Microsoft’s Re-Imagined Internet Browser

It appears that the current version of Microsoft’s Internet Browser, Internet Explorer 11 may be the last of it’s kind. This is big news if true. Microsoft’s next browser will more then likely be a lightweight, Chrome-like and Firefox-like browser. The new browser which is currently in development has the codename “Spartan” and is rumored to be making it’s premier on January 21. This will probably be a part of the already scheduled invitation-only event offering a peek at Microsoft’s new Windows 10 operating system. Sadly I have not been invited to this event… yet.

microsoft-windows-spartan-browser

Spartan will likely ship alongside with Internet Explorer 11 when Microsoft releases Windows 10 in 2015, according to ZDNet. Windows 10 is the follow-up to the troubled Windows 8 operating system. I have been using this technical build and to date “Spartan” is not included, but that could change soon. In fact Windows 8 was so “troubled” that Microsoft skipped Windows 9 all together. Windows 10 is expected to roll out sometime after Microsoft’s Build Developer Conference beginning on April 29.

“Spartan is still going to use Microsoft’s Chakra JavaScript engine and Microsoft’s Trident rendering engine (not WebKit), sources say,” according to ZDNet. “As Neowin’s Brad Sams reported back in September, the coming browser will look and feel more like Chrome and Firefox and will support extensions.”

When Microsoft rolled out a preview build for Windows 10 in November, Microsoft announced “significant” interoperability updates for Internet Explorer. Those included more than 2,000 fixes for interoperability issues, support for 20 new platform features and a new architecture to promote interoperability and compatibility.

Released in the fall of 2013, IE 11 has enjoyed positive reviewers for speed, efficiency and standards compliance. These positive reviews for their internet browser has not been been the norm for Microsoft. Since the first version of the browser was released in 1995, however, IE has often acquired a negative reputation especially when compared to Chrome and Firefox.

This new re-branded internet browser, known as”Spartan” is another example of Microsoft’s recent adaptation to the current expectations of the tech public. However, it’s uncertain whether the rumored IE 11 successor might be “functional enough” to be included during the January 21 Windows 10 preview and may not show up in the test builds until some point later, according to ZDNet.

 

Share This:

ICS Malware Infection Could Mean Internet Trouble

A few weeks ago I wrote that there may be some troubling times ahead in respect to the internet’s structure. This weekend we learned that ISC, the home for the BIND DNS program has been infected with malware.

First, what exactly is ICS and why is it so important?

ISC is the group behind the open-source Berkeley Internet Name Domain (BIND) program. BIND is arguably the most popular DNS software on the planet. It is certainly the most used DNS program on the Unix and Linux systems that make up most of the Internet’s fundamental infrastructure.

What it DNS and How Does it Work?

dns_diagram

 

DNS is the master address list of the Internet. It is what translates every human-readable Internet address in the world, say http://www.wctechblog.com, into its IPv4 and IPv6 addresses. These numeric addresses are then used by routers and switches to move data from your computer, smartphone, tablet, whatever, to your Web sites, your e-mail server, and back again.

The result here is that this process is incredibly important.

Without DNS, there is no functional Internet.

Cyphort, an Internet security company, reported that they’d told ISC that their site had malware on it on December 22. ISC’s main site, which used an out of date version of WordPress, had, according to Cyphort had been compromised to point visitors to the sites infected with Angler Exploit Kit. The Angler exploit will only impact Windows systems and it is a Windows specific malware package.

If you manage a website or web service and the BIND code has indeed been corrupted and you have updated your DNS BIND server with the code, you could be out of service. And in addition your site might now have a security hole on it. It’s also very possible that your website could be used for a Distributed Denial of Service (DDoS) attack.

To make the situation even a little gloomier the ISC also runs the F DNS root server. This is one of only 13 root servers that the Internet relies upon for global DNS services.

The good news is that as of this report there have been no reports of issues on the BIND announcement or BIND-user mailing lists. On their webpage that now greets you on the ISC site, ISC recommends that anyone who has visited the site recently “scan any machine that has accessed this site recently for malware.”

Here we have another example of malware infecting computers and web services. malware is a plague on our internet infrastructure and our personal and professional security.

Share This:

Getting to Mars Just Got Cheaper

Orion landing on Mars.

Orion landing on Mars.

One of my New Year resolutions for 2015 is to cover more science stories for you, my dedicated readers. There is so much going on in the world of science and space technology that it will be fun to talk about some of it here.

