Archive for April, 2010

InterOp Speakers: Time to Rethink Corporate Networks

Corporate networks need to be completely transformed, according to the keynote speakers this morning at the annual InterOp conference in Las Vegas. Executives from HP, Avaya, and Cisco all emphasized a need for companies to rethink and change their networks. Of course, they have some selfish interests: All the companies would like to see their new equipment and services replace that of their competitors. But they also have a point. Corporate networks have been built up piecemeal over many years and are now very complex, and probably ripe for simplification and consolidation.

Randy Mott, Hewlett-Packard’s CTO, said he thought the big theme of this decade in networks would be transforming the infrastructure away from 50 years. He talked about how HP moved from 85 data centers in 29 countries in 2006 to 6 data centers in 3 locations today, along the way cutting the number of servers by 40 percent while increasing processing power 250 percent. He talked about this experience has led HP to understand how other companies can change their networks, and discussed the importance of an open architecture, standards-based network.

Marius Hass, Senior VP and GM of HP’s network business talked about the need to simplify and converge the infrastructure, noting that the average company today spends 70 percent of its IT budget on maintenance, rather than on new applications. He said a combination of simplification and virtualization can help reduce the cost of management, leaving more for more important applications. And he talked about how HP could provide the whole data center solution these days, following its acquisitions of networking provider 3Com (which just closed) and security provider Tipping Point.

Avaya President and CEO Kevin Kennedy also agreed that a “new type of network” is required, and he pushed for a “converged all-IP network” and talked about Avaya’s December acquisition of Nortel enterprise solutions. His big example was the Winter Olympics in Vancouver, and how it had the bandwidth requirements of 3 Super Bowl Sundays every day for 17 days, and needs 20 times the bandwidth of the previous Summer Olympics, even though the winter event is typically 40 percent smaller.

Kennedy pushed ‘Real-Time Communications’ as the core requirement of emerging networks, and said older networks simply weren’t ‘good enough’ for the kinds of demands that are coming today, and emphasized SIP as a protocol for consolidating existing technologies and protocols in a unified communications network.

Brett Galloway, Senior VP of Cisco’s Wireless, Security and Routing Technology Group talked about ‘Borderless Networks.’ He noted that when he first started attending InterOp conferences it was all about making sure products could work together. Now we take that for granted, so it’s time to ‘rethink how we architect our networks.’

He talked about how immersive video experiences, mobility and security were driving the need to these new networks as “work isn’t a place; it’s a thing you do” wherever you are. In terms of new products, he announced Cisco’s “CleanAir Technology” which is designed to manage wireless networks to identify and reduce RF interference. He showed all the kinds of products that can interfere with wireless performance, from Bluetooth headsets to cameras, microwave ovens, and RF jammers.

(No Ratings Yet)

 Loading ...

AMD Pushes Affordability With Six-Core Desktop Chip

It’s not really a surprise, but AMD today announced its entry into the six-core desktop chip market, with its Phenom II X6 chip, which had been code-named Thuban. This chip, manufactured on Global Foundries’ 45nm process (which is used in the current quad-core Phenom IIs as well) is similar to AMD’s six-core Operton server chips, but designed for the desktop environment.

In some respects, AMD’s entry is similar to Intel’s Core i7-980X Extreme processor, known as Gulftown, which was introduced last month. But in other ways, it points out the different approach AMD is taking to the market. While Intel is emphasizing peak performance and “hyperthreading” (allowing two threads to run on each core), AMD is emphasizing its overall chip platform, including discrete graphics, as well as affordability.

The Phenom II X6 is meant to be paired with AMD’s 890FX chip set, which adds native support for 6 Gb/second SATA drives, and AMD’s ATI Radeon HD 5800 series discrete graphics boards. The chip set supports AMD’s Overdrive utility for overclocking, as well as ‘Black Edition’ certified high-speed memory. The graphics boards, which are coming out in more flavors, support Direct X 11 and ATI’s Eyefinity technology, which lets them work with up to six monitors. And AMD says all the initial motherboards will support USB 3.0 through an external NEC controller. But the new procesors don’t require the new chipset; they were designed to also work in existing AM2+ and AM3 sockets with a software upgrade, and in the existing 125W TDP power envelope.

The new chip is AMD’s first to support what it calls ‘Turbo Core,’ which lets up to three cores run faster while the other three run in a lower power state, to better support applications that don’t need all of the cores. This is similar in intent to Intel’s ‘Turbo Boost’ technology, though AMD’s method isn’t quite as flexible. Still, the company says it should allow the 3.2GHz model 1090T to be run at up to 3.6 GHz.

