many variants and all active out in the wild. It isn’t all good news for the bad guys, though: in the run up to Christmas, the Police Central e-crime Unit (PCeU) announced the arrest of three people involved in the ransomware business in the UK. The "unlock" file they tell you to download may infect your PC with yet more malware. In this case, it seems the criminals were using a splash page featuring Metropolitan Police and PCeU logos that claims the authorities are monitoring your online activity and have detected offences being committed. As a result, your computer is put in a locked-down state until you pay the "ransom" – a £100 fine. Of course, the actual implementation of such ransomware attacks varies considerably, but they all have similar roots and exit points: malware or malicious links to infect, and money to be paid in order for locked data to be released. Actually, it isn’t quite as simple as paying the ransom and getting your data back, for several reasons. First, remember you’re dealing with criminals – why should they care about your data? They only care about your money and have no incentive to unlock your PC after you’ve paid up. Second, these criminals will be keen to maximise their profit from every victim, so if you pay by credit card or provide your bank details they can commit further fraud using this information, or sell it on to other scammers. In addition, the "unlock" file they tell you to download may infect your PC with yet more malware. A ransomware attack is a lose-lose scenario for the victim (unless you have a hitman to hand). It’s far better to avoid being infected in the first place, which means employing the usual kinds of common sense and security software. Better, too, to have all your data backed up, so you can restore it without paying any ransom, or a nice clean disk image to drop back into place. Of course, not everyone is so well prepared for disaster, and the folk who are most at risk are the ones who are least likely to keep backups. So what can be done if your computer is infected and you’re not prepared to pay up? One big problem following a ransomware attack is that unlocking your data isn’t easy. It can be done, most often by re-booting the computer to run a Linux environment from which the rogue files can be identified and deleted. But this isn’t straightforward nor always successful, since it’s often difficult to uncover the files without the "live" ransomed Windows environment running to provide forensic clues. This is where the hitman comes in, or more precisely, the HitmanPro.Kickstart functionality that’s been added to the latest version of an anti-malware "second opinion" file scanner called HitmanPro. HitmanPro.Kickstart enables the victim of a ransomware attack to create a bootable USB flash drive with which to reboot the infected machine and recover from the lockdown by clearing up infection without further manual interaction. It looks good, so you might want to make a note of the Kickstart download site should you – or one of your friends or family – become a victim. Text 3. Intel introduces wine-powered computing 12 Sep 2013 By Darien Graham-Smith http://www.pcpro.co.uk/news/384175/intel-introduces-wine-powered-computing
Intel has demonstrated a proof-of-concept computing system that draws so little power it can operate off the chemical energy in a glass of wine. The demo was part of Intel fellow Genevieve Bell’s keynote address on the last day of IDF, in which she discussed the potential of future mobile systems to become part of the environment. To illustrate the point, a presenter poured a local Californian wine into a glass fitted with a pair of electrodes, creating a battery capable of powering a simple computing device equipped with a CPU, accelerometer and wireless networking system. She explained that Intel was already working on “computing solutions so low-powered that in the future we’ll be able to power them with the heat of our skins, or the ambient light in the room.”
Dr Bell also highlighted the potential for mobile computing devices to make better use of context. Principal engineer Lama Nachman joined her on stage to demonstrate how a smartphone in someone’s pocket might use accelerometer data to confirm the user’s identity by their distinctive gait. She also showed how audio recognition data could be used to enable multiple devices to detect when their owners were interacting. Another demonstration featured a smart cycling jacket, created by the Fraunhofer Institute in Berlin. The jacket is equipped with integrated accelerometers, which detect when the wearer is riding a bicycle and cause embedded LEDs to automatically light up, aiding visibility. Dr Bell concluded with a prediction that the forthcoming challenge in computing would be how to “manage an ensemble of devices, in a way that’s comfortable, easy and transparent.”
Text 4. Tablet sales to overtake PCs this quarter
More tablets will ship than desktops or laptops combined in the fourth quarter of this year, analyst firm IDC has predicted. But more PCs than tablets will ship over the course of the year, IDC said, saying tablets won't out-ship PCs for a full year until 2015. The analyst firm didn't breakdown numbers for its fourth-quarter prediction, but said 134.4 million desktops and 180.9 million laptops would ship in 2013, versus 227.3 million tablets. More than a billion smartphones will ship this year, with IDC putting the final number at 1,013.2 million for 2013. IDC lumps the four categories together as "smart connected devices", giving smartphones two-thirds of the market. With smartphones removed from the equation, tablets nabbed 42% of shipments in 2013. IDC expects tablets to surpass PC sales by 2015, but didn't give a breakdown of its shipment prediction for that year. For 2017, it expects desktop shipments to slide to 123 million, laptops to climb to 196.6 million, and tablets to climb by 79% to 406.8 million. By that year, IDC predicts 1,733.9 million smartphones to ship. While growth rates remain strong, IDC pointed out that smartphones and tablets were also facing market saturation, hit by lower cost smartphones and budget tablets. The analyst firm predicted that for 2013 two-thirds of shipments would be from smartphones and tablets costing less than $350. "At a time when the smartphone and tablet markets are showing early signs of saturation, the emergence of lower-priced devices will be a game-changer," said Megha Saini, research analyst at IDC.
Text 5. Microsoft kills Masters certification programmes
Microsoft can kill its top-level Masters certification this year, angering users who say they've invested time and money training for the exams. Microsoft will "retire" exams for the Microsoft Certified Master (MCM), Microsoft Certified Solutions Master (MCSM), and Microsoft Certified Architect (MCA) qualifications from 1 October, and said it would no longer offer Masters and Architect level training. The decision has angered users who have spent years training for the elite-level qualifications. Microsoft itself claims the MCM and MCSM programs reflect the "deepest level of product expertise". The company hinted it was mulling a replacement program, according to the email posted to one Microsoft employee's blog. "As technology changes so do Microsoft certifications and as such, we are continuing to evolve the Microsoft certification program," said Microsoft. "The IT industry is changing rapidly and we will continue to evaluate the certification and training needs of the industry to determine if there's a different certification needed for the pinnacle of our program." Responding to the outcry on Microsoft Connect, a senior director at Microsoft Learning, Tim Sneath, explained that the current certifications hadn't gained enough traction. "Having a program that costs candidates nearly $20,000 creates a non-technical barrier to entry," he said. "Having a program that is English-only and only offered in the USA creates a non-technical barrier to entry." Sneath added the sheer cost of running the program made it impossible for Microsoft to scale out any further, and that the firm was considering its options. "We have some plans already, but it’s a little too early to share them at this stage," he said. "Over the next couple of months, we'd like to talk to many of you to help us evaluate our certifications and build something that will endure and be sustainable for many years to come." Sneath added that while Microsoft was closing the program to new entrants, it wasn't actually removing the certification. "In short, having the Masters credential is a huge accomplishment and nobody can take that away from the community," he said.
|
