lundi 30 novembre 2015

RogueKiller 11 ships with rewritten kernel driver, ADS detection

Roguekiller11

French developer Adlice Software has released RogueKiller 11, the latest edition of its powerful malware detection tool.

The new build comes with a completely rewritten kernel driver, delivering more efficient scans and improved reliability for the latest versions of Windows.

There’s more good news for Windows 10 users as RogueKiller 11’s IAT scan now works with Microsoft Edge.

The file system scanner now detects alternate data streams.

The scanning process is more streamlined (there’s no more "Prescan" stage), and there are one or two other changes under the hood (see the official changelog if you need to know more).

It all makes for an impressive package, which despite its power remains very easy to use.

Click Scan, wait as the program scans running processes, your Registry, scheduled tasks, web browsers, file system, and checks for rootkits. View the report when it’s done, choose what you’d like to wipe, and click Delete to clean up.

The free build does have one significant issue, in that there’s no "quick" scan, no way to choose a specific area to check: it’s a full system scan or nothing.

Still, if that's an issue then you can fix it temporarily by activating the trial version, or just buy a personal license for $15 per year.

RogueKiller 11 is an excellent malware hunter for Windows XP and later.



Google killing Chrome for 32-bit Linux

crynerd

If you live in the web browser, using a Linux-based operating system makes a lot of sense. By combining say, Ubuntu and Google Chrome, you can have a very secure and easy-to-use platform running the world's best web browser. A bloated and heavy Windows 10, for instance, could be unnecessary.

Sadly, if you are like me, and the first thing you install on any fresh Linux-based operating system is Google Chrome, you might be in for a world of trouble. You see, Google is killing Chrome for Linux; well, the 32-bit version at least. Is Google making a big mistake?

"To provide the best experience for the most-used Linux versions, we will end support for Google Chrome on 32-bit Linux, Ubuntu Precise (12.04), and Debian 7 (wheezy) in early March, 2016.  Chrome will continue to function on these platforms but will no longer receive updates and security fixes. We intend to continue supporting the 32-bit build configurations on Linux to support building Chromium. If you are using Precise, we’d recommend that you to upgrade to Trusty", says Dirk Pranke, Software Engineer, Google.

Is Google making a mistake here? Absolutely not. Quite frankly, it is shocking that the company has supported 32-bit Linux this long. Look, yes, Linux-based operating systems can breathe new life into old hardware, but computers without 64-bit processors are way beyond their expiration date.

If you are clinging to such old hardware, it is time to move on -- you can get a more powerful machine for a few hundred bucks nowadays. With that said, if you insist on holding onto your existing obsolete hardware, you have an alternative; the Chromium browser -- on which Chrome is based -- will continue to support 32-bit for the time being.

Are you still running a 32-bit Linux-based OS? Why? Tell me in the comments.

Photo Credit: Roman Rybaleov/Shutterstock



The threats of November 2015, Linux ransomware leads the way according to new report

House security

November is almost in the books and we're into the holiday season. Unfortunately that means some people would like your money to shop with. November was about ransomware, not just viruses, trojans and malware, or at least that's what a new report has found.

Dr Web states that Linux was at the top of the list in terms of what could go wrong. Linux.encoder.1 ranked as the top threat of the month. This is a derivative of Trojan.encoder.737 which was found in 2014 and has since been changed into this iteration.

Dr Web also says "According to Google data, this encoder has managed to infect more than 3000 websites worldwide". The report points out that the sites targeted were created using WordPress and Magento. The first is a very commonly used CMS around the web. The compromised sites total more than 3,000.

The good news for this threat is that it has a number of flaws in the code and the data it locks up can be decrypted, so at least there's a bit of happiness among this gloom.

Meanwhile, the most common malware was a pair of trojans labeled trojan.crossrider1.42770 and trojan.crossrider1.50845. These are simply designed to display ads on your screen. Not far behind was trojan.download3.35067, which the security service describes as "A Trojan that can download other malicious programs from the Internet and install them on the infected computer".

The company is also monitoring a botnet, well probably many. This one is known as Win32.Rmnet.12. Activity in this area has receded two months in a row now, though. The most active area, by far, is China. It is very distantly followed by the US. The margin is 88 percent to six.

The security firm did add more than 670,000 sites to its "dangerous" list, which more than doubles the month of October.

All of this means that it's still a war zone out there, just not as bad as it was. Be safe shopping this holiday season.

