Tuesday, March 31, 2015

Security: 2015q1 Concerns

Viruses, Worms, Vulnerabilities and Spyware concerns during and just prior 2015 Q1.

  • [2015-03-07] Litecoin-mining code found in BitTorrent app, freeloaders hit the roof
    "μTorrent users are furious after discovering their favorite file-sharing app is quietly bundled with a Litecoin mining program. The alt-coin miner is developed by distributed computing biz Epic Scale, and is bundled in some installations of μTorrent, which is a Windows BitTorrent client. Some peeps are really annoyed that Epic's code is running in the background while they illegally pirate torrent movies and Adobe Creative Suite Linux ISOs, and say they didn't ask for it to be installed."

  • [2015-03-06] FREAKing HELL: All Windows versions vulnerable to SSL snoop
    "Microsoft has confirmed that its implementation of SSL/TLS in all versions of Windows is vulnerable to the FREAK encryption-downgrade attack. This means if you're using the firm's Windows operating system, an attacker on your network can potentially force Internet Explorer and other software using the Windows Secure Channel component to deploy weak encryption over the web. Intercepted HTTPS connections can be easily cracked, revealing sensitive details such as login cookies and banking information, but only if the website or service at the other end is still supporting 1990s-era cryptography (and millions of sites still are)."

  • [2015-03-05] Broadband routers: SOHOpeless and vendors don't care
    "Home and small business router security is terrible. Exploits emerge with depressing regularity, exposing millions of users to criminal activities. Many of the holes are so simple as to be embarrassing. Hard-coded credentials are so common in small home and office routers, comparatively to other tech kit, that only those with tin-foil hats bother to suggest the flaws are deliberate."
  • [2015-03-05] Obama criticises China's mandatory backdoor tech import rules
    "US prez Barack ‪Obama has criticised China's new tech rules‬, urging the country to reverse the policy if it wants a business-as-usual situation with the US to continue. As previously reported, proposed new regulations from the Chinese government would require technology firms to create backdoors and provide source code to the Chinese government before technology sales within China would be authorised. China is also asking that tech companies adopt Chinese encryption algorithms and disclose elements of their intellectual property."
  • [2015-03-05] Sales up at NSA SIM hack scandal biz Gemalto
    "Sales at the world's biggest SIM card maker, Gemalto, which was last month revealed to have been hacked by the NSA and GCHQ, rose by five per cent to €2.5bn (£1.8bn) in 2014. Following the hack, the company's share price fell by $470m last month. In February, it was revealed that the NSA and Britain's GCHQ had hacked the company to harvest the encryption keys, according to documents leaked by former NSA sysadmin, whistleblower Edward Snowden."

  • [2015-02-24] SSL-busting adware: US cyber-plod open fire on Comodo's PrivDog
    "Essentially, Comodo's firewall and antivirus package Internet Security 2014, installs a tool called PrivDog by default. Some versions of this tool intercept encrypted HTTPS traffic to force ads into webpages. PrivDog, like the Lenovo-embarrassing Superfish, does this using a man-in-the-middle attack: it installs a custom root CA certificate on the Windows PC, and then intercepts connections to websites. Web browsers are fooled into thinking they are talking to legit websites, such as online banks and secure webmail, when in fact they are being tampered with by PrivDog so it can inject adverts. If that's not bad enough, PrivDog turns invalid HTTPS certificates on the web into valid ones: an attacker on your network can point your computer at an evil password-stealing website dressed up as your online bank, and you'd be none the wiser thanks to PrivDog."
  • [2015-02-23] Psst, hackers. Just go for the known vulnerabilities
    "Every one of the top ten vulnerabilities exploited in 2014 took advantage of code written years or even decades ago, according to HP, which recorded an increase in the level of mobile malware detected. “Many of the biggest security risks are issues we’ve known about for decades, leaving organisations unnecessarily exposed,” said Art Gilliland, senior vice president and general manager, Enterprise Security Products, HP. “We can’t lose sight of defending against these known vulnerabilities by entrusting security to the next silver bullet technology; rather, organisations must employ fundamental security tactics to address known vulnerabilities and in turn, eliminate significant amounts of risk," he added."

