Amazon AWS S3

Amazon AWS S3 known to leak data

Amazon AWS S3 cloud storage servers might soon fall victims to ransom attacks, similar to how hacker groups held tens of thousands of MongoDB databases for ransom throughout 2017.

The statement, made today on social media by infosec expert Kevin Beaumont, is nothing short of a prophecy of things to come, an opinion shared by many security professionals to whom Bleeping Computer spoke today.

Amazon AWS S3 storage servers have been leaking data all 2017, being behind some of the most notable data leaks of last year, including breaches at the NSA, the US Army, analytics providers, and more.

Those incidents happened because companies left data on publicly-readable S3 buckets (“bucket” being a term used to describe an S3 storage unit). In most cases, that data was found by security researchers who helped companies secure their systems, but hackers could get to these files first, too.

However, there’s also a category of S3 buckets that are even more dangerous than publicly-readable servers. Those are publicly-writeable ones —buckets allowing any user, with or without an Amazon S3 account, to write or delete data on the AWS S3 instance. A Skyhigh Networks report from September 2017 found that 7% of all Amazon AWS S3 buckets were publicly-writeable.

AWS S3 buckets to go the way of MongoDB and friends

Experts believe that hacker groups who have been busy holding MongoDB, ElasticSearch, Hadoop, CouchDB, Cassandra, and MySQL servers for ransom all of 2017 might soon turn their sights on S3 publicly-writeable buckets.

The 2017 ransom attacks usually followed the same pattern. Hackers found an exposed server, wiped data, and left a ransom note behind asking for a ransom. Some victims paid, hoping to recover data, but most users were left at the altar, as hackers did not have the storage space to back up all the ransomed servers, and never returned any of the promised data.

Now, something like this is bound to happen to Amazon S3 server owners.

“The MongoDB incidents showed that the ‘spray and pray’ strategy works, even without saving the data,” security researcher Dylan Katz told Bleeping Computer.

Katz believes that S3 data will be wiped, and not held for ransom per-se, mainly because S3 buckets tore humongous amounts of data, which an attacker would not be able to host it all.

Source: BleepingComputer


EE to tackle broadband not-spots

Telecoms company EE has revealed plans to sell a 4G antenna that promises to bring fast broadband internet to thousands of homes in rural areas.

EE’s Simon Till said the “shoebox-size” antenna would let more people access the company’s 4G broadband service.

The company said it had delivered speeds of 100Mbps to homes during a trial in Cumbria.

One analyst said the plan would appeal to people who could not get fast speeds through a fixed broadband line.

“We’ve heard of farmers doing a similar thing, putting up masts on their edge of their property near where the signal is,” said Andrew Ferguson of the news site

“The DIY approach has been bubbling away, but EE offering it as a service makes it a lot more simple.”

EE already offers home broadband, either through a fixed phone line or over the 4G mobile network.

It said its new antenna installation service was designed for homes in areas where fixed line service was poor or not available at all.

Telecoms watchdog Ofcom defines decent broadband as a speed of about 10Mbps to download.

At that speed, downloading a high-definition film could take up to 90 minutes, according to Ofcom.

EE said its 4G home broadband could deliver download speeds of up to 100Mbps and upload speeds of about 10Mbps.

However, it is possible that areas too remote for fixed broadband also have poor 4G coverage.

“There may be instances where that’s the case, but our network reaches 90% of the UK,” said Mr Till, referring to EE’s geographic coverage across the UK.

“If you overlap our network with the homes that get less than 10Mbps fixed broadband, you get to about 580,000 homes that we could reach.”

Source: BBC


what is bitcoin

What is bitcoin?

Ahh, bitcoin. Has there ever been a technology that is more talked about but less understood? It seems no one can quite work out whether bitcoin is the currency of the future or just a pyramid scheme to help tech bros get rich quick. We don’t have the answer to that question yet, but we can help you know what to say when your nan tells you she’s considering cashing in her pension and going all-in on cryptocurrency.

Here goes…

Alright, what is it then?
Bitcoin is a kind of digital money. But unlike normal cash, it isn’t printed by a government or stored in normal bank accounts. Instead, people who own bitcoin can directly transfer it between themselves without having to go through a third party (like a bank).

So I can pop to the shop and pay with bitcoin then?
Probably not, sorry. Unless you hang out at some seriously hipster cafés. Bitcoin hasn’t really caught on as a payment method because it takes ages to make transactions and its value is all over the place.

Oh, that’s no good. But it is an easy way to get rich quick, right?
Nope. The value of a single bitcoin is about 17 times more than it was at the start of the year, that’s true, but many economists think that this rapid growth is just a bubble, and the price is going to come crashing down again soon enough. You’re better off keeping your money in your old-fashioned bank account.

