The New Surface 3 Battles the IPad

Today Microsoft has officially announced the Surface 3. Not the Surface Pro 3, but the Surface 3. This was a surprise to many of us. This is a “non-Pro” version of Microsoft’s tablet which is geared toward families and consumers. However given the improvements over even the Surface Pro 3 (except for the limited kickstand positions), some businesses might actually consider adopting this new fanless device.

Surface-PDP-128GB-MQ2-00004-Large-desktop

 

Surfacing Against the iPad Tide

There is little doubt that this is Microsoft’s attempt to nudge into the iPad market. The pricing is aggressive and compared very favorably with the iPad line.

The price: 64GB / 2GB RAM / Wi-Fi = $499, 128GB / 4GB RAM / Wi-Fi = $599.

An unlike the Pro version there is going to be a LTE version here. Pricing for the 4G LTE models have not been set yet, but expect it to be at least $100 more. Microsoft has suggested that these models will be available through T-Mobile and Verizon later in the year.

You can pre-order today and through Microsoft Stores, microsoftstore.com and select retailers, and it wll be on sale beginning May 5, with availability in 26 markets by May 7. Display units will be on-hand in Microsoft Stores starting April 1 so you can get a demo.

Just like the Pro the Surface 3 will require new keyboard covers and accessories, which will be available when the new Surface 3 ships. A new Type Cover ($129), a Surface 3-specific docking station, a Surface 3 Screen Protector, and the Surface Pen ($49) sporting new colors (silver, black, blue and red) will be available. Unlike the Surface Pro 3, the pen is a separate purchase.

Well done Microsoft. I like this play at grabbing some of the iPad market.

Share This:

Energy Sector Attacked by Malware

1994-malware_articleMalware is a plague on our personal security. Today yet another malware security threat has arrived from the energy sector.

The program, named Trojan.Laziok by researchers from antivirus vendor Symantec, was used in spear-phishing attacks earlier this year against companies from the petroleum, gas and helium industries.

The attacks targeted companies from many countries in the Middle East, but also from the U.S., India, the U.K., and others.

The Trojan is spread via emails with malicious documents that exploit a Microsoft Office vulnerability for which a patch has existed since April 2012.

“If the user opens the email attachment, which is typically an Excel file, then the exploit code is executed,” the Symantec researchers said Monday in a blog post. “If the exploit succeeds, it drops Trojan.Laziok, kicking off the infection process.”

Trojan.Laziok is mainly used to determine if a compromised system is worth further attention from the attackers. It collects information like the computer’s name, RAM size, hard disk size, GPU and CPU type, as well as a list of installed software, including running antivirus programs.

The information is sent back to the attackers, who then decide if they want to deploy additional malware that can provide them with remote access to the infected system. For this second stage of attack they use customized versions of Backdoor.Cyberat and Trojan.Zbot, two well known malware threats.

“The group behind the attack does not seem to be particularly advanced, as they exploited an old vulnerability and used their attack to distribute well-known threats that are available in the underground market,” the Symantec researchers said. “However, many people still fail to apply patches for vulnerabilities that are several years old, leaving themselves open to attacks of this kind.”

What is concerning to many is that energy sector companies have been attacked so often by malware. “Of the total number of incidents reported to ICS-CERT, roughly 55 percent involved advanced persistent threats (APT) or sophisticated actors,” the organization said. “Other actor types included hacktivists, insider threats, and criminals.”

Share This:

Spartan Arrives

Spartan has arrived on my Surface Pro 3!

Microsoft has been talking about the capabilities of Project Spartan for months, but very few have actually seen it, until today. Yesterday, Microsoft finally rolled out a brand new Windows 10 build to Fast Ring Windows Insiders, build 10049. I received this build last night and quickly installed it.

spartan1

There are also some fixes for known issues and more improvements, but the primary reason for this new build is so that Windows Insiders can finally get a chance to test the new browser (Known as Project Spartan) Microsoft is pinning as the future of web browsing.

Build 10049 is propagating now and should be available everywhere within the next hour or so. I have mine and will be checking out Spartan over the next couple of days.

Stay tuned.

Share This:

British Airways Customer Database Hacked

BritishAirwaysYes another security breach has been exposed, this time it is British Airways.

Reports have surfaced that during the last few days, a large number of British Airways customers have found that reward points they had accumulated for flights, called Avios, have disappeared from their accounts. Meanwhile others have been locked out of their accounts completely.

As has become typical of these types of security breaches BA has been giving out “contradictory” information at times.

It seems that this security breach is the result of hackers gaining access to a large number of accounts.

A user posted an email message he received from British Airways’s Executive Club team saying that the company “has become aware of unauthorized activity” on his account. The Executive Club is the name of BA’s frequent flyer program.