Image Credit: Maksim Kabakou / Shutterstock



The security risks of IoT devices

Internet of things

The Internet of Things (IoT) isn’t a new concept, but it has gained momentum especially within the last year, as more and more connected devices have come to market. While connecting everything brings added convenience to our everyday lives, it’s crucial to understand what we may be compromising from a security perspective, and importantly, which devices could pose a threat either now or in the future.

With so many connected devices we decided to take a look at those that have made the headlines so far this year. Cars, for instance, have only recently become connected, although they have long been computerized. However, with poor Internet security expertise some manufacturers are being caught out.

In April, Cybersecurity experts Charlie Miller and Chris Valasek revealed a software flaw that allowed them to take control of a Jeep Cherokee on the move -- all from a laptop computer at home. Hacking into the Jeep’s electronics through the entertainment system, they were able to change the vehicle’s speed, alter its braking capability, and manipulate the radio and windscreen wipers. The two described the hack as "fairly easy" and "a weekend project".

A few months later, news broke that researchers had hacked a Tesla Model S, once again via the car’s entertainment system. Although it took closer to a year to pull this hack off, the researchers were able to apply the hand brake, lock and unlock the car, and control the touch screen displays. Tesla quickly developed a fix, which has been sent to all of the affected vehicles.

Hacked vehicles are an obvious cause for concern, but the hazards presented by apparently innocuous devices such as the "smart fridge" or "connected toaster" also warrant equal consideration. The thought of a hacker gaining control of your refrigerator may be less daunting than them taking control of your steering wheel on the motorway, but these products can act as a gateway to much more sensitive information.

An example of such a hack was the recently exposed man-in-the-middle vulnerability of a Samsung smart refrigerator: its calendar integration functionality provided hackers with access to the owner’s network and the ability to steal linked Gmail login credentials. A similar weakness has been identified insmart light bulbs, when hackers were able to obtain the passwords for the connecting Wi-Fi network as they were passed from one bulb to another.

IoT devices, however innocuous they may seem should be thought of as a point of entry. Think of it like leaving the window open in your spare room; there may not be anything of value in the room itself but it allows access to the rest of your home unless properly secured.

Security myths around connected devices are also plentiful. One such area is smart medical devices. Most personal devices aren’t connected to the Internet at all; they use Bluetooth to connect to other smart devices. Most medical appliances are too small to allow integration of a mobile phone connection and, in any case, consumer concerns over placing phone transmitters in the body restrict the development of the technology. Therefore, hacking a pacemaker or similar device is highly unlikely at present.

Another IoT fable, at least for the time being, concerns smart watches.  Again, the majority simply do not connect directly to the Internet. That being said, HP has found some major areas for concern in many smart watches, including insufficiently robust authentication, vulnerability to man-in-the-middle attacks, and poor firmware updates. As Gary Davis of Intel says, the real weak link is the user’s mobile phone: most wearables link to phones, which by comparison hold vastly more personal data and exhibit many of the same vulnerabilities.

However, wearables are an area for concern -- it’s the information that they hold that can be valuable. For example, this year, some music festivals allowed participants to load their wristband pass with credit card information, thus avoiding the need to carry a bag or wallet, or to have to dig around for change in the middle of a busy crowd. Simply holding their wristbands up to the vendor’s reader was enough to pay for drinks, food and merchandising.

Sounds cool and convenient, right? But as people left the festival others were lined up at the exit, eager to buy their wristbands. Sell it, and the buyer only has to crack the wristband’s four-digit PIN to gain access to the credit card information: a relatively simple matter.

Wearables, particularly fitness trackers, have taken off in the past few years. Figures for 2015 show that 14 percent of UK adults own a wearable device or smart watch (as compared to 63 percent who own a smartphone or tablet). The market for health and fitness devices and smartphone apps has doubled in the last year. Users may not realize that wearable tech creates new opportunities for a massive quantity of private data to be collected.

Symantec threat researcher Candid Wueest recently told Wired that the danger of wearable devices at this point is that developers are not prioritizing security and privacy. His research found some devices that sent data to a staggering 14 IP addresses; and at a Black Hat demonstration, he identified six Jawbone and Fitbit users in the audience, and specific details about their movements -- down to the time they left or entered the room.

So, before you place your order for that new fancy fitness tracker or that swanky internet connected fridge, take a moment to consider the points below:

Make Security a Priority

Just as with any other tech device, back up your data.  Most people don’t start regularly backing up data until they have lost their photos/tax returns in a hard drive crash; security tends to be a secondary consideration until you become a victim.