While the products do not support symmetric multithreading, AMD executives have stressed that more cores are always better than more threads, saying additional threads typically provide an extra 20% performance uplift in applications that can use them, while extra cores typically provide an extra 80% improvement. So AMD will be emphasizing relative affordability, saying the initial high-end chip, that 3.2 GHz version, will sell for under $289, much less than Intel’s current six-core offerings; indeed, these chips should be priced more competitively with Intel’s 4-core, 8-thread chips. I’ll be interested in seeing how it performs in comparison.

Update: Here are early reviews from ExtremeTech, Legit Reviews, Techware Labs, and Toms Hardware.

Intel’s 6-core Core i7-980X nearly always wins the benchmarks, but it’s notably more expensive. The 6-core AMD Phenom II X6 1090T seems to more than hold its own against the 4-core /8-theread Core i7-920, but the results vary greatly depending on the application.

(No Ratings Yet)

 Loading ...

Spiceworks Integrates Rackspace Cloud-Based Email Services

Today, Rackspace and Spiceworks have announced that they’ve entered a partnership that will enable SMBs to manage their cloud-based Rackspace e-mail hosting services through Spiceworks’ free social IT management application. This is designed to streamline the IT professionals’ workloads by allowing them to monitor and administrate Rackspace cloud email services within the Spiceworks IT dashboard instead of launching a separate portal.

With the partnership, Rackspace extends the functionality and reach of its hosted email services (including Rackspace Email, Microsoft Exchange, or a hybrid of both), through the use of Rackspace’s APIs. Spiceworks benefits by continuing to provide SMB IT professionals with free management capabilities for their on-premise, cloud-based, or hybrid IT infrastructure.

Besides monitoring e-mail, IT professionals will be able to manage domains and collaborate with Spicework’s social IT management application and community of 950,000 IT professionals.

(No Ratings Yet)

 Loading ...

Hands On: Microsoft Office 2010

With the release of Microsoft’s latest productivity suite, Office 2010, coming in less than a month (it will be available for download starting May 11th and in retail stores this June), the question you have to ask yourself is this: Is it worth upgrading from Office 2007? That depends on your small-business needs. If Office 2007 is working for you, then maybe you can live without the razzle dazzle of Office 2010. But if you want to take advantage of the of the upgrade’s stellar collaboration features, it’s a must have.

The new ribbon interface for all apps enhances usability, and all apps now sport excellent graphic tools, such as image editing and the ability to embed and edit videos in PowerPoint. For heavy-duty spreadsheet users, the 64-bit version allows you to use massive data sets in Excel.

If you haven’t made your decision yet, check out our hands-on review for a closer look at Microsoft Office 2010 at PCMag.com.

(No Ratings Yet)

 Loading ...

Why Was GMail China’s Target?

Mikko Hypponen of F-Secure is a fairly major rock star in the security business (think somewhere between Ziggy and Bob Marley). Yes, he’s a vendor, but you have to respect his insight and experience.

So I took it seriously when Mikko said he thinks that there’s an angle to the Aurora attacks of late last year that hasn’t gotten the attention it deserves: The nature of the attacks reinforces the idea that the attackers were primarily concerned with espionage against government opponents, and not the usual industrial espionage and simple criminality you typically find in the digital underground economy.

Consider the sort of people we’re talking about as victims here: Dissidents, free speech advocates, non-governmental organizations, and their attorneys. Knowing that they’re frequent targets of government spooks they like using webmail accounts, particularly GMail and Yahoo! Mail. Many will use Linux in order to avoid Windows malware which might reveal their personal information.

Note that there were many other companies attacked in the same attack campaign. But it’s not hard to conjure up reasoning why someone going after Chinese state enemies would attack many of those. Most of the companies have not been identified, but some have:

• Adobe—An important software company with broad market reach on Windows, Mac and Linux
• Yahoo!—As I mentioned, also an important provider of online services.
• Rackspace—One of the largest server farms in the business
• Gipson, Hoffman & Pancione—A law firm doing work for organizations of interest to the Chinese government
• Northrop Grumman, Dow Chemical and Juniper Networks—Military and other significant industry. Frequently target of such attacks.

