Articles about Framework

NHS injects tender for PC and peripherals kit with £500m

The UK's NHS has a £500m budget to burn on PCs, printers and monitors in the latest mega framework tender to be dangled in front of ravenous tech suppliers. A ten lot agreement including desktops, lappies, tabs, peripherals, and warranties has been issued by the NHS Shared Business Services - the joint venture between DfH and …
Paul Kunert, 25 Aug 2016
Man in tie smashes printer with baseball bat in a field.

Error: Print job 'Money' failed for laserjet001.lan.hp.com

HP Inc says it will move forward with its plans to cut costs and refocus its business as it posted better than expected quarterly numbers. For the three months to July 31, Q3 of its 2016 fiscal year, the printers and PCs half of the HP split reported: Revenues of $11.9bn were down four per cent on the year-ago total of $12. …
Shaun Nichols, 25 Aug 2016
Handsome man has fuchsia-painted skin. Photo by Shutterstock

Google Fuchsia OS eyes non-Linux things

Google’s latest operating system project, Fuchsia, may be largely a mystery, but it reinforces a truth that platform vendors are having, grudgingly, to acknowledge: one operating system does not fit all. For a company which has put so much effort into making Android an OS for all purposes, Google has a remarkable number of …
Wireless Watch, 24 Aug 2016

Major update drops for popular Pwntools penetration showbag

The third version of the Pwntools exploit showbag has been released, sporting new Android p0wnage functions and a host of additional modules. The Python development library is the brainchild of the Gallopsled CTF team, which wrote the toolset to help fellow security types build faster exploits for penetration testing and …
Darren Pauli, 24 Aug 2016
VMware nutella

VMware reveals vulns

VMware has revealed “important” flaws in VMware Identity Manager and vRealize Automation. Both products “contain a vulnerability that may allow for a local privilege escalation. Exploitation of this issue may lead to an attacker with access to a low-privileged account to escalate their privileges to that of root.” vRealize …
Simon Sharwood, 24 Aug 2016
Cell tower, view from below. Image by Shutterstock.com

LTE-U’s window is closing and bigger 5G disputes may be coming

One of the presumed outcomes of the 5G process is full convergence of licensed and unlicensed spectrum, with one or more air interface standards which can span both, using frequencies entirely flexibly according to requirement. This is a very long way off, if the current quarrels over extending LTE into licence-exempt bands are …
Wireless Watch, 22 Aug 2016
darpa cyber grand challenge

Mechanical Phish auto-exploit auto-patch kit lands on GitHub

One of the top-three in DARPA's recent cyber-challenge, Mechanical Phish, has been open sourced at GitHub. The Cyber Grand Challenge posed a hellish problem indeed: write software that could expose bugs (a la Metasploit) and patch them, without human intervention. In that competition, team (led by UC Santa Barbara's Giovanni …
Robot AI Woman

Chip giants pelt embedded AI platforms with wads of cash

Analysis Artificial intelligence and machine learning engines are underpinning many emerging applications and services, from making sense of big data for enterprises, to supporting hyper-personalized consumer content, or virtual reality gaming. The current challenge is to move AI from the supercomputer to the mobile device, supporting …
Wireless Watch, 17 Aug 2016
Platform for Network Data Analytics logo

Linux Foundation becomes a PNDA-hugger

The Linux Foundation has added the Platform for Network Data Analytics – aka PNDA – to its stable of officially supported projects. PNDA aggregates data from multiple sources on a network, be they-real time performance indicators or static sources like logs, then works with Apache Spark to do the usual Big Data thing of …
Simon Sharwood, 17 Aug 2016
Bitcoin

Euro regulator calls for delay to virtual currency exchange anti-money laundering regime

EU law makers should step back from plans to subject virtual currency exchanges and digital wallet providers to anti-money laundering (AML) regulations from the beginning of next year, the European Banking Authority (EBA) has said. The regulator said that more time is needed to implement a legal framework across EU countries …
OUT-LAW.COM, 16 Aug 2016

