Monthly archives for February, 2017

Survey: IoT progress has been slow but optimism remains

More than half of business leaders surveyed for the global Internet of Things Business Index 2017 said progress has not happened as quickly as expected.

More than half business leaders around the globe believe their organization’s progress with the Internet of Things has not happened as fast as they expected, according to a new survey. Nevertheless, they still largely believe IoT will have a tremendous impact in the future.

As many as 24 percent of those surveyed said they “strongly agree” their progress has not happened as quickly as expected, according to the Internet of Things Business Index 2017, an Economist Intelligence Unit report, sponsored by ARM and IBM. Another 33 percent said they somewhat agree. Twenty-seven percent said they neither agree nor disagree, while just 10 percent said they somewhat disagree, and 2 percent strongly disagree.

Even so, there is a “strong degree in belief of vision,” Pete Swabey of the Economist Intelligence Unit told reporters on a conference call.

When asked about the impact of IoT, 21 percent said it’s already had a major impact, while 32 percent said it’s had a limited impact but will have major impact in the future. Another 12 percent said it’s had no impact so far but will have a major impact in the future.

The remaining respondents were more pessimistic: 20 percent said it’s had limited impact so far and will have a limited impact in the future. Nine percent said it’s had no impact so far and will have a limited in the future.

The study, conducted in September 2016, surveyed 825 senior business leaders, including 412 C-level executives or board members. Thirty percent were based in Europe, 30 percent in North America, 30 percent in Asia-Pacific and the remaining 10 percent were in Latin America, the Middle East and Africa.

The survey spanned leaders from 10 industries, including financial services; manufacturing; healthcare, pharmaceuticals and biotechnology; IT and technology; energy and natural resources; construction and real estate; automotive; infrastructure; and outsourced facilities management.

When it comes to the use of IoT in products or services, the plurality of business leaders surveyed, 35 percent, said they were in the research stage. As many as 21 percent said their organization was using no IoT at all, while another 21 percent said they were past the research stage and into planning. Fourteen percent were into implementation, while 8 percent said they were extensively using it.

Results were similar when business leaders were asked about their internal use of IoT. The plurality, 37 percent were in the research stage. Twenty-one percent said they were not using it all, 22 percent were in the planning stage, 15 percent were in implemetation and 6 percent were using it extensively.

Those figures, when compared with the results of the 2013 Internet of Things Business Index, show IoT adoption has advanced slightly globally. However, in the US, internal adoption is actually down slightly.

“It does suggest some companies that were, back in 2013, examining the prospects of IoT may have decided it’s not for them,” Swabey said. He noted that energy efficiency has been a key driver for IoT adoption, so falling oil prices may have taken interest in IoT down a notch.

The chief obstacle to using IoT, respondents said, is the high cost of required investment in infrastructure – 29 percent said so. Another 26 percent cited security and privacy concerns, while 23 percent named a lack of knowledge or commitment from senior management.

While there are real concerns, “that’s balanced with the fact people still are investing and see real money to be made, whether it’s saved on operational costs or new revenues,” said ARM CTO Mike Muller.

When asked where in their organization IoT has had the greatest impact so far, 25 percent of respondents said it has sparked a new wave of innovation thanks to data that provided better insights. Another 22 percent said it’s unlocked new revenue opportunities from existing products or services. Twenty percent said it changed their business model or strategy.

Meanwhile, when asked about the parts of the business that have seen the most positive impact so far, 38 percent said data management and analysis. Another 29 percent said products and services, while 27 percent said technology infrastructure management.


IBM Watson AI: These firms are fighting cybercrime using cognitive computing

IBM launches its Watson for Cyber Security beta program to test how cognitive computing can boost cybersecurity.

Fortune 500 companies across the globe are tackling cybercrime by deploying IBM Watson’s cognitive computing power.

Watson for Cyber Security, a project designed to take the fight to hackers, is a year-long research effort that initially was focused around universities but has been extended to various industries, including banking, healthcare, insurance, and automotive.

Using artificial intelligence technologies, such as machine learning and natural language processing, to analyse vast amounts of structured and unstructured data, Watson is designed to help cybersecurity professionals identify threats.