So how do you spy on such people? You compromise their GMail credentials. Mikko is convinced that GMail was the main object of the attack, but remember that GMail is served by the same Gaia authentication system as the rest of Google’s services. If you get someone’s GMail account, you also have their Google Docs account, for example,

But back to e-mail: As SANS mentioned in today’s Tip of the Day, e-mail is more like a postcard than an envelope: It’s in plain text, so anyone snooping the network can see it too. So if you care, and you’re sophisticated about it, you can use a program like PGP to encrypt your e-mail. Used correctly, PGP is, to all practical purposes, uncrackable. But using PGP correctly can be a big pain, so people take shortcuts: they share secret keys, they don’t properly secure their secret keys or their whole keyring.

As Adi Shamir (the ‘S’ in RSA) said in his 2004 Turing Lecture, one of the 3 laws of security is that ‘Cryptography is typically bypassed, not penetrated.’ Thus it is with PGP: Nobody cracks it; instead they crack the system that it’s on and either keylog it or steal the keyring. The more people have a single secret key, the easier this is to do.

Mikko says that they have seen malware designed to steal a PGP keyring. I’m guessing it was designed for a targeted attack because very few people have the patience to use PGP and use it correctly.

If Google (and the other webmail providers) want to do something about this, they can find a way to make it easier to use PGP as part of GMail and its competitors. Right now it’s generally a very manual cutting and pasting affair.

Your take-away from all this is that you really can’t trust content on public e-mail systems unless you go to extraordinary, and inconvenient, measures to secure that content. And even people who think they’ve gone to such measures are just better-defended, not invulnerable. If you’re fighting the state you have to be willing to take some risks.

(No Ratings Yet)

 Loading ...

SONAR 3: A new level of behavioral security in Norton 2011

It’s been an exciting year since we shipped SONAR 2 in the Norton 2010 products. During this time, we have won the praise and accolades of users and reviewers alike. We even caught the attention of many malware authors who tested our protection and had a hard time trying to bypass it! We are happy to have offered such an exceptional level of protection to the Norton community and we are thrilled about the new and improved SONAR 3 engine shipping with NIS 2011.

(No Ratings Yet)

 Loading ...

Lessons of the McAfee False Positive Fiasco

I feel really sorry for the McAfee users who got burned by a really bad false positive detection they put out the other day. Many McAfee VirusScan Enterprise customers using Windows XP SP3 had their svchost.exe (a key Windows system binary which hosts Windows services in its process space) flagged as malicious. I was tempted to feel sorry for McAfee too; we all make mistakes and things must be bad there right about now. But it’s hard to feel sorry for them, given what’s turned up.

The most shocking revelation was uncovered by Ed Bott at ZDNet: McAfee has admitted to their customers that they followed shoddy quality assurance procedures in this matter. Specifically, the release was not tested on Windows XP SP3, the configuration on which it borked the system. It’s hard to think of a worse single configuration to leave out. Late last night McAfee confirmed the report.

This sort of thing has happened in the past, and the danger of it increases all the time. The nature of malware has forced AV vendors to push out ever more frequent definition updates, to the point where Symantec’s “pulse updates” come out every 5 to 15 minutes. The pressure to keep up with malware—not to mention the pressure to keep costs down—can lead vendors to scrimp on testing. This appears to be what McAfee did.

You might well ask what McAfee is doing scanning Windows system binaries anyway. I know I did. It turns out that they do whitelist these files as a general matter, but in this case things got complicated: Like most security products, McAfee’s scan memory for signs of infection. The malware (W32/Wecorl), the definition for which generated the false positive, is one which attempts to attack svchost.exe by inserting itself into the file and modifying the program to run it. It’s a classic file virus. McAfee scanned the file because the false positive occurred in a memory scan of the svchost.exe process; this caused it to flag the file.

Exactly what happened is better explained by McAfee in a FAQ they posted last night. 3 specific versions of svchost.exe under XP SP3 were affected, and McAfee provides the MD5 hashes. It seems Microsoft changes this file in updates without changing either the size or file version.

If you still need to remediate systems, McAfee has provided a FAQ for that too. McAfee also says they are adding new QA protocols to ensure this don’t happen again.

Analysts and other vendors are spouting off about this, and some of the talk is misleading or distasteful. Prevx CEO Mel Morris issued a statement mischaracterizing the malware involved in the false positive and insinuating that products such as theirs, which don’t rely on implementation-specific definitions, don’t have such problems. There is a lot to be said for Prevx’s approach, but to imply that they are immune from false positives due to programmer or testing error is just plain dishonest.