Forensics tool nabs data from Signal, Telegram, WhatsApp

USENIX VID University researchers have developed a new method to help forensic investigators extract data information from memory. The tool, dubbed Retroscope, recovered data from up to the previous 11 screens displayed from up to 15 apps, with an average of five screens pulled from each. Apps included Signal, Skype, WeChat, Gmail, …
Darren Pauli, 15 Aug 2016
Assange

Julian AssangeTM to meet investigators in London

Couch-surfing sex crimes suspect Julian Assange will soon meet with Swedish authorities. In case you came in late, Assange has spent most of the last four years in the Ecuadorian embassy in London. He's there because Sweden wants a word over an investigation into possible sex crimes, but Assange fears if he sets foot in Sweden …
Simon Sharwood, 11 Aug 2016
Woman looks out of office door at unseen thing/person in hallway. Photo by Shutterstock

Reactive? Serverless? Put to bed? What's next for Java. Speak up, Oracle

The future of Java Enterprise Edition is on many developers' minds. After the community came to the conclusion that the platform’s progress has come to a standstill, a plethora of initiatives has arisen with the goal of encouraging Oracle to pick up the work on Java EE 8 again. It's time to take inventory. The bone of …
Markus Eisele, 10 Aug 2016
cloud

Boffins tweak StreaMon for the NFV era

Network function virtualisation (NFV) is important to telcos and big data centres, who use it to toss dedicated appliances like firewalls in favour of virtual machines that can spin up and down on demand. Monitoring, however, is a pain, because functions – and the traffic associated with them – can spin up and down in seconds …

Privacy warriors drag GCHQ into Euro human rights court over blanket spying, hacking

Having failed in its bid to block GCHQ's hacking activities at the UK's Investigatory Powers Tribunal, advocacy group Privacy International says it will now take its fight with the UK government to the European Court of Human Rights. Joined by five other groups from around the globe, Privacy International says it will be …
Shaun Nichols, 06 Aug 2016
money_987_648

Microsoft extends bug bounty to cover Edge remote code exec

Microsoft has opened a remote code execution bug bounty for preview versions of its Microsoft Edge browser. The Internet Explorer killer and hopeful challenger to Firefox and Safari -- Chrome dominates the browser space -- was released in March last year. Microsoft will pay between $500 and $1,500 for remote code execution …
Darren Pauli, 05 Aug 2016
Microsoft.net logos

.NET Framework updated

Microsoft has updated the .NET Framework to - drumroll please – version 4.6.2. Redmond says the notable changes include a handful of improvements to encryption, the beginnings of a better debugging experience for null references in the common language runtime and support for soft keyboards. There's a list of important changes …
Simon Sharwood, 04 Aug 2016
Image by Maksim Kabakouhttp://www.shutterstock.com/pic-362745248/stock-photo-privacy-concept-broken-shield-on-wall-background.html

Hackers brew Intel chip defence kit to neuter budding exploits

Black Hat EndGame vulnerability researchers Cody Pierce, Matt Spisak, and Kenneth Fitch have created a defence framework to protect against deeper modern attacks. The security trio with roots in the HP Zero Day Initiative, the National Security Agency, and the Department of Defence, have extended a hardware defense tool already in use …
Darren Pauli, 02 Aug 2016

Australian spooks' email guide banishes MS Word macros, JavaScript

The Australian Signals Directorate (ASD), the sigint outfit renowned for its “don't be stupid” guide to infosec, has published its latest guidelines for e-mail admins. E-mail being what it is, its Malicious Email Mitigation Strategies carries a fair amount of detail, but the basics are easy: treat attachments like live …
Android patch

Android's latest patches once again remind us: It's Nexus or bust if you want decent security

Another month means another double bundle of security vulnerability patches for Android. Google is sticking to the twin-release pattern it used last month: the first batch addresses flaws in Android's system-level software that everyone should install, and the second squashes bugs in hardware drivers and kernel-level code that …
Iain Thomson, 02 Aug 2016
Robot as person illustration via Shutterstock