But what if I did want to get some… I’m asking for a friend.
There are plenty of places to exchange your pounds, euros and dollars for some virtual currency. Websites such as Coinbase are a lot like currency exchanges – they buy loads of bitcoin at a time and then sell it on to individuals. Other websites match you up with an actual person that’s selling bitcoin, and you can transfer money to them. In almost all cases you’ll have to pay a transaction fee and have your identity verified by providing some ID. And there’s always mining…

Mining sounds fun. I’ll see where I left my pickaxe…
Hold up, it doesn’t work like that. Mining refers to the way that the computers that run the bitcoin network verify transactions by running some complicated calculations. Basically, all these computers across the world record all the different bitcoin transactions that take place, forming a public record of every single time anyone has ever sent or received bitcoin. This is a really difficult task, requiring highly specialised (and expensive) computers, so the owners of these computers are rewarded with tiny fractions of a bitcoin as a payment for running the network. That’s mining.

Source: Wired


best ssds hard drives 2018

Best SSD Hard Drive 2018

Building a new rig, or looking to upgrade your existing machine’s storage, but don’t know which SSD to go for? Well, you’re in luck. We’ve tested all the big-name products on the market to offer the definitive list of the best SSDs currently available.

An SSD (solid-state drive) is the simplest and most cost-effective upgrade you can make to a laptop or desktop. Not only will it speed up your PC’s boot-up times, but opening applications and searching for files will be quicker too; in general, it will make your system feel far more snappy.

In the very simplest terms then, an SSD performs exactly the same function as your regular hard disk (or hard drive, if you prefer) but much, much faster. It replaces the mechanical aspects of your hard disk with non-moving transistors. Although more expensive than a hard disk, the performance benefit an SSD offers is absolutely worth the money.

SSD jargon explained
NAND Flash: Negative AND Logic gates. They’re similar to the chips used in RAM, but they can store data even when there’s no power flowing through them. They form the basis of all SSDs.

Controllers: SSDs, like other storage devices, are little computers in themselves. Controllers look after the algorithms that sort through data. The faster the controller, the better the performance.

SATA: Serial ATA. This is the most common, and cheapest type of SSD. It connects through your motherboard’s SATA ports and while it’s several times faster than a regular hard disk, it’s the slowest form of SSD, topping out at about 500-600MB/s. The current version of SATA is SATA III.

NVMe: Non-volatile Memory Express. This type of SSD connects over PCIe (PCI Express), with drives topping out at over 3000MB/s. You’ll either find it connecting directly to your motherboard’s PCIe slots or over M.2 (below), also using PCIe lanes.

M.2: This is a specific physical SSD format. Confusingly it can use both the SATA or PCIe lanes on your motherboard, but either way it fits into a smaller M.2 slot. M.2 SATA drives are most commonly found on ultra-thin laptops to save space (M.2 is very small) and cost (sometimes only using SATA-speed storage). If you’re buying an M.2 SSD for your desktop, make sure it’s an NVMe drive.

Source: Trusted Reviews

amazon go supermarkets

Amazon opens a supermarket with no checkouts

In a move that could revolutionise the way we buy groceries, Amazon opens its first supermarket without checkouts – human or self-service – to shoppers on Monday.

Amazon Go, in Seattle, has been tested by staff for the past year.

It uses an array of ceiling-mounted cameras to identify each customer and track what items they select, eliminating the need for billing.

Purchases are billed to customers’ credit cards when they leave the store.

Before entering, shoppers must scan the Amazon Go smartphone app. Sensors on the shelves add items to the bill as customers pick them up – and deletes any they put back.

The changing face of retail

Amazon finally arrives in Australia

The store opened to employees of the online retail giant in December 2016 and had been expected to allow the public in more quickly.

But there were some teething problems with correctly identifying shoppers of similar body types – and children moving items to the wrong places on shelves, according to an Amazon insider.

Gianna Puerini, head of Amazon Go, said the store had operated well during the test phase: “This technology didn’t exist – it was really advancing the state of the art of computer vision and machine learning.”

Amazon has not said if it will be opening more Go stores, which are separate from the Whole Foods chain that it bought last year for $13.7bn (£10.7bn).

As yet the company has no plans to introduce the technology to the hundreds of Whole Foods stores.

However, retailers know that the faster customers can make their purchases, the more likely they are to return.

Making the dreaded supermarket queue a thing of the past will give any retailer a huge advantage over its competitors.