[Chinese Virus Image, courtesy WatchChinaTimes.com]
  • [2015-02-20] So long, Lenovo, and no thanks for all the super-creepy Superfish
    "Chinese PC maker Lenovo has published instructions on how to scrape off the Superfish adware it installed on its laptops – but still bizarrely insists it has done nothing wrong. That's despite rating the severity of the deliberate infection as "high" on its own website. Well played, Lenonope. Superfish was bundled on new Lenovo Windows laptops with a root CA certificate so it could intercept even HTTPS-protected websites visited by the user and inject ads into the pages. Removing the Superfish badware will leave behind the root certificate – allowing miscreants to lure Lenovo owners to websites masquerading as online banks, webmail and other legit sites, and steal passwords in man-in-the-middle attacks."

  • [2015-02-15] Mozilla's Flash-killer 'Shumway' appears in Firefox nightlies
    "Open source SWF player promises alternative to Adobe's endless security horror. In November 2012 the Mozilla Foundation announced “Project Shumway”, an effort to create a “web-native runtime implementation of the SWF file format.” Two-and-a-bit years, and a colossal number of Flash bugs later, Shumway has achieved an important milestone by appearing in a Firefox nightly, a step that suggests it's getting closer to inclusion in the browser. Shumway's been available as a plugin for some time, and appears entirely capable of handling the SWF files."

  • [2015-01-29] What do China, FBI and UK have in common? All three want backdoors...
    "The Chinese government wants backdoors added to all technology imported into the Middle Kingdom as well as all its source code handed over. Suppliers of hardware and software must also submit to invasive audits, the New York Times reports. The new requirements, detailed in a 22-page document approved late last year, are ostensibly intended to strengthen the cybersecurity of critical Chinese industries. Ironically, backdoors are slammed by computer security experts because the access points are ideal for hackers to exploit as well as g-men."
     
  • [2015-01-15] Console hacker DDoS bot runs on lame home routers
    "Console DDoSers Lizard Squad are using insecure home routers for a paid service that floods target networks, researchers say. The service crawls the web looking for home and commercial routers secured using lousy default credentials that could easily be brute-forced and then added to its growing botnet. Researchers close to a police investigation into Lizard Squad shared details of the attacks with cybercrime reporter Brian Krebs. The attacks used what was described as a 'crude' spin-off of a Linux trojan identified in November that would spread from one router to another, and potentially to embedded devices that accept inbound telnet connections. High-capacity university routers were also compromised in the botnet which according to the service boasted having run 17,439 DDoS attacks or boots at the time of writing."
  • [2014-12-14] CoolReaper pre-installed malware creates backdoor on Chinese Androids
    "Security researchers have discovered a backdoor in Android devices sold by Coolpad, a Chinese smartphone manufacturer. The “CoolReaper” vuln has exposed over 10 million users to potential malicious activity. Palo Alto Networks reckons the malware was “installed and maintained by Coolpad despite objections from customers”. It's common for device manufacturers to install software on top of Google’s Android mobile operating system to provide additional functionality or to customise Android devices. Some mobile carriers install applications that gather data on device performance. But CoolReaper operates well beyond the collection of basic usage data, acting as a true backdoor into Coolpad devices - according to Palo Alto.CoolReaper has been identified on 24 phone models sold by Coolpad."

  • [2014-11-24] Regin: The super-spyware the security industry has been silent about
    "A public autopsy of sophisticated intelligence-gathering spyware Regin is causing waves today in the computer security world... On Sunday, Symantec published a detailed dissection of the Regin malware, and it looks to be one of the most advanced pieces of spyware code yet found. The software targets Windows PCs, and a zero-day vulnerability said to be in Yahoo! Messenger, before burrowing into the kernel layer. It hides itself in own private area on hard disks, has its own virtual filesystem, and encrypts and morphs itself multiple times to evade detection. It uses a toolkit of payloads to eavesdrop on the administration of mobile phone masts, intercept network traffic, pore over emails, and so on... Kaspersky's report on Regin today shows it has the ability to infiltrate GSM phone networks. The malware can receive commands over a cell network, which is unusual."