The dev-astating truth: What's left to develop? Send in the machines

Historian Francis Fukuyama in 1992 reckoned with the fall of the Iron Curtain and the replacement of Communist systems behind it with liberal democracies, we had reached the end of history. Can we say the same about software development? Has the arrival of the age of Agile meant that we can now talk about a similar full-stop? …
Maxwell Cooter, 01 Aug 2016

SentinelOne's $1m ransomware guarantee dismissed as PR stunt

A “ransomware guarantee” from security outfit SentinelOne has been dismissed by critics as a marketing stunt. Ransomware is currently the biggest scourge of internet security, affecting corporates and consumers alike. So self-styled next generation endpoint security firm SentinelOne unsurprisingly created waves with a pledge …
John Leyden, 29 Jul 2016
container_ship_hamburg_shutterstock_648

Mesos 1.0 is a Docker rocker

The battle between the Mesos and Kubernetes tools for managing applications on modern clusters continues to heat up, with the former reaching its milestone 1.0 with a “universal containerizer” feature that supports native Docker container formats and a shiny new API stack that is a lot more friendly and flexible than the manner …

European privacy body slams shut backdoors everywhere

Europe's privacy body has reiterated its pro-privacy, anti-backdoor stance. The European Data Protection Supervisor (EDPS) Giovanni Buttarelli has long expressed the view that “privacy versus security” is a false dichotomy. In 2015, he told a conference in Brussels that “the objective of cyber-security may be misused to …
Pic: Shutterstock

Boffins snoop on snooping Tor nodes

A pair of researchers from Northwestern University are working on a framework to let users identify misbehaving Tor nodes. In a brief paper presented to last week's Privacy Enhancing Technologies symposium in Germany, they suggest their proof-of-concept worked, turning up 110 snooping relays on Tor. Northwestern University's …

UK's digital strategy must account for Brexit, say MPs

The UK government must explain how its long-awaited new digital strategy will be impacted by the country's decision to leave the EU, a committee of MPs has said. The Business, Innovation and Skills (BIS) Committee in the UK parliament made the call in a new report on the digital economy in which it also said there is a need to …
OUT-LAW.COM, 21 Jul 2016
Banned

WhatsApp gets another Brazilian whack as magistrate blocks it again

Update The standoff between Brazil's legal system and Facebook's WhatsApp messaging platform continues, after a Rio de Janeiro judge ordered all carriers to block the app as of next Tuesday. WhatsApp claims 100 million users in the country. While judge Daniela Barbosa has declined to publish her reasons in full, she says the order …

Governments Googling Google about you more than ever says Google

Google has published its latest “Transparency Report”, the disclosure in which it reveals how many times governments asked it to cough data on users. And this time around there's mixed news. In the “yikes!” column is the fact that governments asked Google for data 40,677 times between July 1 and December 31 of 2015, and asked …
Simon Sharwood, 19 Jul 2016
shutterstock_236128771

FCC approves 5G auction

The Federal Communications Commission (FCC) has unanimously approved the auction of a large block of its airwaves to be used by next-generation 5G networks. The regulator's decision will make the United States the first nation to allocate a large chunk of high frequencies to the coming technology. Those frequencies were …
Kieren McCarthy, 14 Jul 2016
Gunther Oettinger, EU digital commissioner. Photo by Shutterstock - must mark as editorial use only

EU operators’ 5G manifesto misses the point

Never before have events coincided so neatly to demonstrate the gap between mobile operators’ thinking about 5G, and how future networks will really be deployed for disruptive effect. While Europe’s leading MNOs were presenting a backwards-looking "5G Manifesto" to the European Commission, veiling pleas for net neutrality …
Wireless Watch, 13 Jul 2016

Pimp your ride with new Linux for cars and an rPi under the hood

The Automotive Grade Linux (AGL) project is about to unleash the second version of its unified code base - snappily called UCB 2.0 - with expanded hardware support. For the participating car-makers and hardware vendors it's a big deal. Features landing in the latest distribution include support for a rear seat display with …
Cthulu emerges from a printer. Image created by illustrator Andy Davies. Copyright: The Register