“This appears to have been the result of a third party using information obtained elsewhere on the Internet, via an automated process, to try to gain access to your Executive Club account,” the email said. “We understand this was login information relating to a different online service which you may have also used to access your Executive Club account.”

It’s not unusual for hackers to try to access user accounts on multiple services once they obtain a large database of usernames and passwords from a hacked website. That’s because many users tend to use a single email address and password to log in on different online accounts, a practice that security experts have long advised against.

In the email posted online, the company said that despite hackers gaining access to accounts, it is unaware of any access to account information pages, flight history or payment card details.

Users who find themselves in this situation and want to use their Avios miles are advised to contact their local Executive Club service center to reactivate their accounts.

Protecting Yourself

As I have suggested many times you are foolish to trust big organizations and companies with your personal information. The best ways to protect yourself from security breaches like this one are to:

  • Invest in a Password Manager
  • Use a different password for each and every account you hold.
  • Use encrypted passwords

If you take these steps, you will be protected when companies like British Airways are hacked.

Share This:

Amazon Offers Unlimited Cloud Storage

amazoncloud1I just wrote last week that the cloud is here to stay and it is benefiting everyone with lower cost and better services then ever before. To prove this point even more clearly, Amazon last week laid down another gauntlet.

Amazon is now offering unlimited cloud storage for individuals for $5 a month.

Amazon’s Unlimited Everything Plan allows users to store an infinite number of  photos, videos, files, documents, movies and music in its Cloud Drive.

The site also announced a separate $12 per year plan for unlimited photos. People who subscribe to Amazon Prime already get unlimited capacity for photos. Both the Unlimited Everything Plan and the Photos Plan have three-month free trial periods.

Online storage and file sharing service providers, such as Google Drive, Dropbox, and iCloud, have been engaged in a pricing war over the past year. Last fall, Dropbox dropped its Pro plan pricing for individuals to $9.99 per month for 1TB of capacity. Dropbox offers 2GB of capacity for free.

Dropbox also offers members 500MB of storage each time they get a friend to sign up; there’s a 16GB max on referrals, though. With Dropbox Pro, members can get 1GB instead of 500MB each time they refer someone.

Google Drive offers 15GB of capacity for free and charges $1.99 per month for 100GB and $9.99 per month for 1TB.

Apple’s iCloud offers 5GB of capacity for free, and charges 99 cents per month for 20GB, $3.99 per month for 200GB and $9.99 per month for 1TB.

Microsoft’s OneDrive offers 15GB of capacity for free, and charges $1.99 per month for 100GB, $3.99 per month for 200GB and $6.99 per month for 1TB.

While Amazon offers unlimited file size uploads for desktop users, it limits file sizes to 2GB for mobile devices.

Learn more at about the Amazon Cloud here.

Share This:

Congress Continues to Act on Cyber Threat

law

The federal government is obviously – finally trying to at least address the growing cyber threat we all face. The U.S. Congress is working on several forms of legislation, the latest of which attempts to address the sharing of potential threat information.

The U.S. Congress is moving forward with legislation that would encourage private companies to share cyberthreat information with government agencies, despite concerns that two leading bills weaken consumer privacy protections.

The House of Representatives Intelligence Committee voted Thursday to approve the Protecting Cyber Networks Act (PCNA), just two days after the bill was introduced.

The House bill “is a cybersurveillance bill at least as much as it is a cybersecurity bill, and it is written so broadly that it could wind up making the Internet less safe,” Robyn Greene, policy counsel at the New America Foundation’s Open Technology Institute [OTI], said by email.

The PCNA requires government agencies to “automatically and indiscriminately” share information they receive with military and intelligence agencies, OTI said in a critique of the bill. The bill would allow other agencies to pass cyberthreat information to the FBI and the National Security Agency, where “it could be used in investigations that have absolutely nothing to do with cybersecurity,” Greene said.

While the PCNA limits what personal information businesses can share with government agencies, it does not actually require companies to remove all personal information, OTI added. In addition the bill authorizes companies to monitor all activities and communications of users as a way to identify threats, OTI said.

The House bill would “explicitly undermine every rule that is currently in place to protect Americans’ Internet privacy, and replaces them with dangerously weak protections,” Greene added. “It would massively increase companies’ monitoring of our online communications and activities, and give them a nearly blank check to share that information with the government.”
The bill came after several months of negotiations that included privacy groups, Schiff said through a spokesman. The committee addressed the main concerns raised by privacy groups, he added. The bill requires companies to remove personal information before sharing information with the government and limits the way government can use the data, he said.

The bill also does not authorize offensive countermeasures against attackers, he noted, even though that would be permitted in other information-sharing proposals.

“Protecting privacy was at the forefront during the process of crafting this bill, and I’m pleased by the progress we’ve made,” Schiff said.