So here we go.

Did you know NASA is planning on heading to Mars?

It is true but one of the big problems surrounding their proposed manned mission to Mars is the massive amount of fuel required for the journey — but scientists may have recently discovered a way to cut that down. And I mean by a lot.

Up to this point, NASA has used something called the Hohmann transfer approach to send satellites and rovers to Mars, which requires a whole lot of planning and timing to ensure the craft and Mars are on the same trajectory to be as close as possible when it gets there. That’s important, because the distance between Earth and Mars changes drastically depending on the orbit, and we only have a launch window of once every 26 months to get it right.

Well, that could be changing if mathematicians Francesco Topputo and Edward Belbruno are correct about using a strategy called ballistic capture to get a space craft to Mars. Instead of having to hit the “bullseye” and blow a ton of fuel to slow down once the craft reaches the Red Planet, this strategy uses Mars’ motion as an asset to have a future craft basically just cruise a bit slower than the planet while allowing Mars’s own gravity to rope it into a stable orbit.

549a9b7c4825d

Structure of the ballistic capture transfers to Mars. Credit: arXiv:1410.8856

Why is this so important? You must remember that a proposed manned mission would use approximately 25 % of its fuel to slow down once it reached the planet, but on the other hand this strategy would let gravity do most of that work which would mean lower fuel needs. This would allow for a smaller rocket, or perhaps more important allow more room for additional people and equipment. When you’re traveling 140+ million miles providing extra space and a bigger crew is really going to be important. 

Share This:

Do You Want to Keep an Eye on Santa Tonight?

Another Christmas is just about upon us and that means Santa arrival is only hours away. With technology of course there are many ways Santa’s journey can be monitored and tracked. But what are your best options if you want to keep an eye on Santa this Christmas eve?

NORAD and Google both have online Santa Trackers this year and you can even watch him on your smartphone, via their apps.

So here’s how the two compare:

Norad Santa Tracker
AppleAndroidWindowsOnline • FREE

NORADSantaTracker

For one day only the nice folks at NORAD, (that’s the North American Aerospace Defence Command), hand over their satellites so the world can watch out for Father Christmas and his pack of reindeer.

The Norad app brings a precise GPS location of Santa and will show you exactly where the jolly fellow is so you can be sure the kids are firmly tucked up in bed.

Both the app and website are packed full of games which should help to stop the kids asking, “how much longer ’til Christmas day?”

There is a free app as well as a $2.99 version which offers additional features.

GOOGLE SANTA TRACKER
AndroidOnline • FREE

google-santa-tracker

Google are also offering the chance to watch out for Santa this year.

The big problem here is that their app is only available to Android phones but the website is full of fun for everyone.

You get treated to a fully interactive festive map and Santa’s dashboard, which features Google Maps’ technology and “sleigh engineering” to follow him on some of his stops.

There is also plenty of Christmas-themed games and videos to keep everyone entertained.

Happy Holidays to all and have an Appy Christmas!

Share This:

The Cloud Remains The Property of… You

zz4HhvrW_400x400Cloud storage is becoming increasingly popular. This is the result of the falling cost of cloud storage coupled with the ability to access data from anywhere and on any device. Microsoft’s OneDrive is my cloud storage service of choice and without a doubt one of the better cloud platforms out there, particularly when it comes to value for money.

All users who sign up to OneDrive now get 15GB of free storage, and further storage can be inexpensively added on an annual subscription basis. But if you get an Office 365 subscription – from as little as $69.99 a year – you’ll get unlimited OneDrive storage included in the price. Given that you can now pick up a free Office 365 sub with many ultra-affordable Windows tablets and notebooks these days, Microsoft’s cloud solution clearly offers great value.

microsoft-onedrive

There is one… concern with all of this. What happens when your OneDrive subscription runs out? Does Microsoft instantly delete all of your files? Do you have to pay more money to be able to access your data?

Recently contacted by TechRadar Microsoft explained that after your subscription expires, “you’ll still be able to view, share and download files, but you won’t be able to upload files until you buy more storage”.

I would guess that you would not be able to share new versions of existing files once your account expires, but as Microsoft says, you will still be able to access all of your files on OneDrive even after you stop paying for your storage subscription, which of course means that you can later download your files and delete them from OneDrive if you truly want to cancel the cloud service.

This is all good news for users fearful of signing up for a cloud storage service and although this report only addresses Microsoft’s OneDrive I am confident that the majority of cloud storage services are following this same business model.