Webpages, Word files, print servers menacing Windows PCs – yup, it's Patch Tuesday

Microsoft will fix critical holes in Internet Explorer, Edge, Office and Windows with this month's Patch Tuesday security bundle. Meanwhile, Adobe has patched dozens of exploitable vulnerabilities in its Flash player. Redmond's July release includes 11 sets of patches, six rated as "critical" and five classified as "important …
Shaun Nichols, 12 Jul 2016
Man in helmet looks uncertain, holds up shield. Photo by Shutterstock

European Commission straps on Privacy Shield

The European Commission has this morning adopted the EU-US Privacy Shield agreement, which will enter into force as soon as all member states are notified of the adequacy decision (PDF). Privacy Shield, which has been adopted after months of negotiations, is an agreement between the EU and the US which ostensibly ensures that …

DevOps: The spotty faced yoof waiting to blossom

DevOps is a concept that we've all started coming across more and more in the last few months. Critically it's taken a bit of a leap just lately because people have started to: (a) define it formally and (b) actually agree to a decent extent on what the definition is. So, for what its worth, Wikipedia talks of DevOps as: “A …
Dave Cartwright, 07 Jul 2016
Qualcomm Snapdragon 820

Huge double boxset of Android patches lands after Qualcomm disk encryption blown open

Google has released two bundles of Android security patches this month: a smaller one to handle bugs in the operating system, and a larger package that tackles a raft of driver-level issues, particularly with Qualcomm's hardware. The first tranche of patches includes eight critical, 11 high severity, and nine fixes that are …
Iain Thomson, 06 Jul 2016
OSNEXUS_QuantaStor_license_manager_screen

OSNEXUS: Storage upstart that funded itself before gaining angel wings

Take one ambitious Citrix engineering director who wanted to start his own storage company, sprinkle in $2m of angel funding and seven years later you find a IBM SoftLayer-blessed 20-person startup competing with DataCore. Nexenta and $100m+ funding, and other VC-backed software-defined storage vendors. How did that happen? …
Chris Mellor, 06 Jul 2016
Partnership

Microsoft boutiques club together for E5 licensing assault

A handful of Microsoft boutiques are linking arms in a bid to win E5 licensing deals against the bulky resellers and global integrators. E5, sold on a subscription, covers Azure, Enterprise Mobility Suite, Exchange, Office 365 and Office Delve, One Drive, Power BI, Project, SharePoint, Skype for Business, SQL Server and Yammer …
Paul Kunert, 06 Jul 2016

EU uncorks €1.8bn in cybersecurity investment. Thirsty, UK?

The EU Commission has launched a public-private partnership on cybersecurity that is expected to trigger €1.8bn ($2bn) of investment by 2020. The EU is promising to invest €450m ($502m) in a bid to spur innovation in cybersecurity with the remainder coming from the private sector. Some security commentators reckon the Brexit …
John Leyden, 05 Jul 2016

Cracking Android's full-disk encryption is easy on millions of phones – with a little patience

Android's full-disk encryption on millions of devices can be cracked by brute-force much more easily than expected – and there's working code to prove it. Essentially, if someone seizes your Qualcomm Snapdragon-powered phone, they can potentially decrypt its file system's contents with a friendly Python script without knowing …
Iain Thomson, 01 Jul 2016

Apache, Debian crews patch library with DoS vuln

A file upload library used in Apache Tomcat and various Linux distributions needs patching to plug a denial-of-service vulnerability. Discovered by the TERASOLUNA Framework Development Team, the bug in libcommons-fileupload-java, which sits under Apache Commons FileUpload, has the Common Vulnerabilities and Exposures …
Image: Lessimol http://www.shutterstock.com/gallery-1612118p1.html

