May 07, 2016

Why Microsoft won't extend the Windows 10 free upgrade offer

If Microsoft hasn't paid a price for instituting the free upgrade, its ecosystem has: Analysts from all corners have attributed some of the continued contraction of PC sales to the free deal. In other words, Microsoft has reasons, one in particular, to end the offer: Doing so will placate its OEM (original equipment manufacturers) partners, the Lenovos, Dells and HPs of the computer industry, who will have a better chance of selling new hardware with the offer abandoned. ... It has, for instance, made a radical change to what hardware it will support in the future, saying in January that only Windows 10, or more specifically, "the latest Windows platform at that time," will support future systems. The policy is a strong signal to OEMs that Microsoft will push new hardware as it markets 10. It also establishes a precedent if, down the line, Microsoft decides to declare Windows 10 unfit for, and thus unsupported on, older hardware.


The Central Bank Heist and COBIT 5® for security

COBIT 5 for security addresses ignorance. It sets out everything you have to do to achieve the relevant security way beyond technical solutions. It provides both high-level and detailed approaches on assessing the business environment, ways to discover your firm’s risk appetite and tolerances, and what to look at to define the security you need. Only then does the guide move on to security implementation and monitoring. Looking at security in context brings out the reason for security investment and makes sense of the effort and expenditure required. ... Getting back to our central banks in Bangladesh and the Philippines, and SWIFT, what lessons are there that need to be applied? For Bangladesh: COBIT 5 cannot cure apathy but can go a long way in identifying the cultural issues the bank needs to overcome. The security guide’s approach exposes vulnerabilities and helps identify what can be done, however small, to begin addressing them.


Banks tie up with startups for novel payment solutions

By opening up their APIs, banks have reduced the time taken for fintech companies to process transactions. Yes Bank opened its API recently to Snapdeal and allowed the ecommerce company to route their 'Refunds' through them. Hence time required to refund is reduced to an hour from a week.  "Previously we had to make an excel sheet containing all the data regarding the money that got transferred through us and had to upload it onto the bank's corporate interface, which then would get processed. This would require a lot of manual file sharing. Now with API integration, this process has become automated and fast," said Anish Williams, CEO of Transerve which is a business correspondent to RBL Bank.  While opening up of the bank's interface makes processes very easy, it also exposes the bank's platform to malware which could harm the bank's database.


Australian Treasury department calls for public comments to help classify digital currency

The first solution is an “Input taxed treatment,” which removes the taxable event from the acquisition of digital currencies. A consumer that buys a few dollars worth of an unspecified digital currency won’t be taxed on the transaction, but when he or she goes to buy a cup of coffee with that digital money, the coffee store charges normal sales tax. A second solution is to remove all special designation and taxation from digital currencies, and to simply re-label them “money,” alongside items in the current definition of money, “including Australian or foreign currency, promissory notes, bills of exchange and money orders.” This option would give bitcoin more credibility than before, but instantly subject bitcoin to all of the existing regulations that come with money, including taxation on foreign exchange transactions, required to buy them.


Will Digitization Eliminate Jobs or Redefine Them?

The answer depends on how companies are digitized. If you look at technology simply as a way to reduce costs at the expense of your most important asset—people—job losses will mount. If, however, you approach digitization correctly by first reimagining work—understanding which new roles and skills will be needed in a digital world—the future of jobs is bright. ... The research shows how empowering people with “digital accelerators” that combine business process change and technology creates the three capabilities of digital business agility—hyperawareness, informed decision-making, and fast execution. Digitization is not just about deploying technology to cut costs. The real goal is to drive business growth through innovation. That means reimagining work and empowering people in a digital context and creating a more efficient and fulfilling work experience along the way.


Who will manage IoT in the enterprise?

Most IT departments throughout enterprises are about to relinquish control of the Internet of Things, a research firm says. IoT will not generally be managed by IT, reckons Bob O’Donnell. His company,TECHnalysis Research, recently completed an online study about which department will be running IoT within organizations. Surprisingly, operations, facilities and manufacturing was the principal selection, the researcher found (with 42 percent). It will be the “most common department to be responsible for IoT projects,” O’Donnell says. IT came in second, with 33 percent, and line of business and business strategy groups followed in third position at 24 percent. Line of business can mean a few different things in corporate-eze. They include computer applications used in an enterprise, general products offered or a general corporate division. In any case, it isn’t IT.


Digital strategies must be able to adapt to changes in cloud services

Venters said that enterprises can respond by understanding the direction and business models in which cloud vendors are heading and creating a business strategy in response. This can evolve with them and if necessary pivot in the opposite direction if the objectives of both do not align to the benefit of each other. “When we buy a service [from a vendor] we need to understand their business model and how it might adapt in the future, and then adapt our business model to align with it,” he explained. Such a strategy means that all IT procurement should be seen as acquiring sustainable services, not products, that operate in tandem with a company’s business strategy. Effectively, each purchase needs to work in the context of the business and the wider cloud ecosystem to which they connect.


Why We Should Not Jailbreak Our Devices

Jailbreaking in iOS is the process of gaining unauthorized access or elevated privileges on a system. It basically modifies the iOS kernel and allows file system read and write access to an application. Most of the jailbreaking tools apply some kernel patches to the iOS kernel and make some unauthorized changes to the kernel to remove the limitation and security features built by the manufacturer. And, this allows the users to install additional third party applications, extensions and patches from outside Apple's App Store. ...  Attackers can easily insert malicious files into or extract sensitive file from a jailbroken device. In fact, this vulnerability is widely used by a number of commonly known malware programs. Attackers can use keyloggers or other malware programs to steal sensitive data from a jailbroken device.


Qualcomm Flaw Puts Millions of Android Device at Risk

Devices running Android KitKat (4.4) and later are affected less than older devices because they come with the Security Enhancements for Android (SEAndroid) mechanism enabled in enforcing mode by default. This makes stealing other apps' data through this flaw impossible. On these newer Android versions, "the 'netd' context that the '/system/bin/radish' executable runs as does not have the ability to interact with other 'radio' user application data, has limited filesystem write capabilities and is typically limited in terms of application interactions," Valletta said. However, a malicious application could still use the flaw to modify system properties, he said. "The impact here depends entirely on how the OEM is using the system property subsystem."


We're still living in the dark ages of cyber security

The big problem we face today is that most of the software that runs our massive IT ecosystem is vulnerable to cyberattacks. And there’s nowhere to hide: If you’re not a hermit, it is virtually impossible today not to be exposed to information technologies. Digital equipment, devices and gadgets are all around us. An average household in the modern world already has several networked devices, and there are predictions that soon it will own hundreds of them. And there’s probably not a single factory today - no matter what industry - that’s not using some sort of computerised industrial control systems. The big problem is that we’re using computers and various devices that were never designed to withstand an attack by a highly qualified threat actor. However, our infrastructure is becoming increasingly ‘cyber-physical’, while being run by the same vulnerable software.



Quote for the day:


“Great leaders don't need to act tough. Their confidence and humility serve to underscore...” -- Simon Sinek