Copy Link
Add to Bookmark
Report
Atari Online News, Etc. Volume 16 Issue 52
Volume 16, Issue 52 Atari Online News, Etc. December 26, 2014
Published and Copyright (c) 1999 - 2014
All Rights Reserved
Atari Online News, Etc.
A-ONE Online Magazine
Dana P. Jacobson, Publisher/Managing Editor
Joseph Mirando, Managing Editor
Rob Mahlert, Associate Editor
Atari Online News, Etc. Staff
Dana P. Jacobson -- Editor
Joe Mirando -- "People Are Talking"
Michael Burkley -- "Unabashed Atariophile"
Albert Dayes -- "CC: Classic Chips"
Rob Mahlert -- Web site
Thomas J. Andrews -- "Keeper of the Flame"
With Contributions by:
Fred Horvat
To subscribe to A-ONE, change e-mail addresses, or unsubscribe,
log on to our website at: www.atarinews.org
and click on "Subscriptions".
OR subscribe to A-ONE by sending a message to: dpj@atarinews.org
and your address will be added to the distribution list.
To unsubscribe from A-ONE, send the following: Unsubscribe A-ONE
Please make sure that you include the same address that you used to
subscribe from.
To download A-ONE, set your browser bookmarks to one of the
following sites:
http://people.delphiforums.com/dpj/a-one.htm
Now available:
http://www.atarinews.org
Visit the Atari Advantage Forum on Delphi!
http://forums.delphiforums.com/atari/
=~=~=~=
A-ONE #1652 12/26/14
~ N. Korea Didn't Do Hack? ~ People Are Talking! ~ EasyMiNT Update News!
~ Stuck in Your New Game? ~ Apple Automated Update ~ HP OS: The Machine!
~ Facebook Can't Avoid Suit ~ Worst Spammers of 2014 ~ Worst Games of 2014!
~ Threats on Social Media! ~ Online Privacy Fantasy ~ Dangerous NTP Hole!
-* Happy 35th B-Day, Gaming PC! *-
-* Lizard Squad Now Tied to Sony Hack! *-
-* N. Korea's Internet Goes Dark After Hack! *-
=~=~=~=
->From the Editor's Keyboard "Saying it like it is!"
""""""""""""""""""""""""""
Well, the holiday season is winding down, with New Year's Eve less than
a week away! All of us here at A-ONE hope that you had a great holiday,
spent with friends and family. We spent a fairly quiet day with the
in-laws - a good distraction away from home. We didn't take the canine
"kids" with us, but made up for it with some extra treats from Santa!
So, now it's time to erst up from the hustle and bustle of the holidays,
and time to "prepare" for the New Year! We all hope that you have a
great New Year's Eve, and a healthy and prosperous new year! Happy New
Year, 2015!
Until next year...
=~=~=~=
EasyMiNT Update
Hi folks,
Another EasyMiNT beta version is coming to town, hohoho.;-)
Whats new
- video mode changed in XAAES.CNF (please test this)
- APP and PRG must not be in separate folders
- added XAAES.INF
- no more networkcard driver selection on firebee, it's installed
automatically
- vincent's e2fsck added
- bugfix: fscheck.sh
Two caveats, filesystemcheck is always invoked on firebee, seems a
firebee bug and MINT folder is not backuped in firebee because MINT
folder can't be renamed under some circumstances.
Download: http://atari.st-katharina-apotheke.de/download/em190b3.zip
Substitute the old files with the files from the zip above.
Have fun!
maanke
=~=~=~=
->In This Week's Gaming Section - Lizard Squad, Hacker Group Now Tied to Sony Hack
""""""""""""""""""""""""""""" Microsoft Xbox Live Back Up, PS Network Still Down
Happy 35th Birthday, Gaming PC!
And much more!
=~=~=~=
->A-ONE's Game Console Industry News - The Latest Gaming News!
""""""""""""""""""""""""""""""""""
This Is Lizard Squad, The Nebulous Hacker Group Now Tied to The Sony Hack
Talk to any avid gamer these days and theyll tell you about Lizard
Squad.
This particular hacking group has been waging seemingly random attacks
on the video game industry since the summer. They say they are doing it
just because they can, and are both despised and revered by hundreds of
thousands of people because of it.
Lizard Squad even sells T-shirts. Welcome to the 21st century, where
hacking and other forms of digital disruption are entertainment, and
hacker groups have fandoms.
And now, at least one security firm is tying Lizard Squad to the Sony
hack.
Earlier this week, Los Angeles cybersecurity firm IntelCrawler told
Bloomberg that both Lizard Squad and Guardians of Peace, the unknown
group that has taken credit for Sony, share the same hacking timelines
and slang.
Whether or not it is true, many in the gaming community are convinced
Lizard Squad is responsible for the Sony hack.
Lizard Squad burst onto the scene on Aug. 18, when they claimed credit for
server outages for the games League of Legends and Runescape. On the same
day, the group threatened to take down the servers for the video game
company Riot Games and then proceeded to take down random players'
channels on Twitch.tv, the live streaming service for gamers.
The nebulous group was able to take these servers down through a DDoS, or
distributed denial of service, attack in which it directed Internet
traffic to overwhelm its targets' servers. Less than a week later, Lizard
Squad made headlines when it tweeted a fake bomb threat to American
Airlines and successfully grounded the plane. Sony Online Entertainment
president John Smedley was on the flight.
The bomb threat earned Lizard Squad infamy and thousands of Twitter
followers. That same morning, Sonys Playstation Network was the target
of a DDoS attack - Lizard Squad took credit.
To date, Lizard Squad has taken down (or claimed responsibility for)
server outages of the games GTA 5, Destiny, Doda, League of Legends,
Call of Duty, and Runescape, among others. Microsofts XBox Live and
Sonys Playstation Network have been attacked multiple times, as has
Twitch.tv, along with various streamers on the site.
One streamer who was the target of Lizard Squads shenanigans found his
Twitch.tv chatroom swarmed with viewers that would donate to his channel
with his own credit card, effectively donating his own money to himself.
Theyve also hacked into various gamers computers, including relatively
popular YouTube gamer Nick Sampsons desktop, leaving him the message
lizards allow you to play for 1 hour then you must pay $30 amazon
earlier this month.
Before their second Twitter account was suspended, Lizard Squad amassed
more than 167,000 followers. They have a page on Know Your Meme, a
website that chronicles top online phenomenon. Perusing the Lizard Squad
public chat room while it was up revealed fans begging Lizard Squad to
DDoS their high schools. Kids have sent Lizard Squad fan art while others
have tweeted pictures with Lizard Squad written on their forehead, or
just photos of themselves admitting to being overpowered by them.
On YouTube, searching Lizard Squad yields 42,900 results, beating the
19,200 videos referencing LulzSec, the comparable in popularity hacker
group from 2011. (Note how Lizard Squad shares the same initials as
LulzSec and the Lizard Squad original Twitter account was created at the
same time as LulzSecs).
Lizard Squad is unlike any other hacking group primarily because of their
relatively underground popularity. According to the social media
monitoring service Topsy, Lizard Squad has been mentioned 86,000 times
on Twitter in the past month, not counting retweets.
Hacker groups that have come before typically attack sites far-removed
from peoples everyday lives. Lizard Squad is different. It is going
after something that young people use daily, something they love: their
video games. Unlike LulzSec, Lizard Squads work affects ordinary people,
by disrupting their entertainment.
This disruption has upset many gamers. Mentions of Lizard Squad on Tumblr
are almost entirely negative. Even some affiliates of the hacktivist
collective Anonymous are incensed, with one releasing a video declaring
war on them (Anonymous as a whole, however, seems amused by them).