Hopeless Vic agencies have two years to hit infosec best practice

Government agencies in the Australian state of Victoria will have two years to move from near ground zero to stand up fully-fledged and updated information security, risk, and governance policies. The requirements are a big ask for agencies in the southern state, previously described as in information security turmoil after …
Darren Pauli, 30 Jun 2016
A freight train travels through the Bow Valley - Banff National Park, Alberta, Canada.  Photo by Brian Lasenby via Shutterstock

The problem with Canada? The price of broadband is too damn high

Opinion Openmedia, a digital rights advocacy group, has quickly become one of Canada's leading civil liberties organizations. Established in 2008 by Steve Anderson, Openmedia has run a series of successful campaigns which have made it the bane of Canada's telecoms oligopoly. Past campaigns have focused on everything from net …
Trevor Pott, 29 Jun 2016
Microsoft's Scott Hanselman demonstrates .NET Core at Red Hat's DevNation event

Microsoft releases cross-platform .NET Core 1.0 at Linux event

Microsoft has announced the release of .NET Core 1.0 and ASP.NET Core 1.0, the open source, cross-platform fork of the .NET Framework, letting people know at the Red Hat DevNation summit in San Francisco. "This makes Red Hat the only commercial Linux distribution to feature full, enterprise-grade support for .NET," said Red …
Tim Anderson, 28 Jun 2016
data

Brexit and data protection: A period of shock and reflection

BREXIT What price the UK's secession from the European Union? “It's far too soon to tell,” has been the sober and much-repeated line of legal and privacy professionals following the United Kingdom's referendum which voiced public opinion to leave the European Union. Speaking to The Register this morning Andrew Joint, commercial …
MagMac83 http://www.shutterstock.com/gallery-2897194p1.html

Swagger staggered as hacker drops dapper code execution cracker

An unpatched remote code execution hole has been publicly disclosed in the popular Swagger API framework, putting users at risk. The client and server hole (CVE-2016-5641) exists in code generators within the REST programming tool, also know as the OpenAPI Specification. A module for the popular Metasploit hacking suite has …
Darren Pauli, 24 Jun 2016
Cloudy sky

Wanted: New cloudy head for UK.gov. 37 hour week, £90k salary

The UK government is hiring a Digital Marketplace director who will pocket £90,000 a year with a budget of £3.9m to lead a team of 38 digi procurement bods. The Digital Marketplace is intended to be provide an online portal for various digital government procurement departments to buy new code. The director will also be …
Kat Hall, 22 Jun 2016

Stuxnet was the opening shot of decades of non-stop cyber warfare

The famous Stuxnet attack against Iran is credited by some as forestalling the alternative: a bombing raid by Israel against Iran’s nuclear facility. The use of such cyber-weapons in the future, however, may mean more countries end up in low-level conflicts more or less continuously. Military strategists are still grappling …
John Leyden, 22 Jun 2016

Docker taps unikernel brains to emit OS X, Windows public betas

DockerCon Docker will kick off its DockerCon 2016 conference in Seattle this morning with a bunch of announcements: its OS X and Windows Docker clients will be made publicly available as beta software for anyone to try out; out-of-the-box orchestration is coming to Docker 1.12; and integration with Amazon's AWS and Microsoft's Azure is in …
Chris Williams, 20 Jun 2016
Punnets, photo by Graze

When DIY is not enough: Web-snack firm Graze has an offline awakening

“Graze is doing the reverse of most companies,” co-founder and chief technology officer Edd Read tells me. “We started online and we are going offline. We started with bespoke home-made technology and we are beginning to adopt the opposite.” Started in 2008, Graze has done everything considered “normal” in today’s startup …
Gavin Clarke, 16 Jun 2016
whitehall_648

Early supplier on UK.gov's G-Cloud slams 'dying' framework

G-Cloud pioneer and small hosting biz Memset has slammed the framework as failing in its original vision to "punch through archaic government procurement requirements" with an online “App Store”. Founder of Memset Kate Craig-Wood got involved in the project in 2009 as technical architecture co-lead prior to the framework being …
Kat Hall, 15 Jun 2016