Wednesday, October 26, 2016

Apple is holding an event on Thursday the 27th of October which is said to be revealing an all new MacBook computer. Now new leaks have all but confirmed it.

The new MacBook will be welcome news for fans who have been waiting years for a refresh. Macrumours found the new info in images which were part of the macOS update released yesterday about Apple Pay.

The pics are of a new slimmer MacBook which is notable for the inclusion of a special OLED panel above the keyboard. This will be a secondary display which also features tough, capable of generating contextual inputs depending on what you're doing.

That's a very neat idea indeed, and the leaked images also suggest that there will be an embedded fingerprint scanner right in this panel for extra added security.

Expect all the official announcements from Apple tomorrow.

New MacBook images leak- it has a stylish touchbar

President Barack Obama has disclosed that his youngest daughter recently mocked him on Snapchat.

The US leader said Sasha had recorded him discussing the social network at a family dinner and then quietly posted a reaction to her friends.

It is not the first time the president has discussed his 15-year-old's online activities.

In July, he said she also tweets, leading several media outlets to try to identify her account.

It remains secret.

Likewise a copy of the described Snapchat post has not been made public. Messages posted to the app are designed to disappear after being viewed or within a short period of time, but there are ways to circumvent the restrictions.

Bored photo
President Obama recounted the latest event on Monday's edition of the Jimmy Kimmel Live TV show.

"Sasha gave me instructions on Snapchat," he said.

"One night at dinner we're sitting there, and I had read that Snapchat was becoming really popular among her age cohort. So, I said: 'So, tell me about Snapchat.'

"So, she starts explaining stuff - you can make little faces on your picture, and this and that and the other.

"And at the end of it, Michelle and I are sitting there. And I said: 'Isn't this interesting?'

"And I started talking to Michelle about the implications of social media and what all this means.

"[And I] come to find out she was recording us the whole time, and then sent to her friends afterwards: 'This is my dad lecturing us on the meaning of social media.'

"And she took a picture of herself sort of looking bored."

The president added that his wife - who joined Snapchat in June - and his eldest daughter Malia had "loved" the post.

The show's host, Jimmy Kimmel, joked that the event represented a security breach.

Email leaks
The president also mentioned that his own iPhone was limited to receiving emails and browsing the internet, and would not take photos, play music or make calls.

"My rule has been throughout my presidency, that I assume that someday, some time, somebody will read this email," he said.

"So, I don't send any email that at some point won't be on the front page of the newspapers."

Hillary Clinton - who is campaigning to be the next commander-in-chief - has been beset by a scandal over leaked emails, while her rival Donald Trump has been accused of using outdated software on his company's email servers.

President Obama also said that he expected technology to preoccupy his successor.

"One of the biggest challenges... is going to be: how do we continue to get all the benefits of being in cyberspace but protect our finances, protect our privacy?

"How do we balance issues of security? Because people expect the government to monitor this enough to protect them from bad guys.

"But they worry that if government is in there too much, then who is going to protect them from government?

"This is going to be a big debate that we're going to have for a long time."

President Obama scoffed at Snapchat from daughter Sasha

New photo editing apps like Prisma and Snapseed have changed the way we show off our photos on social media in 2016, and Facebook now wants to change the way we upload videos too.

Facebook’s Chief Product Officer Chris Cox showed off a prototype of similar filter technology to Prisma at an interview during the WSJD Live conference.

Unlike Prisma, Facebook’s new tech is just designed for video and there's no sign yet the company will allow it to work on still images.

It’ll also work much faster than Prisma – apparently the demo on stage showed the video rendering in real-time, which Prisma doesn't currently do.

Filters on filters

Cox admitted each filter is currently in a prototype stage and he didn't make it clear how Facebook plans to implement the technology.

Facebook could release a new, separate app to compete with Prisma or it could bring the features to Instagram to offer extra video filters.

There’s also the chance the company could implement this technology into its Facebook Live platform, which would make sense considering it works in real-time.