Be Aware

Ensure you know what a device does, how it is secured and how to minimize opportunities for fraudulent individuals to misuse the information it holds or gives access to.

For example, consider buying a wearable that comes equipped with remote-lock capabilities, so that you can lock or erase its data if it is stolen. As always, use a password to protect your device; use biometric authentication whenever possible; and pay attention to user reviews.

Andy Thomas, managing director, CSID Europe

Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.

Image credit: Gustavo Frazao / Shutterstock



Where in the world is Google Pixel C?

Google Pixel C

Black Friday is behind us, Cyber Monday is here, and Christmas shipping new purchases cuts off in about three weeks. Which makes me wonder: Where is Google's new tablet? When announced at the end of September, Google product director Andrew Bowers said that the "Pixel C will be available in time for the holidays on the Google Store". Eh, yeah—by whose measure is "in time". The information giant typically sells out of new gear, which leaves little time to manage inventory. "Out of stock" notices will disappoint many shoppers, who may buy something else.

I watched for this baby to drop before Thanksgiving, particularly with Apple iPad Pro already available—three weeks now. Granted, the devices target different markets, if for no other reason than size (12.9 and 10.2 inches, respectively). But each is innovative and stylish and would make great presents for someone. I'm ready to buy, Google. As surely are many Android fanboys.I reached out to the PR staff there today and was told to "stay tuned", which could be interpreted as soon. We shall see, eh?

Pixel C could be the sleeper holiday hit for gadget geeks, if only Google would start selling. Chromebook Pixel is a design darling that acts as a reference for lower-cost models. The new tablet promises to be something similar, and the thing is stately, based on the announcement demo.

Google will sell two models: 32GB ($499) and 64GB ($599); there is an optional magnetically-attaching keyboard for another $149. By comparison, for 500 bucks Google gives twice the storage as iPad Air 2, which at 64 gigs sells for same as Pixel C.

Screen resolution is 2560 x 1800 at 308 pixels per inch, and it is blindingly bright (500 nit). Other features include four microphones (for voice interaction), flanking speakers (for audio), and USB Type C. Processor is the Nvidia Tegra X1, and there is 3GB RAM.

I'm waiting, Google. Surely some of you are, too. Will there be a shiny Pixel C in the holiday stocking or lump of coal instead?



Microsoft Office 365 reveals new communication enhancements for business

Busy office

Microsoft Office 365 is for home users and businesses. In the former case it's a good deal, providing the software for five computers in the consumer's home for a monthly or annual fee. The deal for business is tiered, depending on size, but that's Microsoft's biggest customers and it aims to keep them.

To that end, the company is unveiling new enhancements to communications within Office 365. Vice president of Microsoft Office, Kirk Koenigsbauer, reveals the news in some detail. Also being announced are some new security features that Microsoft says will add "significant new security and analytics capabilities aimed at dramatically improving our customers’ ability to protect their organizations and glean insights from data".

Much of the communications is built on Skype, which Koenigsbauer points out has become a verb in today's world. That's true, it joins the realm of things like Xerox, Google, and Kleenex.

Added are PSTN conferencing, which allows people to dial into a meeting from a handset, Skype Meeting broadcast allowing for up to 10,000 attendees, and cloud PBX which the company hopes will let businesses drop the traditional systems.

On the security side, there is the new Delve Analytics that claims to provide better management of time and relationships. There's also Customer Lockbox, which Microsoft says will "Give customers new approval rights, transparency and control over their data in the cloud". Finally there is Advanced Threat Protection to try and keep people safe from malware and viruses using behavioral analysis.

That should be enough to keep Microsoft's biggest customers happy for a little while.

Photo credit: Monkey Business Images/Shutterstock



Microsoft continues to earn its enterprise dominance with new business solutions

Businessman Business best better good

When I am doing personal computing at home, I will often use Ubuntu and LibreOffice. Free and open source solutions are more than enough for my personal needs. Hell, I can sometimes even get by with a Chromebook if my needs are very light.

When it comes to the enterprise, however, and getting serious work done, I depend on Microsoft and its closed source solutions. Software like Office 2016, SharePoint and Skype for Business are absolutely brilliant. The company has earned its dominance in the business space. Today, at the Convergence EMEA conference, it announces new solutions that further cement the company's reign of the enterprise.