Thursday, March 19, 2015

Oracle: Next Generation of Engineered Systems


[Graphic courtesy Oracle Data Center Kickoff]

Oracle's Next Generation Engineered Systems

Abstract:

Larry Ellison: Executive Chairman of the Board and CTO introduces Oracle's 5th Generation of Oracle Engineered Systems. Provide the Highest Performance systems and Lowest Service Price at the core. Oracle effectively targets Cisco UCS, HP, EMC.

Summary of Major Announcements

Oracle Virtual Compute Appliance X5

Converged compute and srorage; Runs all datacenter applications. High Performance and Lowest Purchase Price... Combines compute servers, networking, and storage servers in the same box... highly available and fully redundant Compute Infrastructure: Scalable from 2-25 nodes; Linux, Solaris, and Windows; Network Infrastructure: High speed, low latency, fully configured fabric, integrates to existing Ethernet & Storage Networks Management Infrastructure: Redundant management servers; virtual assembly builder with templates included Half Price Oracle List to Cisco Discount; almost a third price

Oracle Storage Appliance X5

Twice as fast, half as much
  1. Extreme Flash Storage Server
  2. High Capacity Storage Server
12.8 TB PCIe Flash or 6.4 TB PCIe Flash with 48 TB SAS Disks

Oracle Database Appliance X5

2x Servers: 2x18 cores; 8x32 GB (256GB DIMM); 2x Infninband; 4x 10 Gbit Ethernet Storage: 4x 200 GB Flash for Redo Logs; 4x 400 GB Flash for ODA Accelerators; 16x 4TB Hard Drive (Data + Temp Tables + Archive Logs)

Zero Data Loss Recovery Appliance

Fully automated, point in time recovery, no data loss, thousands of databases Backup and log to another rack, another data center, or to Oracle Public Cloud

Big Data Appliance

Oracle Big Data SQL joins: Hadoop, NoSQL, and Oracle RDBMS

Exalogic Elastic Cloud X5-2

Private Cloud for Applications & Middleware Portability to Oracle Cloud Compute: 2x 18 cores, 256 GB RAM/node, 800 GB Flash/node Network: 40 Gbit InfiniBand internal; 10Gb or 1Gb Ethernet external Storage: 80 TB Disk; 256GB Storgage DRAM

Exadata Database Machine X5

Workloads: Warehousing, OLTP, Database as a Service, In-Memory Database Flash Disks replaced High-Performance Disks because Flash Capacity Increase and Price drop! Elastic Configurations: 2x DB and 3x Storage Servers... Full Rack... Multi-Rack Optimize for: In-Memory Max DRAM; OLTP Equal DB & Flash; Warehouse High Capacity Storage and Compute

Oracle SuperCluster

Two SPARC Options:
  1. SuperCluster T5-8
  2. SuperCluster M6-32
Same Storage Server and Software as Exadata X5

Data Center of the Future with Public Cloud

Options Include: - Logging Backups to the Cloud - Cloud as Backup Datacenter - Test and Development in Cloud with Production Local - Production in Cloud with Test and Development Local

The Deep Dive Sessions

The following Deep Dive sessions are for both newly announced hardware as well as for some existing software noted at the bottom of this section. Written summaries provided can assist in helping select which videos to watch.
Oracle SuperCluster

Oracle Largest, Most Advanced, and Most Secure Appliance

  • Exadata Storage Grid
  • Firmware based Hypervisor (vs re-purposed Linux OS as Hypervisor)
  • Cloud Tenant Self Service Portal
  • Rule Based Access Control Metering and Limiting by Account for customer's self service 
  • IO Domain Recipes (i.e. Small, Medium, Large selections) 
  • Templates on top of Recipe (Pre-configured Recipe with OS Patches and Application)
  • Extreme Tenant Isolation through Zone, Network Paths, and Disks
  • Automated Compliance Validation of isolation
Oracle Exadata X5-2

Exadata X5-2: Extreme Flash and Elastic Configurations

Oracle Exalogic X5

Oracle Exalogic X5-2 and Exalogic Elastic Cloud Software 12c

Engineered system designed to run the mid-tier components
  • Oracle Applications 
  • Java Applications 
  • Fusion Middleware 
Exabus Technology, shared with Exadata, which reduced latency between servers. Platform as a Service (Software made available in a cloud) and Infrastructure as a Service deployed on the customer premise.
Virtual Compute Appliance