For now we're going to have to wait to find out as Cox didn't reveal when the technology will be launching.

Source: TechRadar

Facebook is working on its own version of Prisma

MINGORA: The Pakhtunkhwa College Teachers Association (PCTA) has rejected the proposed biometric system of attendance to be installed in the colleges of Malakand division.

The decision was made at a meeting held at the Government Postgraduate Jahanzeb College, Saidu Sharif on Tuesday. Teachers from the government colleges of Matta, Kabal, Madyan, Alporai, Puran, Chakesar, Jowarr and Daggar participated in the meeting.

On the occasion, Swat PCTA president Prof Hameed Iqbal said that teachers in the colleges were not ready to accept installation of biometric system for their attendance. “Taking fingerprints at 8am and then at 3pm the same day is not the solution to problems rather the introduction of biometric system will create and increase the problems,” he said.

Mr Iqbal claimed that the college teachers performed their duty honestly, but the government did not provide professional allowance to them as given to employees of other departments.

“If the government does not start professional allowance to college teachers they will never accept the biometric system of attendance. All college teachers will initiate a movement against the installation of biometric system,” he said.

However, the people here have shown concern over rejection of the biometric system by the college teachers and said that if the teachers were doing their work sincerely they should not have objected to the new attendance system.

“Introduction of biometric system has produced fruitful results in schools and health sectors where services to the public have improved,” said Shaista Hakim, a resident of Mingora. She said the college teachers should not reject the system.

“Majority of college teachers are punctual, but there are many others who do not perform their duty and either remain absent or go early from colleges. Introduction of biometric system is fully justified,” said Niaz Ahmad, another resident of Mingora.

Source: Dawn News

Teachers refuse biometric attendance system in college

Taking a page from its push for hybrid Azure clouds, Microsoft suggests cloud-enhanced versions of SQL Server may call for certified hardware

Hidden in Microsoft's announcement of the public beta for its Azure Analysis Service was word of another big data development: the SQL Server 2016 DW Fast Track Reference Architecture.

It sounds innocuous and even downright useful. Microsoft has, in its words, "collaborated with a number of our hardware partners on a joint effort to deliver validated, preconfigured solutions that reduce the complexity and drive optimization when implementing a data warehouse based on SQL Server 2016 Enterprise Edition."

However, this sounds a lot like the "validated, preconfigured solution[s]" Microsoft has declared its sole delivery method for Azure Stack in hybrid deployments. If Microsoft is building a hybrid cloud future where every significant part, from database to compute, requires specific hardware, that's going to turn off a lot of IT.

With Azure Stack, the in-house component of Microsoft's plan to deliver a hybrid Azure experience, you'll get the full-blown version only if you buy a preconfigured box courtesy of Microsoft and a hardware partner. Don't pop out that corporate Amex card yet; Azure Stack won't even be available until mid-2017.

The reasoning isn't totally absurd. Microsoft claims it needs tight control over the hardware in order to deliver an experience it feels comfortable stamping with its logo. That says as much about the demands of Azure Stack as it does Microsoft's insistence on delivering a worthy product.

The requirement also hints at dedicated hardware for Azure as a good business model. Given Microsoft's talk about revamping its other enterprise products, the hardware-centric strategy might not stop with Azure Stack.

Consider SQL Server 2016. One of its most ballyhooed features, the stretch database function, allows data to be remotely echoed (aka stretched) to Azure based on user-established rules. Backup and full-blown migration to Azure are also part of that package. It's a toss-up whether SQL Server is being made "cloud-friendly" or "cloud-first," given how a larger slice of Microsoft's future -- and that of nearly every other major IT vendor -- is cloud-bound with each passing year.

In that light, Microsoft could in time promote a reference-hardware implementation of SQL Server 2016 as the prime interface for Azure, alongside other dedicated hardware. The same pitch would apply: Use our certified hardware combo to get the best possible results. Pay upfront for a proven solution, and you'll save more money in the long run.

