Glassholes, snapt**ts, #blabbergasms, selfies and PRISM: The Reg's review of 2013

12 months in 26 characters

3 Big data security analytics techniques

Big Brother's watching

P is for PRISM: Ever feel like you’re being watched? You should be, because you are if former WikiLeaks deep throat Edward Snowden is to be believed. Snowden, formerly a contracted CIA technician, outed himself in June and was granted asylum in Russia. In coming out, he released documents to The Guardian, Washington Post and others. The docs, among other things, pointed to the existence of mass US data slurping programme called PRISM that started life in September 2007.

He claimed PRISM was operated with the help of all the major service providers and technology companies, and with the NSA tapping into the central servers of nine leading US telcos in order to extract audio and video, photographs, emails, documents and connection logs to "track foreign targets". Some companies had received financial reimbursement for helping, while others had declined. The revelation blind-sided companies who either denied they were working with the NSA or said they were only granting access to data using proper legal channels.


The NSA - nothing more unobtrusive or sinister than a big black HQ building

Squinting after being thrust into the spotlight, the normally invisible NSA was moved to try and downplay its activities, publishing a report it claimed proved it was watching a mere 1.6 per cent of the traffic on the internet. But it got worse as it turned out it wasn't just 'net minions in the US getting snooped but foreign citizens and their leaders were being observed too.

Further leaked documents claimed the NSA and GCHQ tapped Yahoo! and Google data center interconnects. Embarrassed and hurting, the tech companies tried to regain the initiative with Apple, Google, Facebook, Microsoft and others writing a letter to the NSA and US President Obama calling for greater transparency in their requests for data.

But the spies were always a step ahead: in November, Microsoft was scrambling to encrypt the interlinks between its data centres after further leaked documents said the company’s Hotmail, Windows Live Messenger and Passport services had been scanned using especially developed software.

In December, it was NSA spooks who were going native in World of Warcraft and Second Life to conduct surveillance on millions of gamers across the globe and using "harmless" Google cookies to spot targets.

This after the web hit meltdown when it was claimed the NSA and GCHQ had "circumvented or cracked much of the encryption or digital scrambling” used to protect data like emails and internet chats. This was abbreviated to say the spooks had cracked web encryption.

It’s unknown what more will come courtesy of Snowden next year, but one thing is clear: the internet is not the Wild West it was in the 1990s. As its uses have grown and matured, so has the sophistication of those who monitor society. The spooks that once tapped analogue phone lines and radio signals from “the enemy” have updated their game and gone web scale.

Q is for Quiver: normally it doesn’t take prisoners and stands firm against the world while its investors generally trail meekly behind. Not so in 2013 as both Oracle and its investors shook in the face of uncertainty. Oracle missed Wall Street expectations for three successive quarters in a row, with sales of new software licences slowing to zero growth down and sales of Larry Ellison’s prestige server business dropping 14 per cent during one particularly juicy quarter.

By the end of 2013 was getting market down by analysts concerned by growing competitive pressure from the cloud while investors fell CEO Larry Ellison wasn't worth his remuneration and in a symbolic vote rejected annual package of nearly $80m.

Larry Ellison

Leave my package alone

Radical steps were needed and Oracle started partnering with the freshman kids he generally picks on and roughs up during his frat-boy earnings calls with Wall Street - NetSuite, Salesforce and Microsoft on cloud.

NetSuite would integrate Oracle’s HCM and ERP cloud services to target mid-sized companies; Salesforce was to standardise on Oracle’s Linux and Exadata systems; and Oracle was to integrate Salesforce with its HCM and Financial Cloud, with Oracle implementing Oracle’s Fusion HCM and Financial cloud apps internally under a nine-year agreement. Oracle’s middleware and database would run on Microsoft’s rival virtualization stack on Windows Server and Azure with full support from Oracle.

Oracle hired loads of salespeople to shift cloudy versions of its software. By December, Oracle announced a quarter that beat Wall Street projections, but it was a hollow victory: new software sales flat, hardware sales down and a business overwhelmingly married to existing customers buying upgrades and support for existing versions of their Oracle kit.

R is for Rightsizing: Apple has been seemingly unstoppable with the iPhone and then iPad earning billions and forcing others big and small to follow its lead. Since the passing of Steve Jobs, though, we’ve been waiting for the “next big thing.” Aggressive competition from Android and a lack of a “next-big thing” seemed to rob Apple of its mojo, and 2013 took the wind from Apple’s sails. In April 2012 Wall St reckoned Apple shares would hit $1,000 within the year, thanks to better than expected iPhone sales. But by April this year the company’s stock price had fallen to a low point of $400 and people were starting to talk in terms of writing Apple off. The best hope was a smartwatch (See A is for Accessorise). From the market leader in smartphones and tablets, Apple had been kicked into a solid second position by Android with even Microsoft’s Windows Phone growing faster than iOS on phones.

Price competition was a killer on smartphones and Apple finally responded with the iPhone 5S and 5C while it hit back against Android with two new iPads – the Air and Mini with Retina display. It’s unclear whether these will stop the rot but Apple did manage to signed a deal with China Telecom that will pump iPhones into the world’s largest carrier market. By December Apple was growing once more - on $570, a year high.

SANS - Survey on application security programs

Next page: Value for money

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Kingston DataTraveler MicroDuo: Turn your phone into a 72GB beast
USB-usiness in the front, micro-USB party in the back
Dropbox defends fantastically badly timed Condoleezza Rice appointment
'Nothing is going to change with Dr. Rice's appointment,' file sharer promises
BOFH: Oh DO tell us what you think. *CLICK*
$%%&amp Oh dear, we've been cut *CLICK* Well hello *CLICK* You're breaking up...
Just what could be inside Dropbox's new 'Home For Life'?
Biz apps, messaging, photos, email, more storage – sorry, did you think there would be cake?
IT bods: How long does it take YOU to train up on new tech?
I'll leave my arrays to do the hard work, if you don't mind
Amazon reveals its Google-killing 'R3' server instances
A mega-memory instance that never forgets
Cisco reps flog Whiptail's Invicta arrays against EMC and Pure
Storage reseller report reveals who's selling what
prev story


Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.