The Seattle store is not Amazon’s first foray into bricks and mortar retailing, however. In 2015 the firm opened its first physical bookshop, also in Seattle where the company is based. There are now 13 in the US – as well as dozens of temporary pop-up outlets..

Source: BBC

Facebook focus on friends and family

Facebook overhauls news feed to focus on friends and family

Your Facebook feed will soon start to look a little different.

But this isn’t just about you. It’s also about the power and influence of the world’s dominant social network.

CEO Mark Zuckerberg said Thursday that Facebook is overhauling the news feed to prioritize posts from family and friends, as opposed to those from brands and publishers.

That means its 2 billion users will see fewer news articles, viral videos and other media content. Instead, they’ll see more baby pictures and status updates from aunts, childhood friends and co-workers. The change is the biggest tweak the social network has made to the news feed — essentially the soul of Facebook — in years.

The idea is to let you have more “meaningful interactions” and to try to make sure you don’t suffer from the time you spend on Facebook. Last month, the company released a report on how people consume content on Facebook and on the consequences of that behavior. Passively scrolling and reading things, it found, can have negative effects, while being more interactive — “liking” posts and writing comments — can be positive.

“We feel a responsibility to make sure our services aren’t just fun to use, but also good for people’s well-being,” Zuckerberg wrote on his Facebook page. “I’m changing the goal I give our product teams from focusing on helping you find relevant content to helping you have more meaningful social interactions.”

Facebook has been under intense scrutiny as it grapples with its scale and influence. Its almighty algorithms have the power to decide what people see online, and the thinking is that can have an effect on how they view the world. The company, along with Twitter and Google, has been in the hot seat with lawmakers for the role its platform played in the 2016 election. Russian trolls abused the service to try to sway the results and sow discord among Americans.

Earlier this month, Zuckerberg said his latest annual challenge is to “fix” some of the problems that have spread on Facebook, like hate and abuse. He teased the upcoming change by saying one of the goals is “making sure that time spent on Facebook is time well spent.”

Source: CNET

CES 2018 Black Box VR

Black Box VR wants to make gamers fit

Start-up Black Box VR has developed a full-body workout in the form of a 30-minute virtual reality experience.

It uses a bespoke resistance training machine and an HTC Vive headset. The entire set-up is about the size of a family bathroom.

It is one of several innovations at the CES tech show in Las Vegas to propose mixing VR and fitness training.

But one expert said the firm would need to address safety concerns for the idea to be a success.

The Idaho-based firm’s solution involves participants entering a virtual arena, where they compete against an avatar and, eventually, one another.

The firm’s founders, Ryan DeLuca and Preston Lewis, were also behind the successful fitness empire

Exercise and repeat

Black Box VR’s business plan is to open boutique gyms across the US, in which each member will enter their own “black box” space for the gamified work-out, which will track their progress.

An at-home version of the equipment could be developed in the future, the firm said.

“Most people stop going [to the gym] after a couple of weeks so adherence is something that’s a critical factor of what we’re trying to solve,” general manager Jim Bradbury told the BBC.

One VR-industry watcher said the idea had potential, but had concerns.

“Human beings in general find it hard to retain the habit of exercise and there’s been many attempts to try and make it more appealing – so, VR makes sense from the perspective of trying to make the gym less boring,” said J P Gownder from the consultancy Forrester.

“But the cost of the equipment is going to make it an expensive get-up.

“And will it be safe enough for people to use?

“I’m not aware of the Vive having been stress-tested for this kind of use, and [Black Box VR] is going to need to prove that it has taken account of impact on the body of using the headset during strenuous exercise.”

Source: BBC

message bot customer care

Bots are about to get better at customer support than humans

Thanks to machine learning, AI-enabled bots could gain a competitive advantage over human chat exchanges.

In 2018, AI-enabled bots will provide a better customer experience than human-to-human chat exchange, following the explosion of messaging services that have changed the way companies interact with their customers. Today, more than two billion messages are exchanged between people and companies every month on Facebook Messenger alone. Other major players have been investing heavily in the space, creating platforms to support companies in their pursuits to engage customers where they are and in the way they prefer. In 2018, this will give rise to AI customer-service agents that we are happy to deal with.

However, many organisations will fail to create the customer experience they desire because of a fundamental misunderstanding of human-to-machine interaction. In their belief that human agents give the best experience, many will develop messaging applications that stress person-to-person conversations. But companies will learn that using AI-powered bots, supported by human “escape hatches”, which seamlessly pass on the interaction to a human, will provide a vastly better experience than a standalone human-to-human exchange.