"Data and intelligence are critical components of next-generation customer engagement, and Dynamics CRM 2016 delivers intelligent capabilities that surface insights to enable sales, marketing and service professionals to make quicker decisions and take action. Powered by Azure Machine Learning models, Dynamics CRM 2016 previews capabilities such as intelligent product recommendations for sales reps to personalize up-selling and recommended knowledge articles to more effectively resolve customer service issues", says Microsoft.

A solid CRM solution is essential to building client relationships and improving metrics regarding satisfaction. Sure, you can train your employees to be polite and knowledgeable about products and services, but beyond that, they need tools to truly move the needle. Just like a carpenter needs a hammer, your employees need a CRM solution to drive customer satisfaction and engagement -- Dynamics CRM 2016 is a wise choice.

Microsoft further shares, "today Microsoft introduced PowerApps, a new service that empowers employees to create the apps they need, connected to business systems in a secure way, and easily share their apps with coworkers. Available in preview, PowerApps helps businesses create employee-facing apps of all kinds, from the simplest app -- like an employee survey -- to long-lived, mission-critical apps that connect to line-of-business systems and cloud services and run on any device".

PowerApps have a lot of potential -- being able to develop in-house solutions in an easy way can be a huge from a cost savings perspective. More importantly, however, it can minimize the dependence of outside vendors, which can improve overall productivity by limiting roadblocks. It can be preferable in an auditing-situation too.

Of course, Microsoft is also focusing on improving its bread and butter, Office 365. The company shares the following improvements from an enterprise perspective.

  • A complete meeting and voice solution. With Skype Meeting Broadcast, Public Switch Telephone Network (PSTN) Conferencing, PSTN Calling and Cloud Private Branch Exchange, Office 365 customers now have one platform for calling, conferencing, video and sharing integrated with the Office applications they use every day.
  • Analytics and data visualization. Delve Analytics empowers individuals by providing rich, interactive dashboards that surface insights into how they spend their time and who they spend it with, so they can focus on the tasks and people that matter most.
  • Advanced security and compliance. Customer Lockbox offers customers full control over access to their data in Office 365 by giving them ultimate approval rights in the rare instances when a Microsoft engineer must request access to the service. Office 365 Advanced eDiscovery brings machine learning and text analytics that reduce the costs and risks inherent in managing large quantities of data for e-discovery.

While many people tend to "hate" on Microsoft and sing the praises of alternatives, as far as I am concerned, there is no alternative to the company -- in the enterprise at least. While companies embracing open source in business and government agencies makes for nice headlines for the open source cause, it is almost always a mistake.

Microsoft has earned its business dominance by creating and selling popular solutions that end users love. When it comes to business and making money, there is no room for software ideologies. Use Windows, Office, SharePoint, Skype and more -- you won't be disappointed. Microsoft's updated solutions are just icing on the cake.

Do you love Microsoft's business solutions? Why or why not? Tell me in the comments.

Photo Credit: Dusit/Shutterstock



Is your network ready for IoT devices?

Internet of things

The stats are here: investment bank Goldman Sachs cites the Internet of Things as a $7 trillion opportunity by 2020 -- with IoT set to have an impact at every stage in the production and distribution of products.

Wikibon predicts the value of efficiency savings from machine data alone could reach close to $1.3 trillion and will drive $514 billion in IT spend by 2020. Manish Sablok, head of Field Marketing, North West and East Europe at ALE, looks at the four fundamental network requirements to enable businesses to take full advantage of the transformations that IoT will drive.

The hype surrounding the potential of IoT shows no sign of subsiding, and now IoT is morphing from a smart concept to reality. The smarts are on parade: smart cities with their smart grids and smart transportation systems and smart cars, all demonstrating the benefits of machine to machine (M2M) connectivity.

ALE is already involved with the communications and networking backbone of Gujarat International Finance Tec-City in India, a Smart City development that implements IoT at a fundamental level.

There are many ways in which IoT can be implemented and one such example is how it can help a transportation department, responsible for the road network in a city, leverage the potential of M2M in order to create a smart transportation system.

This type of IoT may involve polling data from thousands of roadway sensors and devices such CCTV cameras, vehicle detectors, weather stations, signs, ramp meters, traffic signals, and other devices multiples times a second in near or real time -- and all this requires connectivity.

It’s the connectivity that becomes critical to how these devices will inform travellers of road conditions, events, and incidents to keep the transport network following. And having the right network infrastructure is crucial to enabling this connectivity.