A total of 40 organisations are taking part in the IBM Watson for Cyber Security beta program in order to test Watson’s ability to fight cybercrime. Participants include Sun Life Financial, University of Rochester Medical Center, SCANA Corporation, Sumitomo Mitsui Banking Corporation, California Polytechnic State University, University of New Brunswick, Avnet, and Smarttech.

By using Watson to shore up cybersecurity defences, IBM hopes to demonstrate new use cases for the cognitive system, such as determining whether a cyberattack is associated with known variants of malware or particular cybercrime campaigns. If so, IBM Watson Security is designed to provide information on the malware employed and the level of threat posed.

Watson is also built to aid organisations in identifying suspicious behaviour, by applying behavioural biometrics and using context to establish whether user activity is malicious or just different to normal. By working with beta customers, IBM hopes to enhance Watson’s understanding of cybersecurity data and operations and better integrate it into everyday processes.

IBM believes that cognitive technology will play a critical role in the war against cybercrime as the technology matures. According to the company’s own research, seven percent of organisations currently use cognitive technology in this way and that figure is set to grow.

“Customers are in the early stages of implementing cognitive technologies,” said Sandy Bird, CTO with IBM Security. “Our research suggests this adoption will increase three fold over the next three years, as tools like Watson for Cyber Security mature and become pervasive in security operations centres.”

IBM Watson’s cognitive systems are also being deployed to aid in healthcare and help re-imagine the services industry.


Visibrain launches monitoring platform for brand reputation management

When dealing with big data, sorting through information quickly is crucial. Reducing noise enables brands to protect their reputations more easily.

Being well informed is vital when it comes to preventing and managing crisis situations that occur across online media. A system that alerts you with customised information about social mentions can save your brand’s reputation, and prevent a crisis.

Social media monitoring platform, Visibrain, has launched a PR monitoring platform for reputation management and crisis prevention.

The platform will monitor online press, blogs and social media to protect brands’ reputations. The system allows users to reduce social noise by excluding certain elements and combining filters.

The platform enables marketers to mange brand reputation. Alert modes such as abnormal volume, rising trend or mention alerts can be set. Data can be filtered to show, for example, who specific topic influencers are.

When the new MacBook Pro launched as a competitor to the Microsoft Surface Studio, Visibrain analysed which came out on top when it came to Twitter chatter.

With both products being aimed at the high-end professional design space, the graph shows the clear winner.

With over 743,000 mentions for the MacBook pro compared to over 206,000 for the Microsoft Surface Studio, Apple’s new MacBook Pro received three times as much commentary as the new Surface Studio, showing the power that Apple’s marketing still holds online.

Separate analysis from October 2016 shows that the iPhone 7 continued to receive more mentions online than Samsung’s Galaxy Note right up until the product’s unfortunate recall.

If mention volumes go above a predefined number per hour, or above normal levels, system alerts allow users to react quickly in the event of a crisis. Certain expressions, links or hashtags that are associated with the brand, or specific topics, also act as triggers.

The Visibrain reputation management platform monitors online press, blogs and social media to ensure that users are the first to know about a budding crisis or rising trend. Alerts are received by email, text message, slack or via the company’s internal system.

In an age where data is everywhere but time is at a premium, cutting through the noise will help marketers get to the crux of what their customers – and detractors – are saying.

The Future of IT: A Strategic Guide

ZDNet and TechRepublic draw on their community of C-level executives and business thinkers to prognosticate where business technology is headed.


Turkey blocks WhatsApp, Facebook, and Twitter across the country

The reported ban is preventing access entirely or throttling connections.

Turkey has reportedly restricted access to popular social media websites in a new censorship push.

According to Turkey Blocks, WhatsApp, Facebook, Twitter, Instagram, and YouTube are now on the block list, with either outright bans or connection throttling taking place. While Facebook, Twitter, and YouTube are often blocked in the country, the Turkish censorship and internet monitoring group says that WhatsApp and Instagram restrictions have now also been detected.

WhatsApp users in Turkey have complained that the service was failing on Friday, November 4 — and now we appear to know why.

Turkey Blocks claims this is the first time “nationwide restrictions have been detected on the popular messaging app in recent years.” The monitoring service says:

“The shutdown was first detected on national provider TTNet, Turkcell and subsequently on other major ISPs, with users of UyduNet and other smaller providers not yet affected at the time of writing.”