This feels counterintuitive. But consider this. Human-to-human chat exchanges are limited to text inputs. Moreover, they are often open-ended conversations, creating a less guided experience for the user. Bots, on the other hand, can respond immediately, and combine prompt buttons and other visual cues along with supporting textual conversations to offer a much richer, guided user interaction. More importantly, AI can scale and apply its knowledge much faster and more consistently than a human as its algorithms improve and it learns. Human agents, on the other hand, need to be trained, respond inconsistently and need to be motivated to care about the customer.

As customers interact with a company, bots can capture data to learn behaviours, habits and preferences – and then anticipate needs. These interactions then improve the entire user base’s customer experience. To try to capture and apply this same data is hard when it is free flowing, non-guided text, and nearly impossible when it is human-to-human chat.

Source: Wired

US blames North Korea for WannaCry

US blames North Korea for WannaCry

The US administration has said North Korea was “directly responsible” for the WannaCry malware attack affecting hospitals, businesses and banks across the world earlier this year.

The attack is said to have hit more than 300,000 computers in 150 nations, causing billions of dollars of damage.

Thomas Bossert, an aide to US President Donald Trump, made the accusation in the Wall Street Journal newspaper.

It is the first time the US has blamed the country officially for the worm.

Mr Bossert, who advises the president on homeland security, said the allegation was “based on evidence”.

The United Kingdom government said in November that it was “all but certain” that North Korea carried out the attack.

In May, Windows computers hit by the cyber-attack had their contents locked, with users asked to a pay a ransom to have their data restored. EU police body Europol called the scale of the attack “unprecedented”.

In the piece, Mr Bossert said North Korea must be held “accountable” and said the US would continue to use a “maximum pressure strategy” to hinder the regime’s ability to mount cyber-attacks.

He did not specify what action, if any, the US government planned to take in response to their findings.

The country is already facing major economic sanctions after being re-designated a state-sponsor of terrorism last month amid tension over the North Korean nuclear programme and missile tests.

Malware, patches and worms defined
UK say cyber-attack was ‘launched from North Korea’
“North Korea has acted especially badly, largely unchecked, for more than a decade, and its malicious behaviour is growing more egregious. WannaCry was indiscriminately reckless,” Mr Bossert wrote.

“As we make the internet safer, we will continue to hold accountable those who harm or threaten us, whether they act alone or on behalf of criminal organizations or hostile nations,” he went on.

“The tool kits of totalitarian regimes are too threatening to ignore.”

The White House is expected to give an official statement blaming Pyongyang on Tuesday.

‘Unprecedented attack’
In the UK, the National Health Service (NHS) was hit particularly hard by the cyber-attack, with 48 affected health trusts forced to turn many patients away for appointments and even surgeries.

It spread across the world, with Russia reportedly being badly hit, causing problems to the country’s postal service.

Source: BBC

uk broadband speeds

Million Britons miss out on decent broadband speeds

The UK’s digital divide has narrowed but more than one million homes and offices still struggle to get good broadband, says an Ofcom report.

The Connected Nations report found that about 4% of properties cannot get a broadband speed fast enough to meet their needs.

Last year, about 1.6 million UK properties were in this position.

Smartphone access to the net also needed to improve, it said, as many only got weak signals when travelling.

“Broadband coverage is improving, but our findings show there’s still urgent work required before people and businesses get the services they need,” said Steve Unger, Ofcom’s technology chief, in a statement.

“Everyone should have good access to the internet, wherever they live and work,” he added.

The UK’s appetite for data has grown at a huge rate in the last 12 months, found the report.

The average amount of data carried across UK networks grew by 52% during that period. The average home broadband connection now carries about 190 gigabytes of data every month, it found.

Mobile measure

Telecommunications watchdog Ofcom defines decent broadband as a speed of about 10 megabits per second (Mbps) to download and one mbps to upload.

At these speeds, downloading a high-definition movie could take up to 90 minutes, said Ofcom, if no one else was using that link to the net.

Ofcom said the 1Mbps upload speed was becoming more critical as small businesses and families make greater use of video-sharing and conferencing, which require good upload speeds.

Ofcom said the problem of poor broadband was most pronounced in rural areas, where about 17% lack decent broadband.

The 10 down/one up split is the specification for Ofcom’s proposed universal service offering – which every property in the UK should be able to receive, it said.

Many places cannot obtain these speeds because they are in rural areas that are far from telephone exchanges or street cabinets through which broadband is delivered.

More broadly, said the report, access to superfast broadband services that run in excess of 30Mbps was improving.

By May 2017, 91% of properties could receive such a service – a small increase from last year when the figure stood at 89%.

The higher speeds were proving popular, suggested the report, with 38% of premises that can get it signing up for the service.

Source: BBC