IoT Ready Infrastructure

From remote pipeline monitoring to healthcare telemetry, M2M technology provides the framework for wired and wireless devices to interact and transmit data to other interoperable devices. A vast interconnected web of smart devices provides continuous streams of data and leaves businesses with a wealth of large data sets.

But without a suitable network infrastructure, millions of pounds worth of sensors and smart devices can be bottlenecked and rendered useless by inadequate and ineffective information routing and distribution.

There are four key requirements for the development of the smart network:

1. Reach to the Edge

The sprawling nature of IoT requires comprehensive management of the entire network, wired and wireless, right to the edge as devices -- smart and not so smart -- seek access and data transfer to core network components. This is why the switch is key. All the connected devices and sensors are transmitting data on the network, but sending data from devices straight to the data centre can be inefficient, cause bottlenecks on the network, and impact performance.

An intelligent network needs to extend functionality right to the edge so data can be analyzed and processed on the way to the core, or from device to device. To manage the increased flow of IoT traffic, switches at the edge of the network will need to offer enhanced security and integrated analytics.

New switch technologies which now incorporates Deep Packet Inspection, application fingerprinting and application monitoring make this possible -- giving administrators a comprehensive view of apps on the network and the information needed to optimize network performance.

2. One Network, Many Applications

It is virtually impossible for a network that has been installed and upgraded on an ad-hoc basis -- often with a separate solution for voice, data, wired and wireless -- to deliver on the promise of IoT. There are many enterprise IT systems out there that are simply not fit for IoT purpose.

A single converged network is fundamental to an IoT environment and guarantees a greater level of interoperability and support for IoT applications and devices.

Unified management eliminates network silos, allows greater central control and enables an intelligent network management solution that can automatically prioritise data traffic to ensure real-time communications, and enable business critical applications get the network service they need, with considerable cost savings.

It also provides the foundation to build the IoT applications of the future.

3. Make Smarter Decisions

IoT brings with it big data -- and with big data comes the need for advanced analytics to provide real-time insights.

Predictive analysis and reporting functions are vital in enabling enterprises to use big data to build proactive, data-driven, decision making.

Analysis of big data can also provide valuable insight into network operations. Predictive network analytics tools delivered alongside network management systems provide reporting utilities that offer detailed network performance indicators.

This can be as simple as determining whether a new service or application a business is rolling out will exceed current network capacity, or that every Thursday afternoon the R&D department needs extra bandwidth to support its data heavy processes.

By examining this data, enterprises can achieve greater return on investment in their applications, identifying redundant or unpopular features and allow developers to target their resources more effectively.

4. A Smart Network to Educate Dumb Devices

Not every device is smart. Poorly secured smart devices such as smart watches and activity trackers pose a threat to essential network security -- as do traditional dumb devices such as door locks. Simply monitoring and controlling the flow of packets to and from IoT devices is not enough to guarantee security.

A network management system, such as the OmniVista NMS, is essential to provide traffic analytics and regulate control over authorized and unauthorized access. Remote or centralized management enables system administrators to efficiently manage devices and safeguard network integrity and data.

All devices right out to the network edge must be made smarter by the network management and the switches on the network.

The Converged Road to IoT

IoT offers the chance for enterprises to deliver compelling new applications and support deployments with millions of endpoints by providing real-time insights that help enterprises capture, understand and make more effective use of device data. But it will also bring new challenges and expectations.

The key is one converged network supported by state of the art switches that enable an enterprise to remotely manage, monitor and safeguard all devices, software and data to provide IT departments with in-depth intelligence to make smarter decisions.

Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.

Image CreditAhmetov_Ruslan / Shutterstock



Windows 10 on Mac: Boot Camp vs Parallels

windows_10_logo_in_hands

If you want to run Windows 10 on a Mac there are really only two options worth considering: a native install using Boot Camp or virtualization through Parallels. Each is excellent in its own right, but which one best meets your needs?

Trying to answer that question can prove to be a daunting task for many Mac users, based on my experience. The conundrum: Boot Camp is easy to use and readily available in OS X, while Parallels is the most versatile software of its kind for OS X. It's not easy. Fortunately, this article will help you understand which one is right for you.

Fundamental Differences

To start, let's talk about what sets Boot Camp and Parallels apart.

Apple has created Boot Camp with the goal of making it easy for Mac users to natively install Windows on their device, alongside OS X. The tool, which officially supports Windows 10, will create a bootable USB installation media of the operating system, adding the necessary drivers for your Mac in the process.

