OnlySoftwareBlog

General discussion, news & views about Software

Posts Tagged ‘Analytics’

Piwik software installer rigged with back door following website compromise

November 28th, 2012

An unknown attacker inserted malicious code into the latest version of the Piwik open-source Web analytics software after compromising the project’s website on Monday.

Piwik can be used to track and generate statistics about visitors, ad clicks, website referrers and aspects of a website’s traffic. It’s similar to Google Analytics but designed to be installed and hosted by website owners on their own servers.

According to its creators, Piwik has been downloaded 1.2 million times and is used on more than 460,000 websites.

However, users who upgraded to Piwik 1.9.2 on Monday between 15:43 and 23:59 UTC might have installed a version of the software with a back door.

“Piwik.org webserver got compromised by an attacker on 2012 Nov 26th,” the Piwik administration team said Tuesday in a security advisory. “This attacker added a malicious code in the Piwik 1.9.2 Zip file for a few hours.”

The rogue code was inserted at the end of the piwik/core/Loader.php file and used base64 encoding for obfuscation. Users who find the code in their installations should back up the piwik/config/config.ini.php file, delete the whole piwik directory, download a fresh copy from the official website and reinstall the software, the Piwik administrators said.

The hacker compromised the Piwik.org website by exploiting a vulnerability in a third-party plug-in for WordPress — the content management system used on the website — and not by exploiting a vulnerability in the Piwik software itself, the administration team said. “As far as we know, the Piwik software does not have any exploitable security issue.”

The Piwik team is working on putting mechanisms in place to reduce the likelihood of a similar compromise happening in the future.

Piwik’s developers already take security seriously. The project has a vulnerability bug bounty program in place through which it pays security researchers who responsibly report flaws they find in the software $200 or $500, depending on the bug’s severity.

It’s not the first time hackers have compromised a software distribution server and placed a back door in software delivered to users. Back in September, hackers inserted a malicious file in the phpMyAdmin package distributed from a compromised Korean SourceForge mirror server. SourceForge is a Web-based collaborative software development and repository platform that hosts more than 324,000 software development projects.

In June 2011, the WordPress development team announced that back doors had been inserted into some fairly popular WordPress plug-ins through the official plug-in repository.

Last week, the FreeBSD Project announced that two of its software building servers had been compromised back in September and said that it cannot guarantee the integrity of any third-party software packages distributed by the project between Sept. 19 and Nov. 11, when the security breach was detected.

Source:http://www.arnnet.com.au/article/443113/piwik_software_installer_rigged_back_door_following_website_compromise/?fp=4&fpid=1382389953

Comments Off »

Posted in Software News

Tags: Analytics Software Web

Oracle Attacks Tape Management With Analytics Software

April 10th, 2012

Share

Tape-storage administrators will be able to get performance information and immediate directions to prevent data loss in new management software, called StorageTek Tape Analytics, that Oracle introduced on Monday.

Facebook probably wouldn’t run its newly acquired Instagram service off tape storage, but this unsexy technology is still widely used in enterprises for backup and archiving of critical data. It can cut electricity costs versus hard disk drives that constantly stay on, and tapes holding terabytes of uncompressed information can be shipped overnight, typically a faster solution than sending a huge amount of data over a network, industry analysts say.

The new StorageTek software lets enterprises manage tape systems all over the world through one screen, according to Oracle. It can deliver details about the health of tape drives and media on the company’s StorageTek Modular Library System, give warnings when there are problems and recommend actions to prevent data loss, Oracle said.

The software can gather performance information directly from tape libraries rather than cutting into the data path and creating a separate monitoring environment, the company said.

Having one view for all tape storage is ideal for organizations using cloud computing, according to Oracle. In addition, Tape Analytics can scale up to accommodate the growth of an archive for as long as it is in use, keeping historical data in addition to new performance information, according to Oracle.

Robotic equipment has eliminated much of the manual effort of maintaining tape libraries, but the infrastructure doesn’t totally run itself, said 451 Group analyst Henry Baltazar. Tapes are still a physical medium that can fail.

“Clearly, if something goes bad, you need to be able to … figure out what tape sets are bad or which tape sets are at risk, and have those recreated or whatever you need to do,” Baltazar said.

Among the steps that need to be carried out and verified is “re-tensioning,” similar to tightening an audiocassette to make sure it can advance smoothly, he said.

“Even though tapes are designed to be held for decades, there’s still a lot of maintenance that goes into that,” Baltazar said. Management software can eliminate some of the administrator tasks required to make those maintenance steps take place, he said.

StorageTek Tape Analytics works exclusively with the StorageTek Modular Library System and is available now. Sun Microsystems acquired StorageTek in 2005 and subsequently was bought by Oracle in 2009. Oracle is now one of the world’s largest tape infrastructure vendors, along with Spectra Logic, IBM and Hewlett-Packard.

Source:http://www.pcworld.com/businesscenter/article/253490/oracle_attacks_tape_management_with_analytics_software.html

Comments Off »

Posted in Software News

Tags: Analytics Management Software

Demand for Business Analytics Software and Solutions Growing

October 11th, 2010

Share

A new report published by International Data Corporation (IDC) reveals how the market for business analytics software and solutions will grow as end users become more familiar with how the technology and related business practices can be used to improve competitiveness. As a result, IDC forecasts the business analytics market to grow at a compound annual growth rate (CAGR) of 7.0% over the 2009-2014 forecast period with even greater growth expected over the next ten years.

After three decades of existence, the business analytics market is finally reaching the mainstream market and gaining status as a formal management discipline,” said Dan Vesset, program vice president for IDC’s Business Analytics Solutions research. “As the benefits of business analytics become better known, especially among executives, the demand for a wider range of solutions and services will create new opportunities and drive the market to new heights.”

IDC’s research shows that end users are hearing more about the benefits of business analytics from widely publicized cases about large retailers, social networking sites, search engines, intelligence agencies, and other organizations that generate and analyze vast amounts of data. Previous cases of advanced uses of business analytics were either poorly publicized or they were from “boring” industries that didn’t catch the attention of the press.

As business analytics becomes better understood, IDC believes both vendors and end users should shift away from the discussion of data (or content) and toward discussions about decision making. The lessons learned from the past two decades are that end users will never be able to fully predict their data needs nor will the technologies be able to pre-build data models that will satisfy end users. Understanding decision processes will, however, enable a closer collaborative relationship between IT and business and enable the development of more flexible systems that take into account ways in which end users make decisions.

The IDC study, Worldwide Business Analytics Software 2010-2014 Forecast and 2009 Vendor Shares (Doc #225038), examines vendor revenue performance in the business analytics software market for 2007-2009 and presents a forecast of the market, including its 11 segments, for 2010-2014. The study further presents short profiles of the leading business analytics software vendors and IDC’s Competitive Market Map of this market as well as of the analytic applications segment of the market.

To learn more about the latest developments, best practices, and emerging trends in the business analytics market, join the discussion on the IDC Business Analytics Blog. This user-focused blog serves as a cross-industry interactive dialogue to share valuable information and ideas, promote discussion, and bring together business analytics thought leaders and practitioners. IDC analysts contributing to the Business Analytics Blog include:

Source:-http://www.koreaittimes.com/story/10917/demand-business-analytics-software-and-solutions-growing