This could be good as long as it's not the only hybrid Azure option. It might even be tolerable if major parts of the Azure hybrid cloud aren't held back from users who don't take the forklift upgrade.

The real detail to note isn't whether Microsoft will push dedicated Azure hardware for various aspects of the hybrid cloud. Rather, it's how much will be available for enterprise users who don't go that route.

Source: InfoWorld

Microsoft's embrace of server bundles may wrankle IT

Before the technology improved with the Internet that allowed faster data speeds with broadband services, the idea of voice over the Internet was only a dream. Our only option was the regular Plain Old Phone Service (POTS) provided over expensive copper wire.

Regular phone service usually doesn't include many features. Even long distance requires a separate account with a long distance carrier at additional expense.

If you have Internet service from a cable company then you may be able to get phone service from them too. This is known as VoIP. It stands for Voice over Internet Protocol.

The VoIP phone service comes through your cable rather than the old copper wires. The cable company will supply you with a special telephony modem.

A telephony modem includes an Analog Telephony Adapter (ATA) built into it. This Internet modem has one or two phone jacks in addition to the usual Ethernet jack for your computer.

Features Included with VoIP

VoIP services usually include most of the technologically available features at no extra cost. Features such as the following are free with most VoIP services.

  • Call-Waiting
  • Caller-ID
  • Three-Way-Calling
  • Call Blocking
  • Call Forwarding
  • Distinctive Ring for VIP Callers
  • Long Distance (Usually to all 50 States in the USA, plus Puerto Rico)
  • One Important Disadvantage

If you have a power failure, your modem will not work and therefore your phone service will be knocked out.

You could connect your modem to an Uninterruptable Power Supply (UPS) that provides power for an hour or two if you are in an area that is prone to losing electricity. In addition, your cable provider might even include a feature to forward calls to your cell phone in case of a power outage.

This can be enabled and controlled by you via a web login portal. The features listed above can also be controlled from your web portal.

Additional Line at Low Cost

If you only have one phone line, you use only one jack. However, you can have two numbers. The monthly cost for the additional line is very small compared to two-line service over copper lines.

There are two reasons why the cost is low. There is no need to run additional cables, and the central office support for an additional line does not take up any additional resources.

Internal Wiring

Connecting the phones throughout your home still requires copper wire. However, you probably already have this from your existing phone service. All you need to do is have the wires terminate at the location where your Internet Telephony Modem will reside.

You simply connect this wire to the telephony modem. The connection is made with the standard RJ-11 jack that you use with your phones.

If you have two lines running through one wire, it uses the same looking jack at the end, but this is known as an RJ-14. The inner two pins carry line 1 and the outset two pins carry line 2. In this case one of the jacks in the modem is used. You'll notice that one of the jacks is labeled L1/L2 and the other is labeled just L2.

Final Remarks

The technology has been improved in recent years with the advent of better data compression techniques. It even provides better quality sound due to the use of digital transmission.

Long Distance can be included free, and overseas at low-cost, because the service takes advantage of the Internet satellite infrastructure that's already in place around the world.

VoIP definitely is the wave of the future that is here now.

Benefits of VoIP Over Normal Telephone Services

Gaze into crystal balls, see another contraction in iPhone sales

Later today Apple will once again announce a sales decline for its biggest product lines, including the iPhone, the company's financial powerhouse, according to more than two dozen analysts.

The September quarter results will be highlighted by a 6 percent year-over-year reduction in iPhone sales, making the third consecutive quarter of smartphone slump. The good news? The contraction will be less than half of the two previous quarters.

Apple's continued problems were spelled out by Philip Elmer-DeWitt, who runs the subscription-based Apple 3.0 website. Elmer-DeWitt has been collecting data from financial analysts for years -- starting when he blogged for Fortune -- and the seven independent and 21 institutional experts he queried forecast a drop in unit sales of the iPhone, iPad and Mac, and another decline in total revenue.