Turkey is one of a number of countries which throw up walls to online services for political reasons. It is believed that the latest blocking attempt is due to the overnight detention of members of the pro-Kurdish Peoples’ Democratic Party (HDP), an opposition party to Turkish President Recep Tayyip Erdogan’s leadership.

Detention orders were issued for 15 HDP members of parliament, and 11 in total were found at the party’s headquarters in Ankara to detain, Salon reports.

See also: China’s ‘Great Cannon’: Taking censorship across country borders

Only last month, the country’s government restricted access to cloud storage services Dropbox, Microsoft OneDrive, and Google Drive. It is believed the restrictions were rapidly put in place to prevent the spread of a leaked cache of private emails belonging to the son-in-law of Erdogan, Minister of Energy and Natural Resources Berat Albayrak.


Palo Alto Networks aims to thwart credential theft

The technology rolls out along with a new security platform, hardware, and virtual firewalls from Palo Alto.

Palo Alto Networks is aiming to thwart credential theft with the launch of its next-generation security platform.

The move, which comes amid a barrage of product announcements from the security vendor, is notable because it’s looking to prevent the intrusions that typically give cyber attackers the keys to the enterprise network.

Once a password or credential theft is successful, cyber attackers can lurk on corporate networks for months if not years. Palo Alto is looking to automate defenses against credential phishing attacks, which are effective given that multi-factor authentication still isn’t the default on many networks.

Here’s the approaches deployed by Palo Alto to nix credential fraud:

Automatic blocking of phishing sites via Palo Alto’s WildFire analysis system.
Preventing users from submitting credentials to phishing sites. Palo Alto firewalls can recognize enterprise credentials in outgoing enterprise traffic.
Scaling multi-factor authentication within the firewall. Palo Alto will integrate with Okta, Ping Identity and Duo Security among others.
Tech Pro Research: IT leader’s guide to the Dark Web | How risk analytics can help your organization plug security holes | Information security incident reporting policy

The credential protection comes as Palo Alto is increasingly competing with larger competitors such as Cisco in the security market as well as Check Point and Fortinet to name a few.

Although credential fraud and theft protection was the headliner, Palo Alto also rolled out a series of new features in its latest platform — PAN-OS 8.0. PAN OS 8.0 includes 70 features including multiple hooks to better secure public and private cloud security. Notable points include:

Automation of cloud security and integration with providers such as Amazon Web Services and Microsoft Azure.
Real-time monitoring for software as a service tools such as Slack and support for global languages.
Three new virtual firewall models — VM-50, VM-500, and VM-700 — to cover branch offices to data centers to the cloud.
The new virtual firewall models were also part of a broader hardware rollout that included appliances that cover multiple architectures.


Microsoft tries to soothe regulators and critics with new privacy controls

In the past year, regulators and privacy advocates have taken potshots at Microsoft over its data collection policies. Today, Microsoft announced some new privacy-related initiatives, including a significant change to the way Windows 10 collects telemetry data.

Of all the body blows Microsoft has absorbed in the past 18 months over Windows 10, the criticisms of its privacy policies have to sting the most.

Last summer, the French National Data Protection Commission (CNIL) issued a formal notice against Microsoft, ordering that the company “stop collecting excessive data and tracking browsing by users without their consent.”

The CNIL found Microsoft’s collection of diagnostic information (so-called telemetry) acceptable but said that the default settings for Windows 10 go too far. The complaint singled out Microsoft’s practice of collecting information about app usage as “excessive.”

A month later, the Electronic Freedom Foundation took aim at Windows 10 with a signed editorial criticizing the company for “disregarding user choice” and sending “an unprecedented amount of usage data back to Microsoft….” As I noted at the time, EFF was especially critical of Microsoft’s telemetry collection policies.

After months of explaining and defending its policies, publicly and in meetings with regulators, the company today announced that it’s making a series of privacy-related moves. Terry Myerson, who runs the Windows and Devices Group, made the announcement in a blog post:

Many of you have asked for more control over your data, a greater understanding of how data is collected, and the benefits this brings for a more personalized experience. Based on your feedback, we are launching two new experiences to help ensure you are in control of your privacy.

First, today we’re launching a new web-based privacy dashboard so you can see and control your activity data from Microsoft including location, search, browsing and Cortana Notebook data across multiple Microsoft services. Second, we’re introducing in Windows 10 a new privacy set up experience, simplifying Diagnostic data levels and further reducing the data collected at the Basic level.
The changes to Windows 10 will roll out initially in an upcoming Windows Insider preview build, perhaps as soon as this week, and will reach the general public with the release of the Windows 10 Creators Update this spring.