Oracle Virtual Compute Appliance: Simplify IT and Save Money

Goals:
  • Simplify Deployment
  • Reduce Cost
Pre-built system which is ready to use in a Data Center with a minimal number of steps
  • Compute Capability: 2 - 25 nodes
  • Software defined network with Dual Redundant InfiniBand
  • Ethernet and FibreChannel external connectivity
  • Active-Passive Management Server
  • ZFS Storage Appliance with Redundant Controllers
Self-Service
  1. Provisioning of VM's, Storage, and Network
  2. Policy Driven
  3. Metering and Chargeback
  4. RESTful Infrastructure as a Service (IaaS) interface
Oracle Enterprise Manager drives IaaS
  • Fault Detection
  • Incident Management
  • Lifecycle Managment
  • Change Managment
  • Search & Compare of VM's
  • Apply Patches
  • Gold Templates
  • Compliance reporting
All software is bundled (Linux, Solaris, OEM 12c, Oracle VM, Orchestration, Oracle Virtual Networking, Oracle Trusted Partitioning)
Oracle Database Appliance

Oracle Database Appliance X5-2

Provides everything to deploy a high availability database & application
  • Wizards for simplified deployment
  • Patch Automation (Firmware, OS, Database, Storage, etc.)
  • Oracle High Availability Software Stack (Real Application Cluster or RAC)
  • Affordable with Capacity on Demand
  • Oracle Multitenant Option bundled License
  • In-Memory Database Option bundled License
  • OS and Virtualization Licenses
Refreshed hardware, higher consolidation density Oracle Enterprise Manager Plug-In for Monitoring and Management with Analytics across Appliances Same software stack as Exadata for affordable Test and Development
Oracle FS1 Flash Storage System

Oracle FS1 Flash Storage System 

Summary of Features
  • 2 - 16 Highly Available Nodes
  • Petabytes of Flash
  • 2M 50/50 Read/Write IOPS
  • 80 GB/sec or 5 TB/minute Data Movement
Designed to leverage Flash, not existing Hard Disk solutions. Supports both Flash and Disk, Designed for Flash with Economies of Disk
Oracle Big Data Appliance X5-2

Big Data Appliance

Solves problems surrounding:
  • Performance
    Optimized Hardware
  • Time
    30% Quicker to Deploy
  • Cost
    21% Less Expensive to Purchase
  • Integration
    Data Transparently into the Infrastructure
Oracle Big Data SQL for simple insertion Oracle Enterprise Manager Compatibility
Oracle for Enterprise Big Data

The Move to Big Data

Oracle Linux

Oracle: A Complete, Independent Linux Vendor

Nothing significantly new, basic key points:
  • Oracle Linux Premier Support included with Oracle Hardware
  • Stand-Alone Oracle Linux Premier Support offered for other servers 
  • MyOracleSupport Integrated 
  • Oracle KSplice Bundled (on-line patches, immediately active)
  • Oracle Enterprise Manager included for Patching and Management 
  • Oracle Clusterware Bundled 
  • Oracle Backport Lifetime Sustaining Support (no bug fixes, new hardware support) 
  • Oracle OpenStack bundled 
  • Red Hat Binary Compatibility
Delivery on DVD with pure Red Hat or Oracle Unbreakable Linux Kernel. OS Features
  • Oracle Unbreakable Kernel option for newer Oracle Engineered Systems.
  • DTrace Integration from Solaris for Oracle Linux
  • Isolation features: Linux Containers (LXC) similar to Solaris Zones; Docker (for Application)
  • Free to download, use, distribute, update; Pay for production system
  • Oracle VM Templates
Differentiation: DTrace and KSplice

Friday, March 13, 2015

New Tab: Packaging Resources!

[Solaris Logo, formerly from Sun Microsystems, now Oracle]

Announcement:
Network Management has just released the new Packaging Tab for Solaris Community!



Packaging resources for Solaris

[http] - SunFreeware (migrating to UNIXPackages)
[http] - UNIXPackages (commercial)
[http] - OpenCSW
[http] - Solaris Multimedia
[http] - iBiblio Solaris Package Archive
[http] - Solaris 11 Packages from Oracle (commercial)

Package/Configuration Management Resources for CPE

OpenACS [Home|Source] Config Mgmt for TR069 Protocol

Sunday, March 8, 2015

Security: SuperFish and HeartBleed Vulnerabilities

Some Nice Security Testers...