For last year's September quarter, Apple reported revenue of $51.5 billion, and said it sold 48.1 million iPhones, 9.9 million iPads and 5.7 million Macs. The Mac number was a single-quarter record.

Although the 28 analysts' estimates collated by Elmer-DeWitt pegged revenue for this year's September quarter at between $47.1 billion and $49.5 billion -- a spread that topped Apple's guidance of $45.5 billion to $47.5 billion -- their average was $47.2 billion, which would represent a year-over-year decline of 8 percent. That would be about half the decline of the June quarter, which was down 15 percent.

(For the June quarter, Elmer-DeWitt's pre-earnings panel average of $42.1 billion in revenue came close to Apple's reported $42.4 billion.)

The blame for the downbeat estimate was, as in the last two quarters, the expected poor performance of the iPhone, which in the June quarter accounted for about 57 percent of Apple's total revenue. Elmer-DeWitt's analyst pool prophesied that Apple sold 45.1 million iPhones in the September period, a 6 percent drop from last year.

Apple's other product legs will also be shakier than in 2015, the analysts bet. Their average on the iPad was 9.1 million tablets sold, a decline of 7 percent from 2015's September quarter, and a tad less than the 9 percent contraction in the June quarter. Mac sales should total 5.1 million, for a 11 percent decline, virtually the same as the June quarter.

The bright spot will remain Services, which Apple has aggressively touted as the boomtown on its books. That bucket -- which includes revenue from iTunes, the App Store, AppleCare, iCloud, Apple Pay, and licensing -- will climb 19.5 percent to $6.1 billion, the panelists said. If their estimate average ends up on target, Services would account for 13 percent of Apple's total revenue, more than the contribution of either the iPad or the Mac over the previous three quarters, but a smaller slice of the pie than in the June quarter.

Apple will audio-stream its earnings call today starting at 2 p.m. PT (5 p.m. ET), when it will reveal whether the forecasts hit the bulls-eye or missed by a country mile.

This story, "Financial experts forecast more bad news for Apple" was originally published by Computerworld.

Financial professionals predict more bad news for Apple

Jamboard is a cloud service and 55-inch display aimed at enhancing collaboration

What's big, red, and supposed to be the next big thing in workplace collaboration? Google's new Jamboard, a massive touch display and accompanying cloud service that's supposed to help business users brainstorm together. 

Jamboard works like a digital whiteboard, letting users sketch out ideas, attach digital sticky notes, plus bring in content from the web into a single, constantly updating workspace. People can use Jamboard to collaborate both on the 55-inch mega-display of the same name, or using accompanying tablet and smartphone apps for iOS and Android.

The Jamboard is available in private beta for business customers of Google's G Suite productivity service offering starting Tuesday. The company expects to make it generally available early next year.

For companies that have already invested in using G Suite and want to spend tens of thousands of dollars on bringing digital whiteboards into their workplaces, Jamboard seems like an interesting option. The hardware is slickly-designed, and Google's functionality feels like it could be a major enhancement over analog brainstorming.

For that price, companies get a fairly robust hardware package. The Jamboard boasts a 4K display, and comes with a pair of high-precision styluses for sketching and writing, along with a digital eraser that also doubles as a cleaning cloth. In addition, users can also touch the screen with their fingers and manipulate items on the screen with multi-touch gestures.

Jamboard also supports technology that will turn handwriting drawn on the screen into text, and convert drawn shapes into digital ones. It's a way to dress up the work that people are doing on the device.

All Jams are backed up to one user's Google Drive account, which means that in the event the Jamboard appliance loses power, users' work is backed up to the cloud.

The Jamboard appliance can support the full Hangouts experience using its built-in camera, speakers and microphone. That means users could interact with a call that has up to 50 participants on it while whiteboarding at the same time. That turns the device into a roving collaboration hub, which could be useful.

Users will also be able to interact with the full Jamboard canvas using the tablet apps that Google has developed for Android and iOS. That way, people who don't have control of the mega-display can still contribute fully to the conversation at hand, whether they're in the room or working remotely.