I haven’t seen these features in operation yet. The descriptions in the remainder of this post are based on what Microsoft says it plans to deliver. The broad outlines shouldn’t change, but you can expect the user experience to evolve before the final release, based on feedback from Windows Insider Program participants and third parties.

Unlike its predecessors, the Creators Update will not arrive silently in the background. Instead, Microsoft plans to notify Windows 10 users that the update is available and allow them to schedule its installation. As part of the process of scheduling that upgrade, users will have the opportunity to make “explicit choices” about privacy settings in five categories.

This is the new privacy settings setup experience that will arrive soon in a Windows Insider preview build, according to Myerson:

This setup screen replaces the Express Settings in current Windows 10 public releases, which requires multiple extra steps to adjust default settings in a clean installation and offers no control over privacy options during upgrades. (To make matters worse, some users have reported that Windows 10 upgrades occasionally reset custom privacy options to their default settings after an upgrade.)

The new interface for setting privacy options also includes an explanation of what happens if you turn any of those settings off or, in the case of the Diagnostics setting, adjust it from Full to Basic.

All of those settings, along with more granular controls (such as setting location permissions on a per-app basis) will also be available after installation, under the Privacy heading in Settings.

The changes to telemetry settings start with the renaming of the category itself, from Diagnostic and Usage Data to just Diagnostics.

In all public releases of Windows 10 so far, non-Enterprise editions allow users and administrators to choose one of three levels to control telemetry collection: Full, Enhanced, and Basic. The changes in the Creators Update will eliminate the Enhanced level and also reduce the amount of information collected when you slide that switch to Basic.

(In Enterprise settings, administrators will continue to have an additional Security option, which eliminates virtually all telemetry collection but requires the deployment of an alternative update mechanism.)

In an interview, Microsoft Corporate Vice President Michael Fortin told me that the Enhanced level was “confusing,” and “only a relatively modest number of Windows 10 users were choosing it.” Most people either leave the default setting at Full or signal their preference for privacy by switching to the lowest available telemetry option, Basic, he noted.

Effective with this spring’s Windows 10 feature update, telemetry information collected at the Basic level will no longer include information about app installation or usage. Instead, Myerson says, information collected at that level will focus strictly on security and reliability, with basic error reporting. That change should assuage some of the concerns of the CNIL and other regulators as well as privacy critics like the EFF.

The new Windows 10 settings are available in all installations, regardless of what type os account the user has signed in with.

The privacy dashboard is a separate feature, designed to give users of Microsoft services the opportunity to see and edit information that is collected and stored in the cloud when they are signed in with a Microsoft account.

According to Myerson, the new privacy dashboard (which will be available at will allow Microsoft customers, regardless of hardware platform or operating system, to review and clear data such as browsing history, search history, location activity, and Cortana’s Notebook. (Note that this data is associated with a Microsoft account and is not saved in the cloud when the user browses without signing in.)

Because this dashboard is web-based, it’s likely to evolve significantly over time. In an interview, Myerson told me he expects his team to iterate on that user experience in response to feedback. “What we’re learning,” he said, “is that people don’t always understand why something is being collected and what are the implications of clearing it out. We will continuously be improving.”

On paper, Redmond can make a strong case that it has an economic incentive to protect its users’ privacy. As I noted last summer, privacy should be a competitive advantage for Microsoft, especially when comparing its policies and practices to those of Google, whose entire business is built on collecting data from its users and turning it into advertising profiles.

Most of Microsoft’s revenue comes from selling software licenses, cloud services, and hardware. A significant share of that business is with enterprise customers and government agencies that have a profound interest in privacy and security. Indeed, Microsoft has earned generally high marks for its handling of security and privacy issues in cloud services such as Office 365 and Microsoft Azure.

Where things get somewhat murkier is with products and services aimed at consumers and small businesses. Without transparency over exactly what information is collected and how it’s used, the company remains vulnerable to accusations that it’s spying on customers.

As Google and Facebook have proven, the most effective way to monetize personal information is through online advertising. Microsoft once had dreams of being an advertising powerhouse, which occasionally led to struggles between product designers and ad sellers.