There has been a lot of security discussion lately, regarding SSL. Both SuperFish corporation and HeartBleed vulnerability have been in the cross-hairs.

[Dead Fish on Beach, courtesy Wikipedia]

Detecting a SuperFish Issue...


While SuperFish is not strictly a vulnerability, the poor security policy can allow for the bypass SSL security.

Filippo.IO was kind enough to assemble a SuperFish vulnerability tester - go and test your PC here!

Detect a Bleeding Heart...
If you have a web site you commonly use, Filippo.IO also offers a HeartBleed vulnerability tester.





HP Acquires Aruba Wireless Infrastructure

[HP Logo, Courtesy Wikipedia.org]
Abstract: 
Hewlett-Packard Company, created in a garage by two electrical engineers in Palo Alto, California, started their company through the creation of superior test equipment. Through organic and acquisition means, HP had grown into consumer and enterprise markets, ranging from printers, to PC's, to mini-computers, networking equipment, and software. They are preparing to split into two different companies, one based upon consumer equipment and another based upon enterprise equipment. Prior the split, HP is filling gaps in their networking portfolio.
[Huawei-3Com Partnership Logo]

Road to Aruba:
On September 26, 2014, HP announced the launch of a Software Defined Networking Application Store.  acquisition of a Software Defined Network company. October 5, 2014 marks when HP announced the split between HP, Inc (for printers & desktops) and Hewlett-Packard Enterprise (for networking, server, and software.) Just days later, October 26, 2014,  HP decided to find a buyer for H3C, the networking partnership between Chinese based Huawei and U.S. based 3Com which HP received when 3Com was acquired in 2010. Clearly, HP is committed to filling out their networking portfolio in the Enterprise company while culling some partnerships..

[Aruba Networks logo, courtesy Wikipedia]
Aruba Not Soon Enough:
March 2015, HP announces the acquisition of Aruba, wireless network provider, filling a gap in their Networking portfolio, prior their corporate split between Desktop/Printer and Enterprise. Hewlett-Packard's networking division was experiencing some pain, according to The Register.
The deal will form a welcome plug to HP's sliding network biz, which fell 10.8 per cent to $562m (£365m) in the company's first quarter results last week.
Aruba posted sales of $729m (£473m) for its full year results in 2014. In its second quarter numbers last week, revenue rose 21 per cent to $212.9m (£138m) and net profit came in at $5.6m versus a net loss of $10.7m in the same quarter a year earlier.
With larger quantities of networking moving from wired to wireless, the new growth area must be accounted for in Hewlett-Packard's portfolio. The Aruba Networking acquisition is expected to be complete in Hewlett-Packard's second quarter.
[HP Split Image, courtesy Anandtech]

Divide and Conquer:
This is not the first split, for HP - Agilent Technologies was created when the Test Equipment division was spun-off 1999. The split of Printers and PC's, to form HP, Inc., should complete in October 2015. The PC and Enterprise markets are very different, requiring significant management style differences... the former requiring very short innovation cycles while the later demands long-term viability of a product with significant investment with close attention to security. Aruba should make an excellent contribution to the portfolio.

Conclusions:
Hewlett-Packard Company was also famous for Network Management products, such as the formerly branded OpenView suite, which dominated the market during the 1990 as the Internet was aggressively expanding. HP's former OpenView suite consolidated into HP Software Division will find a very good home, in the new Hewlett-Packard Enterprise with Network Equipment vendors like Aruba. The combined 3Com, HP Networking, and Aruba portfolio will offer a reasonable platform for the Enterprise company, while the existing established Network and Systems Management suites will provide a software layer to unify the equipment for basic Fault, Performance, and Configuration Management in the Managed Services arena.

Monday, March 2, 2015

Motorola's FreeScale to be acquired by NXP

[Motorola Logo, courtesy Wikipedia]

Abstract:
The Scientific, Education, Engineering, and Server microcomputer markets were once dominated with Motorola based processors. Motorola created the necessary parts for computing platforms, from the power transistors required for switching power supplies, to the plastic coated low-cost semiconductor format which became industry standard, to analog television screens needed for human interaction, to digital HDTV digital screens for modern day human interaction, all the way down to the Central Processor unit with all their additional support chips. Today, we mark the day where America's innovation company, spun-off as Freescale by Motorola, was acquired by a Dutch competitor NXP.