Share This:

Amazon’s New Photo Cloud Offer

amazoncloud1If you still believe that the cloud is not relevant all you need to do is look at all, and I mean all of the big technology companies out there. Each and everyone is moving in that direction and many are actually using cloud services as a lure to attract consumers to their other services. What this means is that cloud storage is cheaper and better then ever before. Just this week Amazon has enhanced their cloud services and reduced cost in an effort to compete with Google and Microsoft.

So getting back to Amazon. Earlier Amazon had given a boost to its Prime members when it launched a free, unlimited photo storage for them on Cloud Drive. This week, the company announced it is expanding that service as a paid offering to cover other types of content, and to users outside of its loyalty program (non-Amazon Prime members).

Unlimited Cloud Storage will let users get either unlimited photo storage or “unlimited everything” — covering all kinds of media from videos and music through to PDF documents — respectively for $11.99 or $59.99 per year.

There is a free three month trial period for anyone interested in the service.

As I said at the start of this article the idea here is to tap into the average consumer who has started to reach a point with the amount of digital media he or she now owns and the struggle to organize, secure and store all of that data.

Comparing to Office 365 Home

I still believe Office 365 Home is a much better deal. For $99.99/year you get unlimited cloud storage with OneDrive (which you can also use for music and photos) in addition to the latest version of Microsoft Office on up to 5 computers/laptops and tablets.

Share This:

Microsoft Cloud – An Introduction

As our organization prepares to travel even deeper into Microsoft Cloud Services with SharePoint and OneDrive for Business we provided this short preview to the staff today.

You can view all of our previous training presentations here.

Share This:

USB 3.1 Arrives

usb-157656_6401There is a new USB standard about to arrive and it’s called USB 3.1. This new standard is set to reach desktops as hardware companies release motherboards with ports that can transfer data twice as fast as the previous 2.0 USB technology.

USB 3.1 is special because it can shuffle data between a host device and peripheral at 10Gbps, which is two times faster than USB 3.0. USB 3.1 is also generating excitement for the reversible Type-C cable, which is the same on both ends so users don’t have to worry about plug orientation.

Motherboards with USB 3.1 technology are being targeted at high-end desktops. Some enthusiasts like gamers seek the latest and greatest technologies and build desktops with motherboards sold by MSI, Asus and Gigabyte. Many of the new desktop motherboards announced have the Type-C port interface, which is also in recently announced laptops from Apple and Google.

PC makers are expected to start putting USB 3.1 ports in more laptops and desktops starting later this year.

The need for faster access to external storage could make the motherboards with USB 3.1 are very attractive to gamers especially.

Some storage peripherals with Type-C connectors are becoming available, but can not reach full USB 3.1 speeds yet. However, the data transfer speeds will continue to improve as controllers are refined.

USB 3.1 will surely be standard on all computers within the year. Faster is without better in this case.

Share This:

IE 11 Lives (We Already Knew That)

IE10_icon

IE 11 users do not panic! Now I realize that many of you really will not be sad to see IE 11 go away. However many enterprise customers and software vendors have been a little nervous about some of the recent news headlines that IE was being “retired”. Microsoft yesterday clarified their position in respect to IE in order to obviously calm these nervous nellies.

“Based on strong feedback from our Windows Insiders and customers, today we’re announcing that on Windows 10, Project Spartan will host our new engine exclusively,” wrote Kyle Pflug, program manager for Spartan, in a blog post. “Internet Explorer 11 will remain fundamentally unchanged from Windows 8.1, continuing to host the legacy engine exclusively.”

Pflug cited several reasons for the change of heart, which boiled down to a case for simplifying what had been a confusing browser situation. Separating the new (Project Spartan and its forked rendering engine) from the old (IE11 and Trident) will also allow Microsoft to better pursue its goal of delivering a constant stream of updates to Spartan while at the same time reducing compatibility issues with IE11.

The new engine will be removed from IE11 in the next update to Windows 10 Technical Preview.

Microsoft also made it clear that its development attention would be focused on Project Spartan, the placeholder for the yet-unnamed application. “Project Spartan is our future,” Pflug further stated, adding that the browser would be included with Windows 10 by default.

He also implied that IE11 was a “dead end” that would however be maintained but not enhanced. “Since Internet Explorer 11 will now remain fundamentally unchanged from Windows 7 and Windows 8.1, it will provide a stable and predictable platform for enterprise customers to upgrade to Windows 10 with confidence,” Pflug said.

AT the end of the day, and post Windows 10 IE11 will remain important for years to come. Microsoft has promised to support the browser with security updates for at least the next eight years.

Very importantly and this is where calming nervous enterprise cusomers comes in it is now clear that those who adopt Windows 10 will be able to set IE11 as the OS’s default browser using group policy settings.

Microsoft has yet to give an official name to Project Spartan or added it in its entirety to Windows 10 Technical Preview. Both moves will reportedly be made at the company’s conference in Chicago scheduled for May 4-8.

Share This:

1 2 3 4