It also helps you partition the drive, and, after everything's done, it will even restart your Mac so that you are taken right to the initial Windows 10 setup process. As long as you have a large-enough USB drive and a Windows 10 ISO file, Boot Camp will help you get the job done with as little effort as possible.

And since traditional PCs and more-recent Macs are very similar hardware-wise, Windows 10 will run on a Mac pretty much like it would on a, say, Dell or HP laptop or custom-made desktop. You may notice some kinks here and there, depending on how polished the drivers are and whether Windows 10 supports all the features that the Mac offers, but, for the most part, it will all work as expected.

Now, on to Parallels. But, before we dive into it, a quick note: the virtualization software has added support for Windows 10 in its 11th iteration, which is the latest available at the time of writing this article. So, for all intents and purposes, you can look at this article as a comparison between Boot Camp, in its OS X 10.11 El Capitan form, and Parallels 11.

But why Parallels? I have mentioned that it is extremely versatile, and that is because Parallels has a dual personality. It can let you run Windows 10 in a typical virtual machine, but it can also allow you to run only the Windows program that you want. Chose it from the list of available software, and it will shortly appear on the screen like an OS X app.

The latter, called Coherence mode, is what makes Parallels special. When this mode is enabled, you get the best of both worlds: the ability to experience OS X in all its glory while getting to keep all your favorite Windows programs close. And it works great.

Why You Should Choose Boot Camp

Windows 10 running natively on Mac via Boot Camp 2

Now that you know Boot Camp and Parallels' features, let's talk about benefits. I'll start with Boot Camp, because it is what every OS X user has easy access to.

Boot Camp is best at one thing, and that is allowing you to run Windows 10 at full speed on a Mac. It will give you the best performance, and a PC-like experience, with all the benefits and drawbacks that come with it.

Since you are not using virtualization, your Mac will perform under Windows 10 just like a similar desktop or laptop. Boot Camp presents an understandable advantage when used on an entry-level Mac with a slower processor and not a lot of RAM, because the device will only have to run a single operating system and not two at once.

In my experience with Windows 10 installed via Boot Camp on my late-2013 MacBook Air I have had no noteworthy issues to speak of. Like I mentioned earlier, there are some niggles here and there but, once everything is set up as you want, you'd be hard-pressed to tell the difference between your Mac and a traditional PC.

If you want to switch back to OS X, you can easily do so by opening Boot Camp in Windows 10 and selecting the option to boot to OS X. Or you can press the Option/Alt key on your Mac keyboard right after the device powers on or reboots.

It should be noted that the Apple drivers and software do not reveal anywhere near the same level of customization as they do in OS X. To give you an idea of what I mean, you get lots more touchpad gestures under OS X than Windows 10. Also, battery life seems to be affected by the transition to Windows 10, as Microsoft's operating system and/or Apple's drivers are not well optimized for this scenario.

Why You Should Choose Parallels

Windows 10 running in Parallels 11 on Mac

Parallels lends itself to both users who need to have Windows 10 running alongside OS X, but also to those who just want access to Windows programs alongside OS X apps. The beauty of it is that switching between these two modes is done by simply entering or exiting Coherence mode, which is an option easily accessible from the virtual machine's menu bar.

Those who want to run Windows 10 in a typical virtual machine will find that the operating system runs very well with no issues to speak of. Meanwhile, those who just want to run, say, Microsoft Edge or Cortana will only get that program and none of the Windows strings that typically have to come with it. You can't really fault Parallels for doing anything wrong. It just works, no matter what you're trying to achieve.

Microsoft Edge and Windows Store running under Parallels 11 directly on OS X desktop

Parallels also makes it extremely easy to access Windows files on OS X and vice-versa. When using Windows 10, your Mac's Home, iCloud, Photo Library are mounted as network drives, which makes it extremely easy to share content between the two devices (the Mac and the virtual machine). When you're in OS X, just open Finder and you will see your Boot Camp installation listed under Devices; open it and you will see the contents of your C drive under Windows 10.

Parallels is also very flexible, as it can be configured in all sorts of ways depending on what you are trying to do. You can give priority to the virtual machine, for the best-possible performance of Windows 10 under virtualization, or the Mac, so that it runs well while powering that Windows 10 VM.

You can choose how much RAM you want to allocate, how much storage space you want to allocate, give spoken commands, add some password protection, choose what sort of access other devices have to the VM, set up shortcuts and much, much more. If you are a power user, you will love it.