[68000 microprocessor die, courtesy Wikipedia]

History:
A short history of Motorola dating to 2009 can be seen in this PDF. There is not significant concentration on Motorola's contribution to the Computer Industry, so this article completes a short summary of Motorola semiconductor & microprocessor innovations.
1928 - Motorola was started as in Illinois, USA as Galvin Manufacturing Corporation
1947 - Motorola developed their first Television (a requirement for computer monitors)
1949 - Motorola opened up their first Solid State research lab
1955 - The first high powered transistor (core of computer switching power supplies)
1963 - Worlds first rectangular Television (modern computer monitor form factor)
1965 - Developed low cost plastic semiconductor packaging (becomes industry standard)
[Motorola 6800 Microprocessor, courtesy Wikipedia]
 1974 - 6800 8-bit Microprocessor developed (for video games, computers, and cars)
[Motorola 6809, Courtesy Wikipedia]
 1978 - 6809 8/16-bit hybrid Microprocessor released (video games, small computers)
[Motorola 68000, courtesy Wikipedia]

1979 - 68K 68000 16/32 bit hybrid Microprocessor released (used in workstations & servers)
1982 - 68K 68008 8/16/32 bit hybrid Microprocessor supporting inexpensive 8 bit support chips
1982 - 68K 68010 16/32 but hybrid Microprocessor supporting Virtual Memory
1984 - 68K 68020 true 32-bit Microprocessor released (for desktop workstations)
1987 - 68K 68030 released, integrating Memory Management unit (lower cost workstations)
1988 - 88K 88000 released, Motorola's first 32-bit RISC architecture announced
[Motorola 88100 Processor, courtesy Wikipedia]
1988 - 88K 88100 released, 32-bit RISC implementation (1-4 socket shared MMU servers)
1989 - 68K 68040 released, integrating Floating Point processor (faster workstations)
1990 - Motorola acquired General Instrument Corporation (proposed digital HDTV)
[Motorola 88110 Processor, courtesy Wikipedia]
1991 - 88K 88110 announced, 2nd generation 32-bit RISC processor (integrated MMU)
1991 - PowerPC architecture released, a partnership between Apple, IBM, and Motorola
1992 - 88K 88110 first & last processors shipped (succeeded by PowerPC)
1992 - PowerPC 601 32-bit IBM CPU, PowerPC core, on Motorola 88110 bus
[Motorola PowerPC 603, courtesy Wikipedia]
1994 - PowerPC 603 32 bit 2nd generation microprocessor released
1994 - PowerPC 604 32 bit 2nd generation microprocessor released
[68060 Microprocessor, courtesy Wikipedia]

1994 - 68K 68060 last 68K compatible processor, instructions optimized in hardware
1994 - 68K ColdFire microprocessor family released, with a simplified 68K core
1995 - 68K DragonBall microprocessor family from Hong Kong, a 68K micro-controller
[Motorola PowerPC 604e, courtesy Wikipedia]
1996 - PowerPC 604e 32 bit 2nd generation microprocessor released
1997 - PowerPC 620 64 bit 2nd generation microprocessor released
1997 - PowerPC 7xx 32 bit 3rd generation microprocessor released
2001 - i.MX microprocessor family released, abandoning 68K core for ARM core
[Freescale Semiconductor logo, courtesy Wikipedia]
2004 - Motorola spins-off Microprocessor division as Freescale Semiconductor
2010 - Kinetis microprocessor family released by Freescale, based upon ARM core
2013 - Kinetis microprocessor developed the worlds smallest processor
2015 - Motorola Semiconductor, which became Freescale, is acquired by Dutch NXP

[NXP Semiconductor logo, courtesy Wikipedia]

Conclusion:
The United States was the originator of massive computer industry change over the decades. Motorola was one of the first major computing vendors. Motorola divested their Semiconductor division to Freescale. Freescale largely dis-invested itself from the award-winning Motorola's 68K architectures in favor of British owned ARM RISC architecture. Now, Freescale is gone.