But the company abandoned that strategic goal five years ago when it wrote off the acquisition of aQuantive and scaled back its advertising ambitions after five years of struggling. Today, the company’s advertising business is healthy but relatively small and mostly intended to monetize strategic assets such as its Bing and Cortana search tools.

In Microsoft’s most recent quarter, search advertising and other forms of online ads accounted for only about 5 percent of total revenue. Contrast that with Google, which earns roughly 90 percent of its revenue from advertising and depends on collecting massive amounts of data to power the ads that pay for Google Search, Gmail, and other free products

Without Microsoft’s investments in those technologies, Google’s dominance in search would arguably be a monopoly.

Still, even that small-by-Redmond-standards online search advertising business brought in about $1.4 billion in revenue in its recent quarter, up 40 percent over the previous year. Microsoft’s ad business might be tiny compared to its rivals, but it’s big enough for regulators and privacy advocates to worry about whether the company’s data collection is being driven by its ad business.

Myerson tells me that they’ve shared details about its data collection practices with large enterprise customers and regulators. “That dialog is taking place in every country where we do business,” he said. “We believe users have a right to privacy and users should have control over their data.”

For consumers and small businesses, the new privacy dashboard offers more control over online data, but you’ll have to take Microsoft assurances on faith when it comes to telemetry.

I asked Myerson whether Microsoft would consider contracting with an outside group, such as the EFF, to audit its data collection policies and offer an independent report.

“That’s an interesting idea,” he replied. “But various countries are going farther than hiring an audit firm. They’re passing laws. We’re making sure we’re fully compliant with laws that affect Windows users.”


Metasploit security kit now hacks IoT devices, hardware

The popular hacking tool kit can now be linked to everything from fridges to cars in the search for vulnerabilities.

The popular Metasploit hacking kit has been upgraded to tackle today’s Internet of Things (IoT) devices, granting researchers the opportunity to scour for bugs in modern vehicles.

Rapid7 Research director of transportation security Craig Smith announced on February 2 that the Metasploit framework can now link directly to hardware, permitting users to develop exploits to test their hardware and conduct penetration testing with less time wasted.

It is hoped that researchers will no longer have to build multiple tools to test today’s modern devices and overcome previous network limitations.

“Metasploit condensed a slew of independent software exploits and tools into one framework and now we want to do the same for hardware,” Smith says.

The open-source penetration testing software, available for free or as an extended, paid-for edition, is over a decade old but is still utilized by thousands of researchers worldwide. The framework currently boasts roughly 1,600 exploits and 3,300 penetration testing modules.

Due to the fresh update to the Hardware Bridge API, users are no longer limited to Ethernet network connections. Instead, researchers can build support directly into firmware or create a relay service through a REST API, which is necessary for some hardware tools including Software Defined Radio (SDR) that cannot communicate over Ethernet.

“Every wave of connected devices, regardless of whether you’re talking about cars or refrigerators, blurs the line between hardware and software. As we like to say, this hardware bridge lets you exit the Matrix and directly affect real, physical things,” said Smith. “We’re working to give security professionals the resources they need to test and ensure the safety of their products, no matter what side of the virtual divide they are on.”

The initial release focuses on IoT, with a particular slant towards automotive penetration testing. The bridge now includes modules for testing vehicle Controller Area Network (CAN) buses and users are also offered interactive commands for gathering information on vehicles being tested, such as speed and inbuilt security systems.

“If you are in security at an automaker, you are challenged to test things that are not exposed to traditional networks,” Smith told Dark Reading. “The hardware bridge allows security teams to add hardware testing to their QA process. It also allows red teams to have a central user interface to all of their hardware tools.”

Additional modules which target embedded, industrial, and hardware devices, including SCADA systems for industrial applications, will be added over time. Rapid7 also plans to add additional BUS systems, such as K-Line, in the future.

Rapid7 is asking users of the initial Metasploit release to provide feedback and suggest new automotive features for future versions.


System Requirements

Both OsMonitor Server and Client can work on Windows XP, Windows Server 2003/08/12/2016, Windows 7, Windows 8/8.1, Windows 10. Include 32 bit and 64 bit.

Customer Review

We are now using your monitoring software, OsMonitor. It is a great software, we are able to block non-business website, monitor activities of our users, website visited and even snap shots. Majority of our need is provided by your software.