Now, where Parallels and virtualization software in general does not shine is overall system performance. What I mean by this is that Windows 10 in a virtual machine will not be as fast as Windows 10 running natively on the Mac. That is an obvious downside, but it is worth pointing out based on some conversations I have had with some folks in the past.

Also, Parallels is not free. For home users and students, Parallels 11 costs $79.99 per year from Parallels' site. A subscription-based version, called Pro edition, is priced at $99.99 per year, also on Parallels' site. All this convenience and versatility comes at a cost. But, I think, it is absolutely worth it.

So?

My recommendation is to get Parallels. In most cases it is the better option. Not to mention that it makes more sense to add new capabilities -- namely, to run Windows 10 in a VM and/or Windows programs straight from the OS X dock -- to your Mac than limit yourself to just a single operating system or collection of programs at a time -- why should you?

But, to play Devil's advocate, Boot Camp shouldn't be ignored if you will rarely be using Windows 10 or needing Windows programs. For instance, if you want to play a game from time to time, Boot Camp makes more sense because it gives you better performance.

So, what will you choose?

Photo credit: rvlsoft / Shutterstock



Spoiler alert! Google reveals the trending gift searches for Cyber Monday

boy_with_present

Black Friday is out of the way (not that it is really restricted to just one day this year) and now it's time for Cyber Monday. Traditionally -- if the word can be applied to such a recent phenomenon -- this is the day when you can snap up a techy bargain in time for Christmas, and Google has shed some light on what people are searching for this year.

The search data is like peering into the future. The searches of today, are the gifts of next month. If you want to get an idea of what your nearest and dearest might be popping under the tree for you this year, the top trend gift searches could give you some pointers. Warning: there may be gift spoilers ahead.

Google reports that more than half of people plan to use their smartphones to research gifts when they have a spare moment or two. This may be an interesting statistic, but it's the searches themselves that are more revealing. Amazon may be using drones for super-fast deliveries, but these devices have become increasingly popular as toys. Drone-related searches are up 80 percent from last year.

With the anniversary of Back To The Future this year, attention turned to hoverboards. We might not yet have access to quite the same technology as Marty McFly, but the wheeled versions we do have look likely to be very popular this year, with searches for hoverboards soaring by 500 percent in a few months.

The release of the Apple Watch appears to have fuelled interest in smartwatches, and searches for wrist-worn wearables has nearly tripled over the last year.

Of course it's not all tech; people are also searching for clothing. Retro items such as Levi jeans and Adidas Superstars make appearance, as do -- someone help me -- adult onesies. Sometimes, one loses hope for humanity.

Photo credit: YuryImaging / Shutterstock



How to keep your mobile data safe

Security Lock Circuit

Every month we see another story hit the headlines of how a household name has lost customer data. These type of incidents can cost millions to put right, not just in updating the IT systems, but in terms of lost revenue due to loss of good reputation, and potentially punitive fines.

When the new EU General Data Protection Regulation (GDPR) comes into force, expected during 2017, fines for non-compliance could be five percent of global turnover. This is a significant sum for any size of organization and deserves serious consideration.

Lost Or Compromised Data Costs

The causes of data breaches are many and varied, but the majority are a result of either malicious attack or human error. Recent research into the root causes of data breach found that 47 percent involved a malicious or criminal attack, and 25 percent involved a negligent employee or contractor.

The losses arising typically fell into three categories:

  • The value of the data stored on the device itself
  • The increased risk of a targeted attack on the company’s people and systems
  • Fines levied by regulatory authorities, particularly if the breach involved personal information.

How Organizations Fail to Protect Data

Many companies lack policies for governing how data is managed and protected, especially on portable devices. This is often accompanied by limited awareness among employees about the implications of their actions and what they can do to reduce risk.

Businesses fail to adequately protect data stored on desktops, laptops and portable media, often due to some common misconceptions.

  • Just because a user needs to enter a password to log onto their Windows domain, doesn’t mean that the data is protected. A hacker could still easily access the data.
  • Many companies install Endpoint Protection products to protect devices from malware and targeted attacks, assuming that this will protect the data. It doesn’t.
  • Even with full disk encryption, if data can be copied on to an unencrypted portable device (such as USB devices or smartphones), then the data is still at risk.

However, if security is too complex or restrictive and impacts peoples’ ability to do their work, they will simply find a workaround, leaving a company in an even worse position falsely believing that their data is secure.