People can also add content to a Jam using the Jamboard phone app for iPhone and Android. It won't give users the full ability to edit what people are working on, but will make it easier for them to do things like add outside content and sticky notes to what's being discussed.

For those folks who just want to see what's going on, they'll be able to tune into a Jam via Chrome on a PC or Mac.

In the view of Gartner Research Director Adam Preset, Jamboard's impact on the market will be similar to Microsoft's Surface Hub. That product, which is a large touchscreen display designed for Office 365 users to collaborate live in person and over the internet, is taking share away from existing digital whiteboard vendors in the enterprise. He sees the Jamboard as playing a similar role.

"The organizations that have already committed to Google, and have not found a sufficiently useful digital whiteboarding solution that works well with Google, will be quite satisfied," Preset said in an interview. "This appliance in and of itself, however, will not drag more business over to the larger Google G Suite service."

In many ways, Jamboard feels like a quintessential Google product -- slickly designed with features that are futuristic and forward-thinking, and forged in the crucible of the company's own rigorous needs. But like the company's other offerings in that vein, there's still an open question about whether its customers are interested in or ready for the future.

After all, this feels a bit like the second coming of Google Wave, a before-its-time collaboration product that let people work together on constantly evolving, live-updating digital whiteboards (without a physical component). Wave launched in 2009 and shut down in 2012, due to lack of interest.

What's more, there's still a lot more to be done for Jamboard to evolve as a product. Right now, the service doesn't support rewinding a Jam to see how it evolved over time, or embedding video in a Jam. All of that's on the roadmap for the product's future, according to representatives from the company.

Source: InfoWorld

Google is attempting to rebuild the whiteboard

ImageWare Systems and Aurionpro have entered into a three-year agreement to integrate ImageWare’s GoVerifyID with Aurionpro’s Digital Branch DX – multi-service kiosk.

Aurionpro’s Digital Branch DX—Self-Service Kiosk is designed to automate the traditional banking branch experience to perform at high levels of efficiency, personalisation and speed, creating an immersive digital experience for the customer.

Aurionpro will market and resell the combined solution to its existing and prospective customers, and ImageWare will host the GoVerifyID SaaS on Amazon Web Services. The firms anticipate going to market starting the fourth quarter of 2016.

“One of the key objectives of any digital transformation journey is increasing customer engagement. At Aurionpro we are redefining the customer experience by removing the friction points – paper, plastic and password across all delivery channels – mobile, web, and kiosks,” says Nirav Shah, COO and global head – Digital Innovation, Aurionpro. “We are very excited in partnering with ImageWare and integrating its multi model biometrics with our Digital Branch DX – multi-service kiosk. This enables us to deliver amazing customer experience combined with simple, convenient and state of the art security controls for verification & authentication.”

ImageWare says GoVerifyID is its enterprise solution that covers the full range of biometric authentication, including identity proofing, cloud provisioning, on-device enrolment, real-time authentication, integration into existing security workflows, and a turnkey self-service portal.
“Aurionpro is a global technology solutions leader that helps clients accelerate their digital innovation, secure their enterprises and optimise business operations,” says Jim Miller, chairman and CEO, ImageWare. “By combining Imageware’s biometric authentication technology with Aurionpro’s Branch DX product, we fulfill our joint mission of adding an extra layer of reliable and easy-to-use security, while enhancing an already outstanding user experience.”

Source: PlanetBiometrics

ImageWare and Aurionpro acknowledge integration contract

Fingerprint-focused biometrics firm Suprema has received a South Korea patent related to fingerprint technology.

The patent covers fingerprint authentication linked to a password, according to a translation of the patent.

Published on 25 October, it only states that the tech is related to high security industries.
In September, Suprema said it received a patent on apparatus and method for recognizing face based on environment adaption.