Encouraged by anti-Lizard Squad sentiment, a small group calling
themselves Finest Squad succeeded in getting Lizard Squads Twitter
account suspended by filling out Twitter abuse forms. Finest Squad also
claimed to have doxed Lizard Squad members, which is when adversaries go
after targets online by dumping personal or sensitive information about
them on the Web. But it turned out that much, if not all, of the
personal information on Lizard Squad members turned out to be false.
Recently, Lizard Squad made various threats to take down XBox Live on
Christmas Day, even after some of their members were allegedly arrested.
Members deny that is the case.
So, why would Lizard Squad do this? Theories range from because we can
or for the lulz, which comes from the online acronym LOL.
In multiple interviews with a YouTube personality known as Keemstar,
Lizard Squad claims the bulk of their attacks are paid for, but these
paid attacks are never announced on their Twitter feed as they are
professionals and dont want to draw attention to their clients.
They call themselves DDoS for hire, and say they provide this service
quite often. Paying someone to DDoS isnt a foreign concept in the
video game community, and as a practice, has been going on for years.
Gamers have been known to use this practice to knockout opponents in
competitive matches.
For mayhem or profit, love them or hate them, the kids these days cant
stop talking about Lizard Squad.
Microsoft Xbox Live Back Up, Sony PlayStation Network Still Down
Microsoft Corp's Xbox Live was back up on Friday while Sony Corp's
PlayStation Network remained offline for a second day after a hacker group
claimed responsibility for attacking the two Internet gaming services.
Gamers on Xbox Live and PlayStation Network experienced connection
problems and delays on Christmas Day, one of the busiest times of the year
for the video game industry. The majority of game and console sales are
generated during the end-year holiday shopping season.
A message on PlayStation Network's website on Friday read: "Under
Scheduled Maintenance. We should be back online shortly. Apologies for
any inconvenience." It directed users to the PlayStation blog and other
related websites.
A Microsoft website that keeps track of the status of Xbox services
listed Xbox Live's "core services" as up and running on Friday. Several
third-party apps on the platform were experiencing limited services,
however.
A hacking group called "Lizard Squad" took credit for the disruption to
both Xbox Live and PlayStation Network on Thursday. The group appeared
unrelated to the "Guardians of Peace" hackers who broke into Sony
Pictures' network earlier this month to try to stop the release of the
film "The Interview," which depicts the assassination of North Korean
leader Kim Jong Un.
"The Interview" was released online on Wednesday on the Xbox network and
other digital platforms. The movie also hit select U.S. theaters on
Thursday.
Lizard Squad: Kim Dotcom Plays Christmas Hero After Gaming Attacks
Call it a belated Christmas season miracle.
This is a story of an eccentric Internet entrepreneur who singlehandedly
may have managed to save gamers around the world - and the Christmas
season - from a hacking collective known as Lizard Squad.
Microsoft's Xbox Live and Sony's PlayStation Network both suffered outages
Christmas Day that extended into today, frustrating gamers who were unable
to enjoy their consoles for the holiday.
It seems all it took for Lizard Squad to call off the attacks the group
said it perpetrated on the gaming networks was a little diplomacy from
MegaUpload founder Kim Dotcom, according to Dotcom and Lizard Squad
tweets.
The multimillionaire, who is based in New Zealand, is embattled in his
own legal woes. He is expected to find out early next year whether he'll
be extradited to the United States, where he is wanted on charges
related to piracy, copyright infringement and racketeering.
(Dotcom, who changed him name from Kim Schmitz, has said he is not
guilty.)
Under the deal Lizard Squad said it reached with Dotcom, the group
received 3,000 premium MegaPrivacy vouchers from Dotcom's company, which
allows it end-to-end encryption and secure storage services.
While it appeared both networks were still dark this morning, Lizard
Squad tweeted it had stopped its "distributed denial of service attacks
and said the current downtime is "just the aftermath."
Neither Microsoft nor Sony blamed the problem on hackers. Both companies
said they were investigating the problems.
Cole Stryker, who explored the hacking culture in his book "Hacking the
Future: Privacy, Identity, and Anonymity on the Web," said Lizard Squad's
style of hacking seems very similar to the "early days of LulzSec," a
former hacking group.
"Very trollish, prankstery," Stryker told ABC News earlier this year. "I
dont believe this person genuinely wants to be involved in geopolitics.
I think this person is just having a laugh."
Still, the DDoS (distributed denial of service attacks) for which Lizard
Squad has claimed credit has caused plenty of inconveniences.
Earlier this month, the group said it hacked Sony's PlayStation Store.
Lizard Squad previously claimed responsibility for cyberattacks that
briefly knocked the Vatican's website, Battle.net and League of Legends
offline.
Happy 35th Birthday, Gaming PC
35 years ago, a video game revolution was sweeping through American culture.
Shopping mall arcades were crammed with teenagers blasting menacing Space
Invaders and lethal Asteroids to fading phosphorous particles.
Cartridge-based home gaming consoles were beginning to catch on, bringing
interactive entertainment into living rooms. University computer labs
intended for scientific research were overrun with students programming
their own electronic versions of Dungeons & Dragons. And with the coming
of the 1979 Christmas shopping season, two revolutionary new home
computers from Atari appeared on store shelves, machines which would
forever change our perceptions of what PCs were capable of.
Computers had broken into the home market two years before with the
release of the Apple II, Radio Shack TRS-80, and Commodore PET. All three
were stunningly primitive by contemporary standards, but they were real,
affordable PCs priced just within the means of ordinary consumers.
Thousands of people rushed out to purchase these technological
wonderments, enchanted by the novelty of owning a piece of the future.
The problem was, computer owners werent all that sure what they could
actually do with the new silicon-powered toys. Commercial software was
scarce and primitive. Many early home computer hobbyists programmed
their own applications from scratch, learning BASIC as they pecked away
and created home finance and cookbook databases. The more ambitious
among these tinkerers tried their hand at creating their own video
games.
Programming games on these hardware-limited machines required intense
skill. Though Apple II creator Steve Wozniak famously ported his arcade
game, Breakout, to the Apple II computer, few early developers could
match Wozs technical mastery. Early PCs had more in common with
calculators than gaming consoles, with hardware better suited to
displaying text than animation. The arcane and memory-strapped nature of
these early computers made game design a test of both innovation and
endurance.
In the late 1970s, Atari was the largest and best-known manufacturer of
video games in the world. Already successful in both the arcade and home
gaming markets, they were eager to expand into the new frontier of home
computing. As an established manufacturer of video game hardware, Atari
approached their personal computer project very differently than their
competitors. Atari PCs would be capable of word processing and data
management, but the Atari logo was synonymous with great gaming, and
that meant Ataris computer line would be expected to deliver the
highest-quality entertainment experience on the market.
Ataris engineers decided that their home computers would be built
around a standard core processor, then supplemented with custom graphics
chips created just for playing games, a radical concept in personal
computing. Their first PCs were built around the same 6502 eight-bit
processor utilized by the Apple II, but clocked to a greater speed. Two
specialized graphics coprocessors were then added, allowing the Atari to
easily generate hardware-assisted sprites, play fields, and a broad
color palette. A third special chip provided extra hardware functions
for controller support and four dedicated sound channels for creating
complex music and sound effects.
Atari created two versions of the new computer, dubbed the Atari 400 and
Atari 800. The two models were fundamentally the same inside, but the
400 skewed toward the bargain end of the market thanks to a cheap
membrane keyboard and a few other cost-cutting measures. Both models
included the same special graphics and sound chips, as well as four
controller ports for multiplayer games. The 400 and 800 could use
cassette tape and floppy disk drives, but also included an input to run
programs from a standard console-style ROM cartridge, an allowance which
meant gamers wouldnt have to endure the painfully slow loading times
then associated with computers.