Remember the data is yours, the cloud storage service is simply a hard drive in the sky.

 

Share This:

3G Continues to Cause Security Issues for 4G

cellphone-towerMany smartphones operate on LTE networks that offer upgraded security features. However they still need to interact with outdated networks that are full of security holes. In fact, the old SS7 network, originally designed in the 1980s, has several flaws that could be used by hackers or governments that want to track or listen in on your calls.

Hackers can use SS7’s built-in functions to steal your communication information. For instance, they can request temporary keys through SS7 to unlock calls made through more secure and encrypted networks like 3G.

These vulnerabilities continue to exist even as cellular carriers invest billions of dollars to upgrade to advanced 3G technology aimed, in part, at securing communications against unauthorized eavesdropping. But even as individual carriers improve the security of their systems, they still need to communicate with each other over SS7, leaving them open to any of thousands of companies worldwide with access to the network.

Anyone with the right tools and skills can use the SS7 network to track calls, listen in on conversations and steal texts. They can even record encrypted calls and decode them at a later date.

While German researches are just now making this threat known to the public, some believe that government intelligence groups have known, and used, the flaws for some time now.

“Many of the big intelligence agencies probably have teams that do nothing but SS7 research and exploitation,” said Christopher Soghoian, principal technologist for the ACLU and an expert on surveillance technology. “They’ve likely sat on these things and quietly exploited them.”

Your cell carrier could more then likely prevent these hacks by refusing to provide the encryption keys needed to unlock calls made from 3G networks. But, so far the hacks have worked against more than 20 worldwide networks tested by the researchers.

Since the hack uses the SS7 cellular network, you are likely safe with [text] messaging systems that avoid it altogether and employ end-to-end encryption like Apple’s iMessage. When making a call, you could use an Internet-based VoIP system like Skype – as long as your Internet network is secure. You could also take German Senator Thomas Jarzombek’s advice.

“After all the NSA and Snowden things we’ve heard, I guess nobody believes it’s possible to have a truly private conversation on a mobile phone,” he said. “When I really need a confidential conversation, I use a fixed-line” phone.

The morale of this story that today, do not consider any conversation on your mobile device truly private.

Share This:

Securing Adobe

pdf-logo-100025338-galleryAdobe Reader is one of the most popular programs on the Web. It’s a free program that lets you easily view and sign PDF documents that anyone sends you. Since PDF documents are incredibly important, Reader is on most computers.

Hackers frequently target this program and so you need to install the frequent updates to keep hackers at bay. That’s why I’ve rounded up links so you can make sure you have the most recent versions.

In order to download and use the updated versions, you must have a version of the program already installed. Adobe might also try to install Google Chrome and an Adobe toolbar as you’re trying to update. Make sure you opt out of these if you don’t want them.

If you’d like to skip the whole process entirely, you can dump Reader for another PDF program. Sumatra and Foxit Reader are all good choices. Some browsers have a PDF viewer built in as well.

No matter what you use, make sure you’re running up-to-date security software, too. This will help prevent viruses from hitting your computer if hackers try to sneak one in.

Share This:

Microsoft Strikes Back Against Tech Support Scammers

phone-trap-2This past weekend my dad called me (again) reporting that his PC was running “slow” and displaying “pop-up messages” and the internet browser was taking him to strange pages and “weird homepages”. As I was working on the PC my dad asked several times “who writes these things” and “why doesn’t every get arrested or charged” for infecting computers? I tried to explain that malware was a scourge on computers, and that it is normally triggered usually through email or visiting compromised websites. I also said that catching these cyber-criminals is incredibly difficult at best. Then I learned about Microsoft’s attempt to actually hold these cyber-criminals accountable.

Another incident that actually occurred to my dad about a month ago was a fake support message that popped up on his PC and without thinking he called the phone number listed. Fortunately he did not provide any credit card information to the the tech support company” to fix his PC and he called me instead. This is important with tech support scams. Never give anyone on the phone your credit card information!

These ongoing attempts to scam people by offering fake support and installing malware on PCs are growing at an alarming rate, and Microsoft has decided to take action.

The first example of this is Microsoft’s recent lawsuit against the software company, Omnitech Support.

Pop Up Windows offering tech support should be avoided at all costs.

Pop Up Windows offering tech support should be avoided at all costs.