UK Cabinet Office Supports Flexible Working With Encryption

The UK Cabinet Office, which is the government department that supports both the Prime Minister and Deputy Prime Minister, ensuring the effective running of government, faced a similar problem to many commercial organizations. They needed a security solution to protect data held on laptops. The challenge they faced was maintaining a high level of security while improving the user experience. Previously they had used two factor authentication resulting in lengthy login times, and loss of tokens causing disruption to both the user and manager.

By installing a solution that provides strong encryption, that is transparent to the user and without the need for two factor authentication, they have significantly improved login times for users, and removed the disruption caused by lost tokens. As the security solution can be managed centrally, the IT department can provision devices quickly and easily, reducing waiting time for staff, and dramatically reducing the cost of ownership.

The adoption of more flexible and mobile ways of working is a key enabler for Cabinet Office staff, and good data security is a key component of this. Productivity is maintained, while laptops are managed and controlled centrally, saving time, resources and protecting valuable data.

In a world where cyber attacks are on the increase, at least if the worst happens and data is stolen, if it is encrypted, it is worthless to the criminal.

Five Practical Steps

1. Protect Your Data

Implementing effective security measures begins with understanding what data you have, where it is stored and how it is shared. More breaches occur from data being copied onto removable media and devices, rather than lost or stolen laptops. Protect your data by ensuring that any data that is copied to a peripheral device is fully encrypted.

2. Don't Rely On Single Layers Of Security

Multiple layers of protection reduce your vulnerability to malicious or accidental breaches. For example, as well as requiring user authentication via password, you could implement technology on your devices that prevents the hard disk being unencrypted if removed from the device.

3. Reduce Complexity Where Possible

The more convoluted your security procedures for users, the greater the likelihood of breaches as a result of their actions. Enabling single sign-on to any device limits the impact on your users and reduces your risks.

4. Security Is Key -- But the Business Still Needs to Operate

If your security policies and technologies prevent people doing their jobs, they’ll inevitably find a way to bypass those controls. When implementing technology solutions, check that they’re flexible enough to meet the needs of your business and your users.

5. Ensure You Have Effective Management Control

Having the right technology on your endpoints is of limited value if you can’t easily manage that technology and you don’t have visibility of what users are doing on their devices. Ensure you have the tools to monitor and report on which devices have been encrypted and what data users are copying to removable media.

If you can’t prove to regulators that you’ve taken all reasonable measures to protect your data, you’re more liable to receive a substantial penalty.

Published under license from ITProPortal.com, a Net Communities Ltd Publication. All rights reserved.

Photo Credit: wk1003mike/Shutterstock



Government enterprise surveillance demands drive BlackBerry to quit Pakistan

BlackBerry-closeup-web2_contentfullwidth

BlackBerry wants nothing more to do with Pakistan. The Pakistani government had demanded that it be permitted to monitor BlackBerry Enterprise Service emails and BBM messages. Unwilling to bow to these demands, the company has decided to pull out of the country entirely.

From the end of 2015, BlackBerry will no longer operate in Pakistan as the company says that it does not want to compromise its customers' privacy. Unwilling to comply with surveillance directives or show any sort of support for backdoors, BlackBerry has decided to cut its losses and run.

With security at the heart of BlackBerry's operations, the move is not entirely surprising, but it remains to be seen if either side is willing to compromise. BlackBerry said that while the government has only expressed interest in BES servers, the company "decided to exit the market altogether, because Pakistan’s demand for open access to monitor a significant swath of our customers’ communications within its borders left us no choice but to exit the country entirely".

Back in July, the Pakistan Telecommunications Authority announced that BlackBerry's BES servers would no longer be allowed to operate in the country. The company says that this is not quite the case. Writing in a post on the BlackBerry blog, company COO Marty Beard says:

The truth is that the Pakistani government wanted the ability to monitor all BlackBerry Enterprise Service traffic in the country, including every BES e-mail and BES BBM message. But BlackBerry will not comply with that sort of directive. As we have said many times, we do not support "back doors" granting open access to our customers’ information and have never done this anywhere in the world.

Pakistan's demand was not a question of public safety; we are more than happy to assist law enforcement agencies in investigations of criminal activity. Rather, Pakistan was essentially demanding unfettered access to all of our BES customers' information. The privacy of our customers is paramount to BlackBerry, and we will not compromise that principle.

Earlier today BlackBerry initially announced that it would pull out of Pakistan on 30 November, but later amended this to 30 December.