When the 400 and 800 were released, they were far and away the most
powerful home gaming machines available. The two computers were
harbingers to the bleeding-edge technical advantage and cost which would
thereafter characterize PC gaming. While more expensive than
contemporary home consoles, they were also much more capable and
expandable. The multi-colored, plentiful sprites generated by Ataris new
computers looked like something from another planet, and the four-channel
sound was unparalleled, allowing for superb sound and real musical
accompaniment.
Arcade ports boasted tremendous fidelity, a terrific advantage in an era
when arcade games were the technological gold standard for game design.
Programmers quickly discovered ways to leverage the hardware toward
better gaming. The ability to incorporate both a joystick and keyboard
as controls led to complex, innovative new simulation games. Ataris
first-party Star Raiders forced a player to balance reflexes and
resources in a fast-paced strategic shooter. The Ataris four controller
ports inspired multiplayer pioneer Dani Bunton to create the innovative
and influential M.U.L.E, a fascinating and brilliant combination of
cooperative and competitive game play. And Lucasfilm Games harnessed the
Atari PCs capabilities in some of their earliest work, including the
extraordinary exploratory shooter Rescue on Fractalus. The hardware was
so ahead of its time that a homebrew programmer successfully ported
Sega's arcade classic Space Harrier to the platform in the early 21st
century.
The multi-channel sound chip was also light-years ahead of the
competition. Engineers harnessed up to four simultaneous instruments to
duplicate popular musical themes and create original compositions. The
chip also allowed complex, layered sound effects which granted games a
special audial richness, a capability unparalleled until the
introduction of the famous Commodore SID chip several years later.
Unfortunately, Atari unwisely choose to keep the deeper workings of their
new computers secret. In an effort to maintain control over software
distribution, they refused to release details of their powerful graphics
hardware to hobbyist developers. This arbitrary barrier drove many
creators away from the 400 and 800 and toward the much more open
Apple II design. The Apple may have been less powerful, but its
well-documented architecture made it far more accessible to a generation
of garage programmers. Later competition from Commodore VIC-20 and 64
models further depressed Ataris market share. By the time Atari
realized the mistake, it was too late, and fortune had passed them by.
While Atari computers would remain relevant for a decade, they would
never achieve the kind of PC industry dominance their initial
technological advantage might have allowed.
Still, we contemporary gamers owe a great deal to the Atari 400 and 800.
The graphics and sound chips designed for these computers were
forerunners of the graphics accelerators and dedicated audio hardware
which are now standard equipment in gaming PCs. Ataris first computers
helped launch a graphical arms race which would continue from the late
seventies through today, a focus on increasingly-impressive GPU
capabilities which would eventually inform the designs of the graphics
processors powering both our PCs and the current generation of home
consoles.
=~=~=~=
->A-ONE Gaming Online - Online Users Growl & Purr!
"""""""""""""""""""
Stuck in Your New Game? Heres Where to Go for Help
Youve opened your presents. Now its time to play with them.
With no responsibilities, a new stack of games, and the pizza delivery
guy standing at the ready, youre all set to become a gaming hermit. But
that nirvana can be shattered if youve hit a puzzle or mission that
proves too tough to pass.
While you could go to the nearest bookstore and grab a strategy guide,
that would require spending money and, worse, putting on pants. Luckily,
online gaming advice is cheap and plentiful.
Looking for help? If youre playing any of the following hot new games,
heres where to look:
Dragon Age: Inquisition. Part of the problem with game guides is that they
tend to spoil the story in their well-intentioned effort to help you out
of a jam. IGNs walkthrough of our Game of the Year goes out of its way to
avoid that as much as possible.
Dragon Age: Inquisition is so massive in scope that finding help could be
a bit more difficult than usual, though. You may have to try several
avenues to get the answer if youre on one of the many branching story
arcs. But IGNs wiki is one of the most complete weve come across, with
details on everything from crafting to collectibles to which characters
you can and cant have romances with.
Super Smash Bros. Super Smash Bros. is known for being pretty
straightforward in its controls. But if youre picking it up for the
first time, its really easy to get lost or overwhelmed since the
game lacks a tutorial mode and doesnt come with a comprehensive manual
(and button mashing will get you only so far).
One suggestion is to spend some time on Twitch, watching experts play.
That will show you whats possible, though you wont always learn how to
do it yourself. To learn more, GameFAQs has a pretty good user-created
repository full of tips, cheat codes, and level maps to make you more
competitive.
Middle-earth: Shadow of Mordor. Prima is largely in the business of
selling game guides, but if youre looking for broad-based advice rather
than a specific solution to an in-game problem, the site has a wealth of
tips for both beginners and advanced Mordor players. Some of that advice
is pretty obvious, but other tips will let you navigate the game in a
much easier fashion.
Call of Duty: Advanced Warfare. For the past few years, Activision has
made it easy to thrive in the Call of Duty game with Call of Duty:
Elite, a free service that let you review your stats and even suggested
weapons to optimize your gameplay. Earlier this year, though, the
publisher took it offline.
It didnt leave fans completely out in the cold, though. The Call of
Duty: Advanced Warfare Companion app, available for iOS, Windows Phone,
and Android devices, lets you create and manage a clan while youre on
the go. It wont improve your aim, but it could get you some support to
help you die a bit less in multiplayer matches.
Destiny. Destiny has been out longer than most games on this list, so
theres been plenty of time for people to put together extensive
walkthrough videos on YouTube and for the community to suss out which of
those are the most helpful.
The quickest way to get that help is to know the level youre playing,
as there are individual videos for each level online. Drop in, watch
the player take care of the problem, and then drop out and try to
emulate that yourself.
Far Cry 4. Taming Nepal isnt an easy task, especially in this epic
quest. Gamers Heroes offers a thorough walkthrough of the game that will
usher you through not only the main missions, but help you out with
crafting, hunting, weapons, and how to conquer the games various
fortresses. Youll even learn how to get a quick Karma increase.
Prefer to take the shortcut and want to use cheat codes? Cheat Code
Central has you covered, with exact coordinates of quest items and the
locations of masks and propaganda posts, along with easy ways to boost
your achievements.
The 5 Worst Video Games of 2014
It was the best of times, it was the worst of times.
Actually, when it comes to these five games, it was just the worst of
times.
What happened? No one really sets out to make a terrible game. But bad
design, buggy graphics, and broken gameplay happen anyway, and they
happened in a big way to the following thumb-crushing disasters.
1. Dungeon Keeper (iOS) For 50 gems, Ill tell you why Dungeon Keeper,
the penny-pinching mobile remake of a beloved 17-year-old strategy game,
is bad news. You can get five gems for 10 gold coins, by the way, and if
you click here you can buy packs of gold coins for $4.99 apiece. Or you
could just go play the game, though youll need some Red Jewels if you
want to take more than five turns per day. Those cost 12 gems apiece.
Remember when you could just download and play a video game? By the way,
that memory costs 100 Black Pearls. Do you have your credit card handy?
2. Sonic Boom: Rise of Lyric (Wii U) Pity poor Sonic. Instead of letting
the overworked mascot enjoy his retirement, Sega keeps sticking him in
bad games. This year they really outdid themselves. His latest disaster,
Sonic Boom: Rise of Lyric, is part of an all-out media blitz that
includes a TV show, comics, a toy line, and, yep, games. Spreading
yourself thin is never a great way to make a good video game, and Rise
of Lyric, with its broken, buggy platforming, repetitive action, and
irritating characters, is not a good video game.
