Archive for the ‘Software News’ category

Software-Defined Everything Offers Business Value

August 1st, 2014

One of the fast-growing trends in IT today is software-defined everything, technology that presents some compelling potential benefits for organizations.

One of the fast-growing trends in IT today is software-defined everything, in which various components within an IT infrastructure are virtualized and delivered as a service via the cloud.

In this type of environment, management and control of the storage, networking and/or data center infrastructure are automated by intelligent software, rather than by hardware components. Within the overall category of software-defined everything are software-defined storage, software-defined computing, software-defined networking and software-defined data centers.

Gartner identified software-defined anything as one of the top 10 technologies and trends that will be strategic for most organizations this year. The research firm defines a strategic technology as one with the potential to have a significant impact on the enterprise in the next three years. Factors that denote significant impact include a high potential for disruption to IT or the business, the need for a major financial investment or the risk of being late to adopt, according to Gartner.


Smartphone management flaws: users at risk

August 1st, 2014

Security researchers have revealed two separate threats this week they say could put up to 90% of the world’s two billion-plus smartphones at risk of password theft, stolen data and –in some cases – let hackers take full control of devices.

One vulnerability involves flaws in the way scores of manufacturers of Apple, Google Android and BlackBerry devices, among others, have implemented an obscure industry standard that controls how everything from network connections to user identities are managed.

The threat could enable attackers to remotely wipe devices, install malicious software, access data and run applications on smartphones, Mathew Solnik, a mobile researcher with Denver-based cyber security firm Accuvant, said in a phone interview.

A separate threat specifically affecting up to three-quarters of devices running older Android software has been unearthed by researchers at Bluebox Security of San Francisco. Dubbed “Fake ID”, the vulnerability allows malicious applications to trick trusted software from Adobe, Google and others on Android devices without any user notification, the company said on Wednesday.

“Essentially, anything that relies on verified signature chains of an Android application is undermined by this vulnerability,” Bluebox said in a statement referring to devices built before Google updated its core software late last year.

These risks could not be independently verified by Reuters.

Solnik stressed the threat to smartphone management software identified by Accuvant remained remote to average users, and said only a few dozen mobile communications experts in the world would currently be able to replicate the technique. But by publicising the risks, his company hopes to avert this becoming a danger on a global scale.

Fixing flaws

The global smartphone industry has been scrambling for the past few years to respond to an increasing number of vulnerabilities uncovered in mobile technology.

Both research groups will present their findings at next week’s Black Hat hacking conference, in Las Vegas, which is highlighting research on mobile technology, among other themes.

An Apple spokesman declined immediate comment.

BlackBerry said it was aware of Accuvant’s findings and was seeking more details.

“BlackBerry has been working closely with Accuvant. Internal and external security researchers serve a critical role in improving industry security standards,” a spokeswoman said.

A Google spokesperson declined to comment on the general vulnerability raised by Accuvant about many smartphone devices. He confirmed that Google had quickly distributed a patch to Android phone makers on learning of the issue from Bluebox.

In general, Android’s open software development process encourages individuals and security firms to report security issues, allowing the company to push patches to manufacturers, which in turn must implement the fixes.

The spokesperson said it has scanned all apps in Google Play, Android’s application marketplace, and elsewhere, and has found no risks to users. “We have seen no evidence of attempted exploitation of this vulnerability,” he said.

Christina Richmond, a security services analyst with research firm IDC, said detecting these vulnerabilities is positive in that the phone industry has a chance to act on these findings before they can be exploited by bad actors.

“These security threats have become everyday issues for billions of smartphone users worldwide,” she said. “Mr and Mrs end-user need to understand the risk of not updating their phone’s software.”

The disclosures come as market share statistics released on Thursday by mobile research firm Strategy Analytics show Android capturing a dominant 85% share of smartphones shipped worldwide in the second quarter. All major rivals from Apple iOS to Microsoft to BlackBerry lost market share.

Security researchers say Android’s rapid growth and dominant market share has come with an Achilles’ heel.

Until late last year, successive versions of Android were distinct creatures, making it hard, if not impossible for developers to update products for each software release, and meaning most Android security features could not be back-dated.

The “Fake ID” vulnerability is widespread in Android phones, dating back to the January 2010 release of Android 2.1 software, and affects all devices not patched by Google, Bluebox said.


Luoyang Xiabing Software Technologies Releases USB Encryptor to Guard Data on Mobile Devices

August 1st, 2014

The latest Global Study on Mobility Risks shows that the phenomena of enterprises’ introduction of mobile devices and employees’ carrying of mobile devices are overhead current enterprise security system and security policy. Websense also said that 51% of enterprise data leakage is caused by mobile devices. Besides, according to one research on IT persons offered by Ponemon Institute indicates that 63% of data revelation results from mobile devices; only 28% comes from desktop computer.

To better protect the data on mobile devices from leakage, Luoyang Xiabing Software Technologies Ltd. has published the new English version of USB Encryptor on some famous download sites like Softonic. USB Encryptor encrypts USB disks, mobile hard drives and other mobile devices in just seconds. They can be used on any computer without limitations after encryption. Meanwhile, data decryption is also fast as lightning.

USB Encryptor, a kind of green software with high confidentiality, is user-friendly and easy to use. Moreover, it does not need to be installed, and simply put it in the USB devices you want to encrypt and use. In short, USB Encryptor is an optimal choice for you to guard your important or private data on mobile devices.


Get Adobe Flash player