Úvodní stránka » Auto-moto » HP Compaq 6530b Battery www.all-laptopbattery.com

HP Compaq 6530b Battery www.all-laptopbattery.com

Can any of these unauthorised cloud services stay? One of the key tasks when assessing existing cloud services is to understand their security levels. Start with those that are most often used by employees.There are some guidelines you can follow when evaluating these services. The Cloud Security Alliance publishes its Cloud Controls Matrix, which lays out security concepts in 13 different domains, although this may be daunting for smaller businesses.“Every organisation makes slightly different rules,” said Hawthorn. “They have a group of people from different departments that get together to define what the minimum standards are for cloud services.”Typical questions might include how data is retrieved if a contract with a cloud service provider is terminated, and how quickly the supplier will delete the data. How are encryption keys managed, and who controls them — the cloud service provider, or the customer?You may still be able to provide services from third-party providers, even if their own security approach doesn’t pass muster. Another useful piece in the cloud security puzzle is proxy encryption.

NetSkope, Ciphercloud and Skyhigh all provide services that sit in between your company and other cloud services.They will encrypt your data going to and from the cloud, and will typically let your IT department handle the encryption keys, putting your team in control of the data that leaves the organization. Products in this category will often feature other protections, too, including data loss prevention (DLP) and policy management.The idea is to reach a situation where the IT department can provide a healthy alternative to the unauthorised cloud-based services peppered throughout the organisation that is easy to use.Think of it as a move from illegal consumer downloading, using the murky, porn-ridden sites littering the web, to legal streaming, where users get a pleasant interface, and most of the content they want, relatively cheaply.At the heart of this lies a mature IT service management approach, in which IT departments offer users a catalogue of services, including cloud-based options, via an internal portal. After all, if they can get the cloud services that they want (or a decent alternative) internally, then why wouldn’t they?

IT departments can sweeten the deal by providing an extra layer of usability, with things such as password management. Users will hate having to log into multiple unauthorised cloud services. It takes time and effort. But a policy management layer takes a lot of typing from different sign ons.Whichever approach the IT department uses to shore up security in a cloud-based world, it will be important to accompany it with a robust and clearly communicated policy.Trustmarque estimates that 84 per cent of 2016 British office workers either said that the organisation didn’t have a cloud usage policy, or that they didn’t know if it had one or not.By clearly defining policy, you at least get a chance to use the stick in conjunction with the carrot. Expressly forbidding certain activities, while also offering healthy and sanctioned or alternatives, gives you the best possible chance of preventing your precious files seeding the wrong clouds, and raining where they shouldn’t.Your encryption keys can accidentally leak from your PC via radio waves, computer scientists have reminded us this week. This is a well-understood risk, but as these guys have demonstrated, it can be done cheaply with consumer-grade kit, rather than expensive lab equipment.

Tel Aviv University researchers Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer have built on Genkin’s earlier work on capturing 4096-bit RSA keys using the sound emitted by a computer while it runs a decryption routine.The latest research involved extracting private decryption keys from GnuPG on laptops within seconds by measuring the electromagnetic emanations during the decryption of a chosen cipher text. The researchers used the Funcube Dongle Pro+, hooked up to a small Android embedded computer called the Rikomagic MK802 IV, to measure emissions within 1.6 and 1.75 MHz. It may even be possible to pull off the attack with a standard AM radio with the output audio recorded by a smartphone.An abstract for the paper – Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation – explains:

We demonstrate the extraction of secret decryption keys from laptop computers, by non-intrusively measuring electromagnetic emanations for a few seconds from a distance of 50 cm. The attack can be executed using cheap and readily-available equipment: a consumer-grade radio receiver or a Software Defined Radio USB dongle. The setup is compact and can operate untethered; it can be easily concealed, e.g., inside pita bread. Common laptops, and popular implementations of RSA and ElGamal encryptions, are vulnerable to this attack, including those that implement the decryption using modern exponentiation algorithms such as sliding-window, or even its side-channel resistant variant, fixed-window (m-ary) exponentiation.
We successfully extracted keys from laptops of various models running GnuPG (popular open source encryption software, implementing the OpenPGP standard), within a few seconds. The attack sends a few carefully-crafted ciphertexts, and when these are decrypted by the target computer, they trigger the occurrence of specially-structured values inside the decryption software. These special values cause observable fluctuations in the electromagnetic field surrounding the laptop, in a way that depends on the pattern of key bits (specifically, the key-bits window in the exponentiation routine). The secret key can be deduced from these fluctuations, through signal processing and cryptanalysis.