3. SoulCalibur: Lost Swords (PS3) The swords arent the only things
Bandai Namco lost while making this lousy fighter. They also lost the
point of SoulCalibur, one of the greatest fighting franchises ever, by
shamelessly converting it into a microtransaction-heavy, free-to-play
mess with massive load times and zero multiplayer. Our souls are
weeping.
4. Rambo: The Video Game (Xbox 360, PS3, PC) Remember Ikari Warriors? It
was an old-school coin-op game that had a cool little rotating joystick
and two-player support and pretty much let you rampage around as a
wannabe Rambo. This new game is totally different, mostly in that its
terrible. Presumably funded via tickets won at a skee-ball machine, this
unstable shooter takes you through memorable scenes from the three
Rambo films by gluing you to a rail and making you blast anything that
moves. Wed be angry too, Rambo.
5. Escape Dead Island (Xbox 60, PS3, PC) Challenge accepted! Although
really, wed just like to escape playing this brain-dead zombie game.
Its infested with bugs, for one thing, though worse is the games combo
of boring action and impossibly steep difficulty. Actually, the
interminable fetch quests are worse. No, wait, the glitchy graphics. We
cant decide. Escape!
=~=~=~=
A-ONE's Headline News
The Latest in Computer Technology News
Compiled by: Dana P. Jacobson
No, North Korea Didnt Hack Sony
The FBI and the President may claim that the Hermit Kingdom is to blame
for the most high-profile network breach in forever. But almost all signs
point in another direction.
So, The Interview is to be released after all.
The news that the satirical moviewhich revolves around a plot to murder
Kim Jong-Unwill have a Christmas Day release as planned, will prompt
renewed scrutiny of whether, as the US authorities have officially
claimed, the cyber attack on Sony really was the work of an elite group
of North Korean government hackers.
All the evidence leads me to believe that the great Sony Pictures hack of
2014 is far more likely to be the work of one disgruntled employee facing
a pink slip.
I may be biased, but, as the director of security operations for DEF CON,
the worlds largest hacker conference, and the principal security
researcher for the world's leading mobile security company, Cloudflare,
I think I am worth hearing out.
The FBI was very clear in its press release about who it believed was
responsible for the attack: The FBI now has enough information to
conclude that the North Korean government is responsible for these
actions, they said in their December 19 statement, before adding, the
need to protect sensitive sources and methods precludes us from sharing
all of this information.
With that disclaimer in mind, lets look at the evidence that the FBI are
able to tell us about.
The first piece of evidence described in the FBI bulletin refers to the
malware found while examining the Sony Pictures network after the hack.
Technical analysis of the data deletion malware used in this attack
revealed links to other malware that the FBI knows North Korean actors
previously developed. For example, there were similarities in specific
lines of code, encryption algorithms, data deletion methods, and
compromised networks.
So, malware found in the course of investigating the Sony hack bears
strong similarities to malware found in other attacks attributed to
North Korea.
This may be the casebut it is not remotely plausible evidence that this
attack was therefore orchestrated by North Korea.
The FBI is likely referring to two pieces of malware in particular,
Shamoon, which targeted companies in the oil and energy sectors and was
discovered in August 2012, and DarkSeoul, which on June 25, 2013, hit
South Korea (it was the 63rd anniversary of the start of the Korean War).
Even if these prior attacks were co-ordinated by North Koreaand plenty
of security experts including me doubt thatthe fact that the same piece
of malware appeared in the Sony hack is far from being convincing
evidence that the same hackers were responsible. The source code for the
original Shamoon malware is widely known to have leaked. Just because
two pieces of malware share a common ancestry, it obviously does not mean
they share a common operator. Increasingly, criminals actually lease
their malware from a group that guarantees their malware against
detection. Banking malware and certain crimeware kits have been using
this model for years.
So the first bit of evidence is weak.
But the second bit of evidence given by the FBI is even more flimsy:
The FBI also observed significant overlap between the infrastructure
used in this attack and other malicious cyber activity the U.S.
government has previously linked directly to North Korea. For example,
the FBI discovered that several Internet protocol (IP) addresses
associated with known North Korean infrastructure communicated with IP
addresses that were hardcoded into the data deletion malware used in
this attack.
What they are saying is that the Internet addresses found after the Sony
Picture attack are known addresses that had previously been used by
North Korea in other cyberattacks.
To cyber security experts, the naivety of this statement beggars belief.
Note to the FBI: Just because a system with a particular IP address was
used for cybercrime doesnt mean that from now on every time you see
that IP address you can link it to cybercrime. Plus, while sometimes
IPs can be permanent, at other times IPs last just a few seconds.
It isnt the IP address that the FBI should be paying attention to.
Rather its the server or service thats behind it.
As with much of this investigation our information is somewhat limited.
The FBI havent released all the evidence, so we have to go by what
information is available publicly. Perhaps the most interesting and
indeed relevant of this is the C2 (or Command and Control) addresses
found in the malware. These addresses were used by whoever carried out
the attack to control the malware and can be found in the malware code
itself. They are:
* 202.131.222.102Thailand
* 217.96.33.164Poland
* 88.53.215.64Italy
* 200.87.126.116Bolivia
* 58.185.154.99Singapore
* 212.31.102.100Cyprus
* 208.105.226.235USA
Taking a look at these addresses we find that all but one of them are
public proxies. Furthermore, checking online IP reputation services
reveals that they have been used by malware operators in the past. This
isnt in the least bit surprising: in order to avoid attribution
cybercriminals routinely use things like proxies to conceal their
connections. No sign of any North Koreans, just lots of common, or
garden, internet cybercriminals.
It is this piece of evidencefreely available to anyone with an enquiring
mind and a modicum of cyber security experiencewhich I believe that the
FBI is so cryptically referring to when they talk about additional
evidence they cant reveal without compromising national security.
Essentially, we are being left in a position where we are expected to just
take agency promises at face value. In the current climate, that is a big
ask.
If we turn the debate around, and look at some evidence that the North
Koreans might NOT be behind the Sony hack, the picture looks significantly
clearer.
1. First of all, there is the fact that the attackers only brought up the
anti-North Korean bias of The Interview after the media didthe film
was never mentioned by the hackers right at the start of their campaign.
In fact, it was only after a few people started speculating in the media
that this and the communication from North Korea might be linked that
suddenly it did get linked. My view is that the attackers saw this as an
opportunity for lulz, and a way to misdirect everyone. (And wouldnt
you know it? The hackers are now saying its okay for Sony to release
the movie, after all.) If everyone believes its a nation state, then
the criminal investigation will likely die. Its the perfect smokescreen.
2. The hackers dumped the data. Would a state with a keen understanding
of the power of propaganda be so willing to just throw away such a trove
of information? The mass dump suggests that whoever did this, their
primary motivation was to embarrass Sony Pictures. They wanted to
humiliate the company, pure and simple.
3. Blaming North Korea offers an easy way out for the many, many people
who allowed this debacle to happen; from Sony Pictures management through
to the security team that were defending Sony Pictures network.
4. You dont need to be a conspiracy theorist to see that blaming North
Korea is quite convenient for the FBI and the current U.S.
administration. Its the perfect excuse to push through whatever new,
strong, cyber-laws they feel are appropriate, safe in the knowledge that
an outraged public is fairly likely to support them.