Source: PlanetBiometrics

Suprema takes South Korea patent

Small, low-power chip designs now incorporate ARM's TrustZone technology

IoT is making devices smaller, smarter, and -- we hope -- safer. It's not easy to make all those things happen at once, but chips that can help are starting to emerge.

On Tuesday at ARM TechCon in Silicon Valley, ARM will introduce processors that are just a fraction of a millimeter across and incorporate the company's TrustZone technology. TrustZone is hardware-based security built into SoC (system on chip) processors to establish a root of trust.

It's designed to prevent devices from being hacked and taken over by intruders, a danger that's been in the news since the discovery of the Mirai botnet, which recently took over thousands of IP cameras to mount denial-of-service attacks.

"What ARM is trying to do is plug the holes before they can get started," said analyst Bob O'Donnell of Technalysis Research.

As the array of IoT products expands into things like connected toothbrushes, many are being made by companies that know little about security, he said. ARM recognizes this.

"They've taken on the difficult task of trying to embed as much security into the device as possible," O'Donnell said. It's a big stretch for ARM, but the company's well positioned because it already supplies the architecture for most IoT chips, he said.

TrustZone has been around for a decade for Windows, Mac OS and Android products but never for chips this small or low-powered.

The new Cortex-M33 chip design is just one-tenth of a square millimeter, and the Cortex-M23 is 75 percent smaller than that. They're the first chips based on the new ARMv8-M architecture and are designed to work with ARM's mbed OS. Chip vendors including Analog Devices, NXP and STMicroelectronics have already licensed the design.

ARM expects chips based on them to be used in products like bandages that collect and send medical data, tracking tags for packages in transit, and portable blood-monitoring devices.

These things won't be plugged in to an outlet and may not even have batteries: A pocket-sized blood-testing device for diabetics could harvest enough energy to do its job just from the motion of the user removing the cap, ARM says.

Until now, this class of chip has had proprietary security hardware and software in many cases, which caused some limitations, said Nandan Nayampally, vice president of marketing in ARM's CPU group. Added hardware made them less efficient, and developing different software for every chip duplicated effort.

With TrustZone, the chips can be secured without increasing their footprint, and they can use standard TrustZone software with APIs (application programming interfaces) for adding custom features.

Also on Tuesday, ARM introduced a cloud-based platform for managing and updating IoT processors for as long as they're deployed. The mbed Cloud software-as-a-service platform is designed to solve the problem of how to manage millions of chips in devices that may be deployed all over a city or a global enterprise.

The platform can get a device set up and connected and then handle firmware updates over time. It also has a role to play in keeping IoT chips secure.

When a device boots up for the first time in the field, mbed Cloud can provide a security key for the communications channel and specify who can get access to the data from the device, based on enterprise policies.

The service can also help to prevent IoT-based denial-of-service attacks by monitoring what's going on in the network. If there are abnormally chatty devices, it can isolate them or shut them down.

The SaaS platform isn't just for devices with ARM-based chips or the mbed OS. If customers have legacy devices with other chips running Linux or freeRTOS, for example, ARM has a software module for connecting them to the mbed Cloud.

The service can be run on multiple public clouds, including Amazon's and IBM's.

Source: InfoWorld

ARM increases security in the smallest chips IoT

After New York, Intersection is bringing its gigabit Wi-Fi street furniture to London

London is next in line to receive the high-speed Wi-Fi service that briefly brought high-speed porn to the streets of New York.

Intersection, the company behind LinkNYC, is partnering with British telecommunications operator BT and outdoor advertising company Primesight to deliver the service in London. Intersection is partly funded by Sidewalk Labs, a subsidiary of Google's parent Alphabet.

Next year, BT will replace 100 of its phone booths with the LinkUK pillars, delivering gigabit Wi-Fi, free phone calls, and local information services on built-in Android tablets. The companies aim to install up to 750 of the hotspots across the UK in the coming years.

The pillars will also offer free power, via USB charging sockets. There's no risk of them slurping your phone's contents, or infecting them via the BadUSB vulnerabilities, as the sockets contain no data lines.

