August 04, 2015

Windows 10 violates your privacy by default, here's how you can protect yourself

One of the biggest worries, though, is Microsoft's policy on disclosing or sharing your personal information. The following is an excerpt from the privacy policy: "We will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to protect our customers or enforce the terms governing the use of the services." The problem is that many users want personalized services, but it's difficult to draw the line at what data should be collected.


Preparing for the IoT: Creating a Foundation for Utilities

Innovators and strategists - the Directors of Transformation, the Future Networks teams and the like should be creating visions and making plans around new interactions; new data; new business models; new kinds of people they might need in their 21st century business. Studies like McKinsey’s new Internet of Things (IoT) report should be required reading for them. But it can’t all be about visions. At the same time, utilities need to keep the lights on today. They can’t ignore the pressing needs of the business-as-usual. Customer expectations are increasing everywhere. Assets are ageing everywhere. Generation and load profiles have become far less predictable. Clever engineers are retiring. These issues (and others) can’t wait for the magic wand of the IoT to make them all go away.


Is Password Sync better than AD FS for Office 365 identity management?

With AD FS, you can granularly control who's allowed to authenticate using Client Access Policies; this isn't possible with Password Sync. The Password Sync feature can also lead to confusing situations in which the password stored in Windows Azure is different from the on-premises password, despite its synchronization, such as when an administrator resets an end user's password in Office 365. At that point, the user's password in Windows Azure will change and DirSync won't trigger a new password synchronization until the end user changes his on-premises password.


New Dashboard Makes It Safer to Let Your Car Do the Driving

A new interface for cars, developed by the French automotive hardware supplier called Valeo, tries to answer this question with a new dashboard interface that spans a vehicle’s steering wheel and its instrument display and shows information from a user’s smartphone. The company says that recent user testing showed it could be a safer way of transitioning from automated driving back to human control. Driver distraction is already a huge problem on the road, and smartphone use is implicated in more than 25 percent of all traffic accidents. This is why many carmakers are already allowing smartphone makers access to the entertainment consoles in cars (see “Rebooting the Automobile”).


Post Microsoft, Nokia’s Transformation Looks Very Smart

For Nokia as a company, selling off its biggest, most prestigious and historical division that garnered most of its employees and revenues was the best decision it ever made. Today, Nokia took again took out its scalpel and sold the HERE maps division to an a German automotive consortium ... The final step in Nokia’s transformation from bloated, struggling phone manufacturer to nimble and trusted innovation and networking company is almost complete. ... But here is Nokia, the company that many had written off for dead after it sold its devices division to Microsoft in mid-2014, reemerging to position itself as a growth engine in the next era of computing. So, what is Nokia now? It is an infrastructure, services and device company aimed at building the technology that the world will need to enter the next wave of computing.


Organizations should focus data sharing post-incident, not attribution

When it comes to the information that should be collected and given to law enforcement, McAndrew noted that priority assets will vary per investigation, but in general law enforcement is interested in data that can be used to identify perpetrators, as well as data that relates to the timing and manner of breach, data exfiltration, and any disruptive or destructive activity. "Any existing system logs, SIEM data, IDS, DLP, endpoint data, network and data flow maps might provide insights into these issues and be most helpful to investigations," he said. But some organizations will be hesitant to share complete details. Even so, data related to internal investigative reports or forensic examinations conducted by non-law enforcement personnel should be shared anyway, even partial information.


Apple and Google Know What You Want Before You Do

At its developers’ conference in May, Google demonstrated how Google Now can alert a traveler to airport gas stations when the traveler is returning a vehicle and may need to fill the tank. Google can deduce the return time from emails showing the traveler’s itinerary and real-time departure data provided by airlines. For other uses, Google Now, introduced in 2012, taps Web search and browsing history, Google services such as Gmail, calendar and YouTube, and data from the phone such as location, time and app use. The company says it wants as much information as possible to produce the most useful recommendations. “Imagine an assistant who works for you for [only] one hour a day,” says Aparna Chennapragada, director of product and engineering for Google Now.


Who and what to ask before hatching your plan to lead

You can find a plethora of people who are knowledgeable about an organization and its issues, problems, opportunities, and more. You’ll find them at the higher echelons as well as from the board of directors to the CEO, executive staff, and senior management. Some are in the middle of the hierarchy, responsible to the higher echelons. Others are first-line supervisors or individual contributors in operational or support rolls. Those close to developing or delivering the value proposition to key constituents have a closer operational view than those at the higher ranks. These insiders all have a point of view. Just ask them—from the receptionist to the board chairman, from the team captain to the water boy, from the janitor to the mayor.


Project Jigsaw is Really Coming in Java 9

Since modularization is the goal, Project Jigsaw will introduce the concept of modules, which are: named, self-describing program components consisting of code and data. A module must be able to contain Java classes and interfaces, as organized into packages, and also native code, in the form of dynamically-loadable libraries. A module’s data must be able to contain static resource files and user-editable configuration files. To give modules some context, think of well-known libraries such as Google Guava or the ones in Apache Commons as modules. Depending on how granular their authors want to split them, each of those might themselves be divided into several modules.


Newest RIG exploit kit driven by malicious ads

"Criminals will seek out the cheapest ad providers where they can place their malicious ads and turn that cheap traffic into infections using exploit kits. For the criminal- these infections are their profit so it makes sense, financially, to go to the lowest ad providers down the chain," he said. One of the victimized ad networks is buy-targeted-traffic.com, which enables customers to selectively target who their ads will be shown to, including browser type, geography, operating system type, and more. Since RIG only targets Internet Explorer users, this feature was perfect for the malvertising run, since it enabled victim screening. For as little as 0.20 cents, a RIG customer can purchase 1,000 ad impressions on low-end websites, delivering steady traffic that runs under the radar.



Quote for the day:

“Hardships often prepare ordinary people for an extraordinary destiny.” -- C.S. Lewis