5. Hard-coded paths and passwords in the malware make it clear that
whoever wrote the code had extensive knowledge of Sonys internal
architecture and access to key passwords. While its (just) plausible that
a North Korean elite cyber unit could have built up this knowledge over
time and then used it to make the malware, Occams razor suggests the
simpler explanation of a pissed-off insider. Combine that with the
details of several layoffs that Sony was planning and you dont have to
stretch the imagination too far to consider that a disgruntled Sony
employee might be at the heart of it all.
I am no fan of the North Korean regime. However I believe that calling out
a foreign nation over a cybercrime of this magnitude should never have
been undertaken on such weak evidence.
The evidence used to attribute a nation state in such a case should be
solid enough that it would be both admissible and effective in a court of
law. As it stands, I do not believe we are anywhere close to meeting that
standard.
North Korea's Internet Collapses After Sony Hack
North Korea's Internet went dark for several hours amid rumors of US
retaliation over its alleged hacking of a Hollywood studio, just as the
pariah state came under attack at the UN over its rights record.
It was not clear who or what had shut down Pyongyang's web connections,
but cyber experts said the country's already limited Internet went
completely offline overnight from Monday to Tuesday local time.
Piling further pressure on Kim Jong-Un's regime, UN members debated North
Korea's brutal treatment of its huge prison population after China, its
only major ally, was rebuffed in a bid to shelve the issue.
US-based Internet analysts Dyn Research said Pyongyang's four online
networks, all connected through Chinese telecom provider China Unicom,
had been offline for nine hours and 31 minutes before services resumed
on Tuesday morning.
Dyn Research said Pyongyang's very limited infrastructure could be
vulnerable to power outages but the way it had collapsed "seems
consistent with a fragile network under external attack".
US President Barack Obama and the FBI have accused North Korea of being
behind the hacking of Sony Pictures, which decided to cancel the
Christmas Day release of comedy film "The Interview".
Washington officials refused to comment on speculation that the North
Korean Internet blackout was the first stage in what Obama has warned
will be a "proportionate response" to the hack.
North Korea has angrily insisted that it had nothing to do with the theft
and leaking of Sony company secrets nor threats against moviegoers, but
it has also condemned Sony's madcap movie, which features a fictional
plot to kill Kim.
Pyongyang has also vowed reprisals if the US brings in new sanctions such
as restoring the country to a list of state sponsors of terrorism.
China on Tuesday suggested Washington and Pyongyang hold talks over cyber
hacking. US officials, however, have dismissed a North Korean proposal
for a joint investigation into the Sony hack and instead called for the
hermit state to compensate the film studio.
Dyn Research said earlier Monday that Internet connectivity between North
Korea and the outside world, never good at the best of times, had begun
to show signs of instability over the weekend.
"This is different from short duration outages we have seen in the past,"
Earl Zmijewski, vice president of data analytics at Dyn, told AFP.
But Zmijewski stressed it was impossible to say what had caused the
outage. "They could have elected to simply pull the plug or they could
have suffered from some sort of failure or attack," he said.
The diplomatic row comes as China failed on Monday to block the
first-ever UN Security Council meeting on North Korea's dismal rights
record after a strong majority of members voted in favor of it.
US ambassador Samantha Power - backed by envoys from Britain, Australia
and France - said North Korean citizens experience a "living nightmare"
of political repression.
She recalled testimony from a starving prison camp survivor who picked
kernels of corn from cattle dung to eat and of a former guard who said
prison wardens routinely raped prisoners.
Power dismissed Pyongyang's offer of a joint investigation into the hack
as "absurd," urging the council to take action against North Korean
leaders.
No decision was taken on Monday on a call to refer North Korea to the
International Criminal Court for crimes against humanity, but campaigners
urged the body to keep the issue alive.
Beijing - which has itself been accused by Washington of extensive
hacking of civilian and government networks - meanwhile suggested on
Tuesday that "the US and the DPRK can have communication" on cyber
hacking, using North Korea's official title.
Washington has urged Beijing, Pyongyang's closest ally, to help rein in
the North's cyber crime activities, with US Secretary of State John
Kerry speaking with his Chinese counterpart over the weekend to discuss
the problem.
China's foreign ministry on Monday condemned "cyber terrorism" in any
form but did not refer directly to North Korea.
Elsewhere, Seoul heightened its readiness against cyber attacks from
North Korean and other hackers after a series of online information leaks
about the country's nuclear power plants.
North Korea has limited access to the worldwide web with just four
networks on the global Internet, compared to 150,000 in the United
States, analysts say.
Pyongyang's main Internet presence is through its Uriminzokkiri website,
which has Twitter and Flickr feeds and is best known for posting
propaganda videos excoriating South Korea and the United States.
U.S. Police Struggle To Uncover Threats on Social Media
U.S. law enforcement agencies are a long way from being able to
effectively track threats of the kind a gunman posted on Instagram before
his execution-style murder of two New York City policemen last weekend.
Police need more data analytics and mining software to monitor social
media sites such as Facebook and Twitter , as well as trained personnel
to make sense of what could be a deluge of data, say law enforcement
officials and security experts.
"You can buy all the technology you want, but if you want to figure out
clever stuff, you better have smart people able to use it," said
Christopher Ahlberg, co-founder of Recorded Future Inc, which helps
clients analyze social media feeds. The company is partly backed by
In-Q-Tel, a venture capital firm that serves U.S. intelligence agencies.
According to the New York Police Department, Ismaaiyl Brinsley posted
anti-cop slurs on the Instagram photo-sharing site hours before walking
up to two officers in a parked squad car in Brooklyn and shooting them
dead on Saturday.
Baltimore police said they discovered the Instagram posts after Brinsley
shot and wounded his girlfriend earlier that day. But the NYPD did not
learn of the posts - which included a photograph of a silver handgun and
the message "I'm Putting Wings On Pigs Today. They Take 1 Of Ours...
Let's Take 2 of Theirs" - until it was too late.
Monitoring social media for out-of-the-blue threats may be beyond the
capabilities of most police forces including even the New York Police
Department, which has a relatively extensive and aggressive intelligence
operation, experts say.
Analysts at the New York and Los Angeles police departments routinely
crawl through social media to keep tabs on individuals on their radar,
such as gang members, or to prepare for high-profile events. But in an
era of shrinking or stagnant budgets, buying high-end software and hiring
trained data analysts can be costly.
Many police departments utilize fairly rudimentary tools. The NYPD uses
common search engines, experts say. It is possible to program an
algorithm to pick up threatening messages, but the sheer volume of data
and the potential number of "false positives" would impede its
effectiveness.
"It is like trying to take a sip from a fire hydrant," the non-profit
Police Executive Research Forum said in a 2013 report.
In monitoring social media, most local police forces lag U.S.
intelligence agencies, which despite their vast surveillance networks
still struggle to prevent attacks such as the 2013 Boston Marathon
bombing.
The National Security Agency had raw intercepts pointing to a person
matching the 2009 "underwear bomber's" description, but failed to stop
him from boarding a plane.
The Department of Homeland Security monitors about 100 social media sites,
but there are restrictions that keep their agents from sharing all the
information that they collect directly with local law enforcement.
Social media monitoring by police tends to be reactive: analysts hit the
Internet when someone phones in a tip. Investigators use social
networking sites to identify victims, look for witnesses and
perpetrators, generate leads or search for evidence in the aftermath of
a crime.
"Most of the stuff, honestly, we get is when people send it to us," said
Los Angeles Police Department spokesman, Commander Andrew Smith.
That's not to say there have not been some successes. The LAPD, which
employs around 40 people to monitor social media manually, uses software
from a startup called PredPol Inc, which stands for predictive policing.
The software analyzes LAPD and other internal police databases to
identify crime-ridden areas and determine the best times to patrol.