"It’s just power and ground," said BT spokesman Yusuf King.

Free web browsing will not be allowed on the London Link pillars.

When the service was introduced in New York in January, some people began using the embedded tablets to watch porn in public. LinkNYC put a stop to that last month when it shut down the web-browsing option on the pillars.

It's unclear why the LinkUK tablets will only offer maps and local services, and not web access: ISPs in the U.K., including BT, are required to block adult content by default, so using the tablet to watch porn ought not to be possible there.

Limiting the tablet to providing local information has other benefits, though, said King. "Another reason to remove the tablet web browser is to prevent people monopolizing kiosks for long periods."

LinkUK, like LinkNYC, will be funded by advertising. Instead of the posters or wrap-around ad spots that Primesight will sell on 17,500 other BT phone booths around the U.K., the new pillars will each carry two 55-inch HD displays running non-stop commercials and public service announcements.

London's traditional red phone boxes won't disappear from London's streets with the introduction of the new pillars: Many of the 602 remaining in the London area are legally protected as historic architectural features. Instead, the pillars' brushed stainless steel and glass panels will replace a more recent generation of phone booths, made of the same materials.

Intersection isn't the only game in town when it comes to public gigabit Wi-Fi: Berlin is getting its own gigabit service, thanks to mobile network operator Vodafone. 

Source: Computer World

London is next in line for Google-backed gigabit Wi-Fi

Tuesday, October 25, 2016

Developers urge users to update to Joomla 3.6.4 as soon as possible

The Joomla developers are warning website administrators to apply an update for the popular content management system that fixes two critical vulnerabilities.

The flaws are serious enough that the Joomla project released a prenotification about the planned update on Friday, urging everyone to be prepared to install it as soon as possible. This suggests that attacks targeting these vulnerabilities are expected to follow shortly.

Joomla 3.6.4, released Tuesday, fixes a high-priority flaw in the account creation component that could be exploited to create accounts on a Joomla-based website even if user registration has been disabled on it.

A second vulnerability patched in this update is described as a privilege escalation issue and allows users to register on a Joomla website with elevated privileges.

It's easy to see how these two vulnerabilities could be used by hackers to bypass important security controls and gain unauthorized access to websites.

A third bug was fixed in the encryption scheme used by the Joomla two-factor authentication system, although this is not marked as a vulnerability.

Joomla is the second most popular platform for building websites after WordPress, making it a favorite target for hackers. Last year, attackers started exploiting a critical Joomla vulnerability less than four hours after a patch was released for it.

While WordPress is used by many users to build personal blogs, Joomla is used primarily by companies to create complex public-facing and internal websites.

Source: PC World

Critical account creation errors patched in the popular CMS Joomla

The deal signals Google's growing interest in VR and AR

Google has acquired a 3-year-old eye-tracking company for virtual and augmented reality headsets, signaling the tech giant's interest in the immersive technologies.

Eyefluence, founded in 2013 by serial entrepreneurs Jim Marggraff and David Stiehr, develops eye-interaction technologies to control VR and AR headsets. "Eyes can instantaneously transform intent into action, enabling communication as fast as you can see," the company says. 

The deal with Google was announced Tuesday. "With our forces combined, we will continue to advance eye-interaction technology to expand human potential and empathy on an even larger scale," Eyefluence said in a blog post.

Google released its Cardboard smartphone VR visor in mid-2014 and its Daydream View VR headset in early October. The company is also reportedly working on a high-end VR headset.

The deal allows Google to put Eyefluence's technology into VR and AR products like Daydream, allowing third-party developers and publishers to use it as part of the Google's UI toolkit, said Lewis Ward, research director for gaming and VR/AR at IDC.

Still, there are some questions on how eye control of VR and AR systems will work, he said by email. "I'm still not sure how they tell [that] you want to 'double-click,' as opposed to simply look at something for a long time, but it does make sense to leverage the eyes as a viral part of the AR/VR UI scheme moving forward," Ward added.