David Ulevitch of OpenDNS, not a McAfee competitor, argued that this incident shows the advantage of cloud-based solutions: ‘Fixing 1000 cloud-based scanners is a heck of lot easier than fixing millions of desktop end-points.’ McAfee, of course, uses some cloud-based scanning through their Artemis system, and one of the measures they plan to use in reaction to this incident is to create an expansive whitelist in Artemis. Personally, I don’t see a huge advantage for cloud-based systems here; whitelists are fairly static things. And removing the definition wasn’t the hard part of the remediation: That was getting a usable svchost.exe back on the system.

Sunbelt Software is offering a deal (6 months of free maintenance) to angry McAfee customers. Business is business I guess, Don’t assume that Sunbelt is immune from such problems, but then they don’t claim to be.

As I said above, this sort of problem is not unprecedented; if the false positive had been on sol.exe (Windows Solitaire) it would have been embarrassing, but a minor affair. This was a perfect storm of bad news for McAfee and their customers. But in this business you make a lot of your own weather, and McAfee’s inadequate testing is the culprit here.

(No Ratings Yet)

 Loading ...

Microsoft Office RTMs: Do We Take It For Granted?

Microsoft has announced that Office 2010 and the products that go with it (SharePoint, Visio, and Project) have been released to manufacturing and will be available to Volume License customers next week; to other corporate customers in May (with a formal launch May 12); and to the rest of us in June. I was actually a bit surprised by how little attention the announcement got, considering just how many of us use Microsoft Office.

It may be that we all take Microsoft Office pretty much for granted, because most of the time we use the same basic features over and over again and notice it only when something doesn’t work the way we expect it to. Office has long had very little competition in packaged software: Corel’s WordPerfect Office is still available at a good price, and OpenOffice, the open source alternative now sponsored by Oracle, is available for free. Both do a fine job with basic word processing and spreadsheets and offer pretty good compatibility with the Microsoft Office formats. So I do know personal users who are quite happy with OpenOffice.

But Microsoft Office has a deeper array of features, and it just does more. You can complain about some of the formatting features in Word or PowerPoint or about the quirks in Outlook, but you’ll certainly find more features than you will in the competitors. And while there are decent alternatives to those products, for most organizations, Microsoft Excel is really the indispensable product in the suite. Every significant financial department I know uses Excel–and that includes features like PivotTables and macros. There’s really no good alternative. That means in just about any office, you’ll have some people using some features that require Microsoft Office, and since organizations love to standardize, Office becomes the standard for almost everyone.

Microsoft Office has been behind in one really important feature, though: collaboration. That’s been where Google Docs and other Internet-based productivity suites (such as those from Zoho and Glide) have had a big advantage. Microsoft has added collaboration features to Office 2010, but I’m not ready to judge them yet. That’s clearly going to be a big battleground over the next year or two.

Google Docs just got a lot of attention for its recent upgrade, which the company says offers more competitive features, better compatibility and a new HTML 5-based way of working offline. It sounds good, but I haven’t tried it yet.

But in many ways, the real competition to Office 2010 is more likely to be the older versions of Office that people are running to day. Simply put, Office 2003 or 2007 both work pretty well, and not everyone will see the reason to upgrade. Indeed, I know many workers who found the UI change between 2003 and 2007 to be quite jarring, even though in the long run, most tended to like it.

In addition to better collaboration tools, Microsoft Office 2010 features a new ‘ribbon UI’ for Outlook, a couple of impressive new tools for Excel, and the ability to crop videos directly in PowerPoint. PC Mag’s first look at the beta is here and my intial impressions are here. I’m sure we’ll both have more to say as we get our hands on the final product, but I have to say I’ve found many of the new features quite useful.

Still, it’s interesting how little attention Office is getting, at least in the media. Microsoft says 7.5 million people have downloaded beta copies, so someone much care. But my guess is, at this point, Office is good enough, and most people just take it for granted.

(No Ratings Yet)

 Loading ...

What’s new in Norton Internet Security 2011

We’re very excited to release the first Beta of Norton AntiVirus 2011 and Norton Internet Security 2011. A lot of work went into the 2011 products, and we invite our Beta testing community to provide us with feedback. The betas are available for download now at www.norton.com/beta. Here’s an overview of what’s new and notable in Norton 2011.

(No Ratings Yet)

 Loading ...

Change the Font or Size of Text Using Keyboard Shortcuts

(No Ratings Yet)

 Loading ...