PredPol marketing manager Benjamin Hoehn said crime dropped around 20
percent within 10 months of deploying the system in Modesto, California,
in January.
The LAPD is also exploring the use of Geofeedia Inc, which incorporates
user-location data as it crawls through sites from Twitter and Facebook
to Google Inc's YouTube and Yahoo Inc's Flickr.
Sophisticated services provided by the likes of Palantir Technologies Inc,
which aids intelligence agencies in counter-terrorism, can track a
person's movements, identify anonymous messages from writing patterns, or
establish an individual's daily routines based on social media activity,
experts said.
Ahlberg said Recorded Future can predict areas where social unrest will
erupt with a high degree of accuracy, based on online commentary and
other data, offering a glimpse of what may be possible.
Rights organizations have criticized the increasing use of social media
crawling by law enforcement as a potential violation of privacy. Others
argue anything posted on social media is fair game.
"You can call it infringing on their Frist Amendment rights but these are
the 21st century tools available," said ex-FBI agent Kenneth Springer,
who runs investigations outfit Corporate Solutions Inc.
Dangerous NTP Hole Ruins Your Chrissy Lunch
Critical holes have been reported in the implementation of the network
time protocol (NTP) that could allow unsophisticated attackers root
access on servers.
System administrators may need to forego the Christmas beers and roasted
beasts until they've updated NTP daemons running versions 4.2.8 and
below.
The grinch bug was announced by the US Industrial Control Systems
Emergency Response Team, which received news of the hole from Google
security researchers.
"Exploitation of these vulnerabilities could allow an attacker to execute
arbitrary code with the privileges of the ntpd process," the agency said
in an advisory.
"An attacker with a low skill would be able to exploit these
vulnerabilities.
"Exploits that target these vulnerabilities are publicly available."
Google's Neel Mehta and Stephen Roettger reported two serious and four
"less-serious" bugs which were patched in 4.2.8 released 18 December.
These included weak default keys, weak random number generator seeds, and
buffer overflows.
Admins should backup operational industrial control system
configurations and test the patch prior to deployment, the computer
emergency response team urged.
It's also advisable to harden systems by minimising network exposure,
including by shoving remote devices and - where applicable - control
system networks behind firewalls and into isolated zones.
The Worst Spammers of 2014
On the flip side of years best lists at this point on the calendar, we
also have years worst rankings. Email anti-clutter tool Unroll.me has
just released its 2014 SPAMMYs, showcasing the sites that were the
largest spam email offenders this year.
Chances are, if you have an email account, youll recognize some of these
names.
Congratulations are due to online deal and coupon service LivingSocial for
having sent out 285 pain-in-our-neck emails on average per user, tops for
this year. At honorable mention was competitor Groupon, a close second
with 282 emails per subscriber.
Check out the rest of the SPAMMYs rankings below, which include the email
services that received the most unsubscribe requests by Unroll.mes
customers, and also a rating of the spammiest holidays by number of
themed emails this year.
(Oh, and we also featured Unroll.me as one of the ways to keep email
from ruining your life.)
Most spam emails sent:
LivingSocial: 285 emails sent on average per user
Groupon: 282 emails sent on average per user
Facebook: 263 emails sent on average per user
LinkedIn: 199 emails sent on average per user
Twitter: 117 emails sent on average per user
Amazon: 97 emails sent on average per user
Pinterest: 87 emails sent on average per user
Google: 62 emails sent on average per user
Google Plus: 62 emails sent on average per user
YouTube: 43 emails sent on average per user
Etsy: 29 emails sent on average per user
eBay: 27 emails sent on average per user
Tumblr: 23 emails sent on average per user
Yelp: 21 emails sent on average per user
TicketMaster: 21 emails sent on average per user
Most unsubscribe requests:
StumbleUpon: 51 percent unsubscribe rate
MoveOn.org: 48 percent unsubscribe rate
Jetsetter: 47 percent unsubscribe rate
Monster: 44 percent unsubscribe rate
SlideShare: 44 percent unsubscribe rate
Live Nation: 43 percent unsubscribe rate
Angies List: 41 percent unsubscribe rate
Rent The Runway: 39 percent unsubscribe rate
GameStop: 39 percent unsubscribe rate
NoMoreRack: 39 percent unsubscribe rate
Travelocity: 39 percent unsubscribe rate
Ancestry: 39 percent unsubscribe rate
Sports Authority: 39 percent unsubscribe rate
ProFlowers: 39 percent unsubscribe rate
Care.com: 38 percent unsubscribe rate
Most holiday-related spam emails sent:
Cyber Monday: average of 25 emails per user
Black Friday: average of 22 emails per user
Veterans Day: average of 18 emails per user
Thanksgiving: average of 17 emails per user
Election Day: average of 17 emails per user
Halloween: average of 17 emails per user
Tax Day: average of 16 emails per user
Columbus Day: average of 16 emails per user
Valentines Day: average of 15 emails per user
Ash Wednesday: average of 15 emails per user
Cinco de Mayo: average of 15 emails per user
Saint Patricks Day: average of 15 emails per user
Good Friday: average of 14 emails per user
Presidents Day: average of 13 emails per user
Martin Luther King, Jr. Day: average of 13 emails per user
US Judge: Facebook Cannot Avoid Class Action Lawsuit Over
Scanning Users' Private Messages for Advertising Purposes
A U.S. judge has given the green light to a class action lawsuit that
alleges Facebook scans private messages to create targeted
advertisements. The plaintiffs claim that the social networking website
violated several state and federal statutes.
Facebook cannot avoid the class action suit against its practice of
scanning private messages of users for advertising purposes, according to
U.S. District Judge Phyllis Hamilton of California. The case is moving
forward because the company "has not offered a sufficient explanation of
how the challenged practice falls within the ordinary course of its
business," the judge said.
Three plaintiffs to the suit filed in January allege that Facebook
violated federal and state statutes by scanning users' private messages
to create targeted ads. The plaintiffs also believe that the mention of
a company in the messages resulted as a "like."
The plaintiffs add that Facebook's messaging service is meant as a
private communication tool between users.
"Facebook's practice of scanning the content of these messages violates
the federal Electronic Communications Privacy Act (ECPA also referred to
as the Wiretap Act), as well as California's Invasion of Privacy Act
(CIPA), and section 17200 of California's Business and Professions Code,"
the plaintiffs said.
Facebook's motion to dismiss the plaintiffs' Wiretap Act claim and the
CIPA section 631 claim were denied by Judge Hamilton.
However, the social media company's motion to dismiss the plaintiffs'
claims on section 632 of the CIPA and section 17200 of the California
Business & Professions Code, also known as the Unfair Competition Law,
was granted.
Facebook maintains that it is responsible for handling the content of
private messages to ensure proper delivery. It is, therefore, free to
intercept private messages.
Facebook also believes that scanning messages is part of its normal
business practice. The company, however, claims that it stopped doing so
in 2012. The case then, Facebook believes, should not move forward.
The court read Facebook's full terms of service and found that the
language used in the service terms was vague. The court stated that the
document fails to clarify whether users had indeed given their consent
for Facebook to scan private messages for advertising purposes.
The plaintiffs have all reasons to expect that their private messages
remained private. The plaintiffs also argue that even though Facebook has
stopped scanning messages, it may start again whenever the company wishes
to.
Facebook is not the only company that has been taken to court by users
over privacy violations. Other companies such as Yahoo!, Earthlink and
Google have faced similar lawsuits.
Google's Gmail service was found violating the Wiretap Act as the company
automatically scanned Gmail messages as part of its targeted ad strategy.
Google is currently appealing against the violation.
