Acer um09h70 Battery www.all-laptopbattery.com |
Posted: November 22, 2017 |
Never one to slip into lazy clichés, Today asked her to come up with a few words of wisdom, which she then obliging provided.Get rid of your devices: 'I'm one of the wealthiest people in the world. I'm as wealthy as Warren Buffett, because I measure my wealth by having uninterrupted time. I have no cell phone except one to use for emergency. I have no laptop. I have no smartphone, no iPod … [Um, I think we've reached that point now -Ed.]So there you go. An old woman whose brains continue to work has been given a job rather than left to play bingo and slowly waste away.Barely a week after the breaking of the Superfish scandal, Lenovo has done a complete reverse ferret on bloatware - promising that by the time Windows 10 comes out its systems will be as pure as they can be.“The events of last week reinforce the principle that customer experience, security and privacy must be our top priorities,” the firm said in a statement supplied to the Register today. “With this in mind, we will significantly reduce preloaded applications. Our goal is clear: To become the leader in providing cleaner, safer PCs.The company has been in frantic firefighting mode since the discovery of the SSL-busting Superfish code in a wide range of its consumer PCs caused an uproar. It has since issued automated tools to get rid of Superfish and has worked with antivirus vendors to get the Komodia library and certificate in the adware removed. Lenovo is now offering all customers who had Superfish (those who bought a consumer PC between September last year and January) a free six-month subscription to McAfee Livesafe security scanner (or six free months extra if you already have it).By the time Windows 10 comes out, the company is promising that the new systems will contain just “the operating system and related software, software required to make hardware work well (for example, when we include unique hardware in our devices, like a 3D camera), security software and Lenovo applications.In addition the firm is going to publish a full list of all the code that’s installed on each PC, so that consumers can be clear as to what’s coming preloaded onto that shiny new Yoga or Flex laptop.The new corporate position is a bold move by Lenovo, and a sign the company realises quite how much trouble it is in. Whether or not it’ll win over consumers, and restore Lenovo’s tattered reputation among techies, remains to be seen. Features are a common enemy of security. Router manufacturers differentiate with price and bells and whistles, and this is where hacker Peter Adkins – who this week published un-patched vulnerabilities in D-Link routers after a communication breakdown – places the lion's share of fault.The main factors here I would guess to be a combination of cost, code reuse and sprawling feature sets, Adkins says. The platforms the devices are build upon may be solid – such as OpenWRT – but then additional services are 'bolted on' to provide value-add, and that security seems to go straight out of the window.
Common firmware environments supplied by chipset manufacturers means many of the vulnerabilities of recent years were shared across router makes. NetGear and TrendNet had trivial authentication bypass vulnerabilities due to what Young says was a huge logic error in the embedded HTTP server. Fast forward to August at the SOHOpelessly Broken contest and Young had popped a D-Link router using a flaw he later found was publicly documented for more than a year.It seems to be a recurring theme that after finding and reporting a vulnerability, I learn that someone else had reported the same issue to the vendor yet the flaw still exists, or I find that the vendor fixed an issue on one model and left a dozen others unpatched, Young says. Last year he reported a shocking flaw in the Linksys WRT54g only to learn the firmware bug had been reported seven and a half years earlier and was still unfixed.It isn't just code reuse. Design flaws abound in home routers in no small part because of the need for usability and function, which trump security in the time-to-market race.Much of the problem I think comes from vendors competing in a feature race on a product with potentially razor thin margins, Young says. Developers know that there is a tight timeline for getting their code ready and therefore take shortcuts and ignore potential security threats.Other prominent hackers requesting anonymity agree the market is cheapening routers and squeezing out security. Consumers vote with their wallets and data shows that they have a price threshold over which they are not willing to spend on a SOHO router, one says. So the manufacturers say that they don't invest in security because it will increase prices, which the market will reject, however I call BS on that as there is absolutely a market of consumers who will pay more for a secured device.Shodan's Matherly agrees on the role of the price squeeze, but he adds that engineers need to better understand security to reduce the gaping but simple holes in routers. These aren't attacks carried out by organisations with millions of dollars at their disposal. They're discovered by individuals that happen to have the router in their home and want to make sure it's not compromising the security of their network.Matherly suggests simple preventative measures: don't re-invent the wheel; use existing hardened firmware designs, preferably open-source like OpenWRT; and add a dose of engineer security training. Consumers, too, should research a vendor's security chops. The risks if nothing changes is that the internet will continue to be filled with devices that can be compromised and used to execute malware, steal personal information and in the near future take control of your house … if that central piece of your home is compromised, it provides access and control to every part of your life.A more secure out-of-the-box product must be developed, according to Adkins, which could be achieved with the simple feat of disabling by default any features that extend a router's attack surface. Perhaps [vendors could] even recommend the user register with the vendor for security updates as part of a 'quick-start' process – well before the device is connected and stashed away in a closet somewhere, he says.Beyond automatic updates to avoid the unrealistic expectation that users will manually download-and-patch their routers, Young reckons a security star rating could help guide consumer tastes.
Something along the lines of a consumer advocacy group tasked with reviewing and grading products based on results of a standardised security assessment similar to how cars are tested for safety, he says. In this scenario, vendors would drive to make their products more secure so they can advertise a higher security score for the product to influence purchasing decisions. This situation would present an impetus for the vendors to change as it would directly affect their bottom line in the form of sales numbers.Failing that, more full disclosures or forceful initiatives like Google's Project Zero vulnerability research program could work.If nothing is done - and so far efforts are thin on the ground - the potential for more Lizard Squad-style stressors that could threaten enterprises will grow, says ProofPoint's Epstein.There are millions of Internet-of-things, and there will soon be more than laptop computers and smartphones combined, he says.An attacker who could mass-compromise significant numbers would have substantial distributed computing power at their command, for DDoS attacks, phishing, or even compute tasks like decryption. Such mass-compromises would clearly represent significant challenges to legacy enterprise security. HP kicked off its fiscal 2015 with a disappointing first quarter, reporting revenue and earnings both down for the three months ending on January 31, as compared to the year-ago period.Total revenues for the quarter were $26.84bn, a 4.7 per cent year-on-year decline that underperformed analysts' estimates.The firm's net earnings of $0.92 per diluted share beat Wall Street's estimates by a penny, but its total earnings of $1.37bn were likewise down 4.1 per cent from the year-ago quarter.In a conference call with financial analysts on Tuesday, CEO Meg Whitman tried to pin much of the blame for HP's sagging numbers on the US dollar's strength in the currency markets, but there was no mistaking that the tech giant's revenues were down across nearly every segment of its business.Notebooks and servers were the two bright spots in HP's portfolio. The company's consumer laptop division saw its revenues grow by 9 per cent, year-on-year, while its industry standard server business was up 7 per cent.Other than that, storage revenues were flat and everything else was down, across the board.
|
|||||||||||||||||||||||||||||||||||||||||||
|