As Microsoft detailed in a recent blog post, the Omnitech Support allegedly called customers and offered them to “fix issues with Microsoft software” that were not actually affecting their computers. Not just that, they actually created new problems by installing malicious software on these PCs then offering to “fix it”.

It is also evident that in addition to cheat unsuspecting computer users out of money they also have the intention of gaining access to personal data, passwords and financial information.

Microsoft has claimed that it had received 65,000 customer complaints since May 2014, with these fraudulent attempts to offer tech support using Microsoft brand and trademarks:

“Omnitech utilized the Microsoft trademarks and service marks to enhance their credentials and confuse customers about their affiliation with Microsoft. Omnitech then used their enhanced credibility to convince consumers that their personal computers are infected with malware in order to sell them unnecessary security services to clean their computers.”

As of right now there is no data on the number of users that fell victim to these scam attacks, but if the lawsuit is an indication, there probably is a large number of people that were tricked.

Microsoft has recommended that users refuse to pay for support when someone contacts them directly, and avoid paying for any such services.

And disclosing personal information and credit card details on phone should be avoided all times.

Share This:

Staples Data Breached

StaplesIf there is one thing for certain it’s that 2014 will be remembered as the year of data breach. These countless data breaches were almost always the result of the organization being infected with malware. This weekend as 2014 is about to conclude we have yet one more huge reported data breach, impacting countless customers.

The data breach this time was at the Staples office supply chain and it may have affected roughly 1.16 million payment cards. Once again like in so many similar cases earlier this year criminals deployed malware to point-of-sale systems at 115 stores.

The affected stores cover 35 states from California to Connecticut, according to a list Staples released Friday. The chain has more than 1,400 stores in the U.S.

The malware, which allowed the theft of debit and credit card data, was removed in mid-September upon detection, Staples said. The retailer had previously confirmed the incident in October. A previous report from security researcher Brian Krebs around that time cited fraudulent transactions traced to cards that were used for purchases at Staples stores in the Northeastern U.S., but apparently the attack was much wider than that.

The malware may have allowed access to transaction data including cardholder names, payment card numbers, expiration dates, and card verification codes, for purchases made between Aug. 10 and Sept. 16, Staples said Friday.

At two of the stores, the malware may have involved purchases over an even longer period, from July 20 through Sept. 16. Staples has posted a list of all the stores involved on its site.

Staples is offering free identity protection services, including credit monitoring, identity theft insurance, and a free credit report, to any customer who used a payment card at any of the affected stores during the relevant time periods.

Staples is another in a long line of retailers to have had sensitive data stolen this year.

Protecting Our Data

There are some ways to prevent these types of data breaches. The most immediate and effective manner is for organization’s to take information security seriously. Malware is a plague on our data systems but with strong security systems and policies in place malware can be prevented. Another solution will be the addition of chips to payment cards which are already being used in most of the world but not often in the United States. This could also help prevent future attacks. But a broad rollout of the technology may take a long time.

Share This:

Microsoft’s Play with OneDrive for Your Music

Could Microsoft be on the way to stealing some of Apple's iTunes users?

Could Microsoft be on the way to stealing some of Apple’s iTunes users?

If you are a dedicated OneDrive user like me, and if like me you have “unlimited” OneDrive space the one thing missing from this perfect cloud storage relationship is a built in music player for OneDrive. With unlimited storage (with Office 365) there is no end to the amount of music that you can store in the cloud. However Microsoft has not built in a music player for OneDrive… but that is about to change.

Microsoft announced today that the company is selling its MixRadio music service to LINE however at the same time the company is about to make some serious improvements to its Xbox Music service and it comes with a little help from OneDrive.

There has been rumor and real evidence recently that OneDrive was going to soon support music storage. An upcoming update to both OneDrive and Xbox Music will make it possible to store your music in OneDrive and access it anywhere using the Xbox Music app.

It is also believed that there will be an option to import playlists from other services, such as iTunes.

This update for Xbox Music and OneDrive will make it easier to access your content on nearly any device and proves Microsoft’s commitment to the music streaming service. This this means that music lovers like me with large audio libraries will be able to listen to all of their music, anywhere, without any additional fees.

This is a big deal for Microsoft because Apple currently charges $24.99 for a very similar service.

It is believed by many that the update could roll out soon. I will be watching closely for this update and report on it as soon as I get a chance to check it out. This will be Microsoft’s attempt to snatch some users from Apple and other music services for Xbox Music.

Share This:

1 2 3