Internet Privacy Is A Fantasy, Will Merely Be A Fetish by 2025
If youre still holding out hope for the preservation of Internet
privacy, you may need to adjust your ideals a bit. The future of online
privacy is cloudy, and policymakers and technology innovators have a
weighty task on their hands one theyre likely to fumble. This is one
of the overarching findings of a recent canvassing of more than 2,500
experts by Pew Research Centers Internet & American Life Project.
The Future of Privacy is a report from Pew forecasting whether
policymakers and technology leaders will be able to create a secure,
popularly accepted, and trusted privacy-rights infrastructure by 2025
that allows for business innovation and monetization while also offering
individuals choices for protecting their personal information in
easy-to-use formats.
About 55 percent of respondents said they dont think the above will
actually happen, while the other 45 percent said they do think a
satisfactory privacy infrastructure will be established in the next 10
years.
A shared sentiment from both sides of the table was that online life is
inherently public, something that wont surprise anyone whos part of a
social network or has kept up with news headlines in recent years. Pew
highlighted this anonymous response: Privacy will be the new taboo and
will not be appreciated or understood by upcoming generations.
The report listed a number of common ideas shared by respondents,
including: privacy and security are foundational issues of the digital
world, we are living in an unprecedented condition of ubiquitous
surveillance, we need little more than personal convenience to be
compelled to share our personal information, and privacy norms are
always changing.
Another theme gleaned from the responses to Pews canvassing is that an
arms race of sorts is unfolding, one between privacy-protecting
technology and privacy-penetrating technology. As Google Glass and
attendant projects grow, the so-called Internet of Things becomes
increasingly aware of literally everything, and as programmers begin
jumping on algorithmic schemes to sift, curate, and predict the data,
notions of privacy will be considered a fetish, according to an
attorney at a major law firm.
The hotly anticipated Apple Watch may be another test for the protection
of personal privacy in an increasingly technology-dependent age.
Connecticut Attorney State General George Jepsen recently requested to
meet with Apple CEO Tim Cook about how personal data collected by the
Apple Watch will be protected.
Apple Pushes First Ever Automated Security Update to Mac Users
Apple Inc has pushed out its first-ever automated security update to
Macintosh computers to help defend against newly identified bugs that
security researchers have warned could enable hackers to gain remote
control of machines.
The company pushed out the software on Monday to fix critical security
vulnerabilities in a component of its OS X operating system called the
network time protocol, or NTP, according to Apple spokesman Bill Evans.
NTP is used for synchronizing clocks on computer systems.
The bugs were made public in security bulletins on Friday by the
Department of Homeland Security and the Carnegie Mellon University
Software Engineering Institute. Carnegie Mellon identified dozens of
technology companies, including Apple, whose products might be
vulnerable.
When Apple has released previous security patches, it has done so through
its regular software update system, which typically requires user
intervention.
The company decided to deliver the NTP bug fixes with its technology for
automatically pushing out security updates, which Apple introduced two
years ago but had never previously used, because it wanted to protect
customers as quickly as possible due to the severity of the
vulnerabilities, Evans said.
"The update is seamless," he said. "It doesnt even require a restart."
Apple does not know of any cases where vulnerable Mac computers were
targeted by hackers looking to exploit the bugs, he added.
Get Better Search Results with Windows 10's Universal Search Feature
As you may know, the Universal Search feature in Windows is designed to
provide you with search results from both your computer and the internet.
Ever since it first made its appearance in Windows Vista, the Universal
Search feature has undergone a series of evolutionary steps to get where
it is now in the upcoming release of Windows 10. While the Windows 10's
Universal Search feature is a work in progress, it shows promise and is
worth a preliminary investigation. Let's take a closer look at the
changes in Universal Search leading up to Windows 10.
As you may remember, Microsoft began to make some very serious
improvements with the Search feature in Windows Vista. To begin with,
the Search was integrated right into the Start Menu instead of being a
separate application. To search, you clicked the Start button and then
began typing the name of the file in a search box. As soon as you typed
the first letter, the Search engine immediately began compiling a list
of applications, folders, and documents that began with that letter and
displayed them in a categorized list right on top of the Start Menu,
which instantly converted itself into the search results pane. As you
continued typing letters, the Search engine refined its list to match
the letters that you typed.
The search results pane also included a Search Internet feature that
appeared at the bottom of the results and was automatically preloaded
with the term you searched for (Figure A). If you clicked Search
Internet, Windows Vista would pass the search job on to MSN Search,
which would immediately conduct a search and present the results in an
Internet Explorer window.
Among the new Search features in Windows Vista was the ability to search
the internet as well as your system's files and folders.
Like its much maligned predecessor, Windows 7 also included a search
tool that was an integrated right into the Start Menu, and it worked
with similar alacrity. However, the Universal Search feature was buried
away in a secondary window. At the bottom of the search results pane
was a link titled See more results. When you clicked that link, a
Windows Explorer window appeared and showed all of the same results.
At the bottom of the window was a section titled "Search again in"
that included a link titled Internet (Figure B). When you clicked that
link, Internet Explorer would launch and display the results from the
default search engine.
Windows 7's Universal Search feature was a bit harder to find.
As you may know, Windows 8 has a great Universal Search feature.
However, since the Search feature was sort of buried in the operating
system's convoluted user interface, it really didn't get the attention
that it deserved. To access it, you either simply begin typing when
you're on the Start Screen, or you access the Charms bar and then click
the Search Charm. In Windows 8.1, a Search icon was added to the top
right of the Start Screen. In any case, as soon as you start to type,
the search results pane begins displaying results from your computer
(files, folders, and programs) as well as results from the internet.
While the Search feature was difficult to access in Windows 8, the
Universal Search results were readily apparent.
When you click a result from the internet, the results pane transforms
into a great looking modern UI Results screen powered by Bing,
which
presents a multitude of results accompanied with detailed synopsis that
you can read through to find what you're looking for (Figure D). When you
click on one of the items on this screen, Internet Explorer launches and
takes you to that site.
The main Results screen in Windows 8 provides a beautiful and easy-to-use
display.
In Windows 10, with the return of the Start Menu, you'll once again find
the search tool integrated right into the Start Menu. As soon as you
begin typing, the Search engine immediately begins compiling a list of
applications, folders, and documents. It also links to places on the
internet that contain the term and displays them on the Start Menu
results pane.
At this point in time, the initial Windows 10 search results pane is
pretty simple.
When you select a search term result from the internet, you'll see a
modern UI results screen powered by Bing.
At this point in time, the main results pane in Windows looks a lot like
Internet Explorer.
What's your take?
Like its recent predecessors, Windows 10 contains a Universal Search
feature that provides you with search results from both your computer and
the internet. Of course, Windows 10's Universal Search feature is still a
work in progress, but it shows promise. Have you taken advantage of the
Universal Search feature in previous versions of the Windows operating
system? Do you think that you'll use it in Windows 10? Share your opinion
in the discussion thread below.
HP Will Release A Revolutionary New Operating System in 2015
Hewlett-Packard will take a big step toward shaking up its own troubled
business and the entire computing industry next year when it releases an
operating system for an exotic new computer.
The companys research division is working to create a computer HP calls
The Machine. It is meant to be the first of a new dynasty of computers
that are much more energy-efficient and powerful than current products.
HP aims to achieve its goals primarily by using a new kind of computer
memory instead of the two types that computers use today. The current
approach originated in the 1940s, and the need to shuttle data back and
forth between the two types of memory limits performance.
A model from the beginning of computing has been reflected in everything
since, and it is holding us back, says Kirk Bresniker, chief architect
for The Machine. The project is run inside HP Labs and accounts for
three-quarters of the 200-person research staff. CEO Meg Whitman has
expanded HPs research spending in support of the project, says
Bresniker, though he would not disclose the amount.