Steve Armstrong, managing director of Logically Secure Ltd and former lead of the RAF’s penetration and TEMPEST testing teams, said the type of attack demonstrated by the Tel Aviv team is well established. Such attacks have been possible for years; increasing the gap between the target machine and the eavesdropper mitigates the attack, according to Armstrong.“Any device close to a computer can pick up RF signals – put your phone close to the car radio and listen to it chatting,” Armstrong explained. “The key thing of this attack will the the required proximity. If they can do it at 10 metres in a different room, I would be impressed; if the device needs to be within 20cm, I am not.”The attack demonstrated by the Tel Aviv team may be unreliable in practice, because computers are usually juggling multiple tasks at the same time and not just exclusively decrypting data. That means lots of noise is added to the process, ruining attempts to extract private keys from the machines.The Israeli researchers intend to present their work at the Workshop on Cryptographic Hardware and Embedded Systems (CHES) conference in France in September 2015.

The Low Orbit Helium Assisted Navigator (LOHAN) mission is in good shape after the final test flight of our Vulture 2 spaceplane’s avionics – dubbed PRATCHETT – soared to 31,050m (101,870ft) above Colorado on Saturday.Our US allies at Edge Research Laboratory piggybacked the PRATCHETT payload onto their own EDGE 22 flight, carrying kit for the ongoing "Balloon Enabled Atmospheric Conditions Observation Network" (BEACON) project.On board for PRATCHETT was a Pixhawk autopilot avionics rig with the newly-attached 900MHz ultra-long-range radio. The plan was to do a second test of the former, to ensure the batteries and servos really were up to the job, and to connect to the avionics via the latter – allowing autopilot brain surgeon Andrew Tridgell to monitor the flight live from his sofa in Australia.The flight launched from Colorado Springs East Airport early on Saturday afternoon – later than normal to allow Andrew to tune in at a reasonably plausible hour of the morning Down Under.

Here’s the Edge crew at the airfield, which is some 10km east of Colorado Springs:After a slight delay while Tridge and Edge’s David Patterson fiddled with the radio rig (see details below), the flight got into the air without mishap, due no doubt to the team appeasing the stratospheric gods with the traditional "mighty orb worship" ceremony:Thanks to to light winds at altitude, the payloads came down just 25km from the launch point, having hit a heady 101,000ft (roughly, in old money) before balloon burst. Here’s the track as seen on Droneshare…It’s worth noting that the custom "Pixhawk Avoidance of Nearby Tree System" (PANTS) arboreal avoidance algorithm worked a treat, because despite the presence of potentially magnetic trees in the landing area…Microsoft’s new Surface 3 tablet should be the perfect hardware for Windows 10, set to be released on 29 July. We put it to the test.Microsoft’s Surface experiment is significant on several levels. When the initial Surface device (running Windows on ARM, also known as Windows RT) was released in October 2012, it was the first time the company competed directly with its hardware partners.

Perhaps this was because it did not trust them to create tablets that worked well with Windows 8 and its curious hybrid personality, part touch-friendly and part wedded to keyboard and mouse. Surface was also an attempt to counter Apple’s success with the iPad: tablets with long battery life, low maintenance, easy app deployment, and high resistance to malware.Surface was also Microsoft’s opportunity to show that a device running Windows could match the Mac’s out-of-box-experience, where one company controls both hardware and software, and there is no pollution from adware or mis-conceived vendor enhancements.As it turned out, Microsoft’s success was limited. Surface RT was a flop, thanks to underpowered hardware, a lack of compelling Windows Store apps, and puzzlement among Windows users about why they might want a Windows tablet that could not run any existing desktop apps, other than the built-in Office and Windows accessories.There were good reasons – security and maintainability – but they were not communicated effectively, and lack of apps made it too restrictive. The Surface Pro range, more conventional devices based on x86 CPUs, fared better in the market but there were still shortcomings.Battery life on the first Surface Pro was poor, thanks to its 3rd generation Intel i5-3317U processor, but improved to eight hours or more (with typical use) in the Surface Pro 2 with the Haswell-based i5-4200U.

Power management is another issue. In theory, you are meant to treat a modern Windows device like an Apple iPad; rarely turning it off completely and relying on power management to keep the system in a very low power mode when not in use. In practice, Surface has never been good in this respect.The original Surface RT would drain power quickly when not in use, and Surface Pro was worse – especially if you made the mistake of enabling the Hyper-V hypervisor,which happens if you install the Visual Studio developer tools.You could turn your Surface “off” in the approved way, and later find it heating your bag, which is frustrating when battery life is precious. This is fixed, apparently, in Windows 10.Other persistent Surface annoyances are where the keyboard cover stops responding and has to be removed and re-attached, and unreliable Wi-Fi, where you have to fiddle with device manager or reboot to get a connection. Both problems seem improved with the latest models and firmware but the wider point is that even with full control of hardware and software, Surface has not proved immune to PC-type reliability issues.

Napsat komentář