Google and Eyefluence didn't disclose the terms of the deal.

Source: PC World

Google plan to buy eye-tracking VR company Eyefluence

My brand is disappearing, IBM's SoftLayer object storage leader tells OpenStack conference

OpenStack users running their workloads on IBM's SoftLayer public cloud infrastructure took it calmly when the company's object storage development lead, Brian Cline, announced that SoftLayer is going away.

Cline opened his presentation with the news at the OpenStack Summit in Barcelona on Tuesday.

But it's not as bad as it sounds. The same services will still be available from the same servers, managed through the same SoftLayer control portal: Only the brand is going away.

IBM is going to replace the SoftLayer name with Bluemix, its broader cloud platform, making SoftLayer services just another page in the Bluemix catalog of infrastructure, platform and application services.

As IBM's digital content director for SoftLayer, Kevin Hazard, put it in a blog post announcing the move, "The more things change, the more they stay the same."

It's been a little over three years since IBM bought SoftLayer, seeking to provide its customers with an in-house alternative to running workloads on Amazon Web Services.

At the time, Hewlett Packard Enterprise (then just Hewlett-Packard) was following a similar course, but a year ago it announced plans to pull the plug on its own public cloud, Helion, to concentrate on hybrid and private cloud infrastructure.

IBM, though, is doubling down: After spending US$2 billion to buy SoftLayer, it's invested another $1 billion in its cloud services infrastructure since, according to a Deutsche Bank research report.

The changes to SoftLayer could be seen as further evidence of that commitment: You don't spend money integrating something you're about to switch off.

In the future, customers wanting to order further SoftLayer services will have to go to, although for the next few months they will still be available at, the company said.

While the SoftLayer control portal will keep running, IBM has integrated it into the Bluemix console too. Customers can also get a single invoice for Bluemix and SoftLayer services by linking their accounts. Single sign-on is now also possible with IBMid.

Source: PC World

IBM is folding SoftLayer into its Bluemix cloud services portfolio

Microsoft is warning of fake copies of its Security Essentials that if executed will throw a fake blue screen of death, pwn machines, and lead users to technical support scams.

Redmond regards the threat dubbed Hicurdismos as a severe threat which compromises PCs typically through bundled software installers and drive-by-downloads.

Microsoft's anti-malware and security men Francis Tan Seng and Alden Pornasdoro warn customers Hicurdismos will throw a full screen blue screen of death, disabling the ctrl+alt+delete task manager to prevent the user bypassing it, and hiding the mouse cursor to make it appear more legitimate.

Hicurdismos misleads users and lures them into "calling a number that can lead to a fake technical support scam," the pair say.

"The threat of technical support scams has been around for years, but it’s recently been observed to be growing.

"We’ve seen attackers becoming more sophisticated with their social engineering tactics to try to mislead users into calling for technical support and then they are asked for payment to 'fix the problem' on the PC that does not exist."

The blue screen of death is a tidy clone of the legitimate and much-hated kernel panic, sans the addition of a single line: "If you would like to resolve the issue over the phone you can call our support at 1-800-418-4202."

This writer attempted to call the scammers in an ongoing bid to bribe them to snitch on their operations, but the number was disconnected.

Decent antivirus products will remove the threat, while web browser script blockers and an avoidance of trash software installers will help reduce the likelihood it is encountered.

Microsoft would do well to litter its warnings with slang and GIFs. A survey the tech giant released last week found Millennials are far more likely to fall hook and sinker for tech support scams than greybeards.

This could be thanks to the proliferation of blue screen of death tech support scams on popular torrent sites like the now scuppered Kick Ass Torrents, and the still afloat Pirate Bay.

Some security wonks are fighting back. Ivan Kwiatkowski In August he permitted a tech support scammer to access his virtual machine and tricked the operator into opening a file that infected their machine with the Locky ransomware. ®

Source: The Register

Microsoft: Warning for Millennials Security Essentials bad