The Machine is designed to compete with the servers that run corporate
networks and the services of Internet companies such as Google and
Facebook. Bresniker says elements of its design could one day be adapted
for smaller devices, too.
HP must still make significant progress in both software and hardware to
make its new computer a reality. In particular, the company needs to
perfect a new form of computer memory based on an electronic component
called a memristor.
A working prototype of The Machine should be ready by 2016, says
Bresniker. However, he wants researchers and programmers to get familiar
with how it will work well before then. His team aims to complete an
operating system designed for The Machine, called Linux++, in June 2015.
Software that emulates the hardware design of The Machine and other
tools will be released so that programmers can test their code against
the new operating system. Linux++ is intended to ultimately be replaced
by an operating system designed from scratch for The Machine, which HP
calls Carbon.
Programmers experiments with Linux++ will help people understand the
project and aid HPs progress, says Bresniker. He hopes to gain more
clues about, for example, what types of software will benefit most from
the new approach.
The main difference between The Machine and conventional computers is that
HPs design will use a single kind of memory for both temporary and
long-term data storage. Existing computers store their operating systems,
programs, and files on either a hard disk drive or a flash drive. To run
a program or load a document, data must be retrieved from the hard drive
and loaded into a form of memory, called RAM, that is much faster but
cant store data very densely or keep hold of it when the power is turned
off.
HP plans to use a single kind of memoryin the form of memristorsfor both
long- and short-term data storage in The Machine. Not having to move data
back and forth should deliver major power and time savings. Memristor
memory also can retain data when powered off, should be faster than RAM,
and promises to store more data than comparably sized hard drives today.
The Machines design includes other novel features such as optical fiber
instead of copper wiring for moving data around. HPs simulations suggest
that a server built to The Machines blueprint could be six times more
powerful than an equivalent conventional design, while using just 1.25
percent of the energy and being around 10 percent the size.
HPs ideas are likely being closely watched by companies such as Google
that rely on large numbers of computer servers and are eager for
improvements in energy efficiency and computing power, says Umakishore
Ramachandran, a professor at Georgia Tech. That said, a radical new
design like that of The Machine will require new approaches to writing
software, says Ramachandran.
There are other prospects for reinvention besides HPs technology.
Companies such as Google and Facebook have shown themselves to be
capable of refining server designs. And other new forms of memory, all
with the potential to make large-scale cloud services more efficient,
are being tested by researchers and nearing commercialization.
Right now its not clear what technology is going to become useful in a
big way, says Steven Swanson, an associate professor at the University
of California, San Diego, who researches large-scale computer systems.
HP may also face skepticism because it has fallen behind its own
timetable for getting memristor memory to market. When the company began
working to commercialize the components, together with semiconductor
manufacturer Hynix, in 2010, the first products were predicted for 2013.
Today, Bresniker says the first working chips wont be sent to HP
partners until 2016 at the earliest.
Dashlanes Password Manager Is Ultra-Convenient and Incredibly Smart
Despite seemingly constant security breaches on the Internet, people
continue to use dumb passwords. Even one of the FBIs most wanted hackers
used his cats name (Chewy) to secure his accounts.
We use terrible passwords because theyre otherwise hard to remember, and
despite all the warnings and advice we hear, changing them is absurdly
tedious. But a potential fix has arrived in the form of an updated
password manager from the cybersecurity company Dashlane.
The desktop app, announced last week, can automatically organize and
analyze your passwords across multiple services. It can also instantly
change every single one of your passwords to secure and unique ones,
without your having to visit a single site.
Though theres currently a bit of a wait list to access the tool,
eventually anyone who wants in will be able to install the free
software.
And once you see some of its best features I tried out below, youll
definitely want to.
When you log in to the Dashlane desktop app, itll ask for access to your
browser and then automatically recognize the passwords youve already
saved in your browsers password locker.
After waiting for a few moments, and granting the Dashlane app access to
certain accounts, theyll appear before your eyes, like magic.
Analyze the quality of your passwords?After the system has your account
information, you can navigate the apps sidebar to complete different
tasks. Click on the Security Dashboard, and it automatically runs an
analysis on your passwords and then gives you a score out of 100
percent, as shown below:
It identifies what your specific problems are whether its weak
passwords, compromised passwords, or reused passwords and then creates
pathways for you to solve them. For instance, in the few passwords it
collected from my accounts, it found that I repeat them often. So I was
able to open up a list of the suspect security codes and change them.
Which leads us to what is, quite possibly, Dashlanes best feature
Dashlane advertises that its Password Manager can change all your
accounts security codes with just one click. In theory, this
is possible. But in practice its a little bit more complicated than
that.
You can identify which accounts you want to change your password for
manually, by selecting the Password section on the apps sidebar, or via
a nifty tool like the one I mentioned above. Itll show you a list, and
you can check a box to the right of each account you want to alter, like
so:
Once you click the green Change passwords button in the upper-right
corner of the screen, Dashlane will begin connecting with each separate
website to do the deed. This is where it gets messier than Dashlane
advertises.
Dashlane will connect to each website separately, assuming your account
is still active and whatever login info you had saved in your browser
is up to date. In some cases, you may need to answer security questions
you created on an individual website (Whats your mothers maiden
name?) to get Dashlane into a site. Those queries pop up in separate
boxes and add some lag to the process.
When its all done, each account will be assigned a new ultra-secure
password: long strings of letters and numbers that you will never have
to remember. All of these are securely encrypted locally on your
computer. The only thing you need to remember to access them is your
Dashlane accounts master password (which is securely verified with a
code sent to your email, every time you log in).
Eventually, Dashlane will let you tailor your account so that some
passwords just automatically change themselves at set intervals. (In
case you werent aware, changing your passwords often is the main way
you avoid getting hacked.)
After all this, you can download Dashlanes browser extension,
available for Safari, Firefox, and Chrome.
Once its installed and youve logged in, a small Dashlane symbol of
a jumping gazelle-like animal will appear in any username and password
box you come across online.
Click the symbol, and all your login options will appear. If you have
multiple logins for an account, Dashlane will show the varying
usernames.
Once you select an account, itll automatically log you in. In cases
where you have only one account, itll automatically enter the
information and begin logging you in once you arrive at the sign-in
page. (This setting is adjustable, in case you share your computer with
someone.)
The only catch?While the password manager is free on your desktop (where
Id guess most of us do our password changing), itll sync to your
mobile devices only if you sign up for a premium account, which costs
$40 a year. This is more expensive than Dashlanes competitors like
LastPass ($12 a year) and 1Password (a one-time $50 cost for Mac or
Windows clients but free on mobile). Compared with those two, however,
Dashlane is better designed and easier to use, and the auto-change
feature is likely to make passwords more secure for its users than
anything the competition offers right now.
=~=~=~=
Atari Online News, Etc. is a weekly publication covering the entire
Atari community. Reprint permission is granted, unless otherwise noted
at the beginning of any article, to Atari user groups and not for
profit publications only under the following terms: articles must
remain unedited and include the issue number and author at the top of
each article reprinted. Other reprints granted upon approval of
request. Send requests to: dpj@atarinews.org
No issue of Atari Online News, Etc. may be included on any commercial
media, nor uploaded or transmitted to any commercial online service or
internet site, in whole or in part, by any agent or means, without
the expressed consent or permission from the Publisher or Editor of
Atari Online News, Etc.
Opinions presented herein are those of the individual authors and do
not necessarily reflect those of the staff, or of the publishers. All
material herein is believed to be accurate at the time of publishing.
