Archive for July 11, 2019

Twitter Is Down…. Whatever Will The Planet Do? [UPDATE: Fixed]

Posted in Commentary with tags on July 11, 2019 by itnerd

It seems that Twitter is down globally as users who are trying to log on aren’t having much luck. What appears is a message saying “Something is technically wrong.” This is confirmed by Downdetector and Twitter’s status page. There’s currently no time to resolution as of yet. But when it’s resolved, I’ll post an update.

UPDATE: This issue is now resolved.

 

 

GoTo Sends Its Customers A Note On Video Conference Security….. To Throw Some Shade On Zoom Perhaps?

Posted in Commentary with tags , on July 11, 2019 by itnerd

Zoom who have had a couple of issues this week that made the news, which did get fixed by Zoom and Apple, now may be having their competitors throw some shade on them. Case in point is GoTo which own GoToMeeting, GoToWebinar among other products. I was tipped off by a reader that they got an email that takes you to this blog entry which details why their security is better than Zoom’s security:

To be perfectly clear, LogMeIn and our meeting products, including GoToMeeting, GoToWebinar, GoToTraining, GoToConnect and join.me, do not have this security design flaw. This flaw is not, and has never been, part of our products.

However, it is helpful to understand the report itself and why the approach has caused such concern. The root of the issue is a web server which is installed as part of Zoom’s native Mac client to allow it to launch the Zoom app from a web page, bypassing the operating system’s security controls. By bypassing normal browser-based security, this web server can be used to activate/trigger the user’s camera (and potentially execute other harmful code on the user’s machine). Worse, when the client is uninstalled, this active webserver is left behind on the machine.

LogMeIn also delivers simple meeting launching from a web browser, but does it in a much more secure way, using URI handlers. As Jonathan writes in his report: “Alternative methodologies like registering custom URI handlers (for example, a xxxx:// URI handler) with the browsers is a more secure solution. When these URI handlers are triggered, the browser explicitly prompts the user for confirmation about opening the app.”This is exactly how we handle our launch of an already installed LogMeIn application such as GoToMeeting and our other collaboration products.

This security posture avoids bypassing operating system or browser security controls. We take a similar stance towards privacy with things like video (we do not enable video by default) and always offering clean uninstalls.

Additionally, we offer the web clients for our products that can be used in scenarios where downloading an application is not an option or is security restricted.

So. I’ll ask the question. Is this informational to reassure customers that GoTo products are secure? Or is this meant to throw a bit of shade on Zoom? Or perhaps both? I guess it depends on your perspective. But I do expect that others who are in the video conferencing game to join in on the fun and perhaps do the same thing that GoTo is doing in some form.

ASUS Partners With ESPN At EXP Esports Gaming Series

Posted in Commentary with tags on July 11, 2019 by itnerd

ASUS Republic of Gamers (ROG) today announced it will be the official hardware sponsor of EXP, an esports gaming series created by ESPN. This series exemplifies ESPN’s commitment to expanding their esports coverage across all platforms and content types to better serve every kind of sports fan.

The EXP summer tournaments kick off July 11 with a Pro-Am Apex Legends Exhibition that will feature players from across the gaming community, from influencers and fans to celebrities and esports champions. Following it up is the EXP Invitational – Apex Legends at X Games Minneapolis on August 2 and 3, where 20 of the best Apex Legends squads will fight for a $150,000 prize pool.

ROG is proud to have sponsored ESPN’s inaugural EXP event in May 2019 at the Collegiate Esports Championship and will continue supporting and supplying competition-level gaming hardware for both of the upcoming tournaments. Tournament participants will compete on ROG Strix GL12CX gaming desktops and ROG Swift PG248Q gaming monitors provided by ASUS.

Elevating esports

The upcoming events underscore both ROG and ESPN’s dedication to bringing professional esports to a wider platform. These tournaments will be available to watch live on multiple digital platforms, including the ESPN app. A tape-delayed show focused on key moments and storylines will air across ESPN and ABC linear networks after each event, making this a solid first step in familiarizing mainstream audiences with pro gaming.

In sponsoring events such as PAX, Dreamhack, and ESL One, and this EXP series, ROG has worked to elevate every cross-section of the games industry, from developers to streamers to pro athletes.

Gaming excellence

Tournament participants in the upcoming EXP series will play on ROG gear designed for competitive high-FPS gaming.

The Strix GL12CX is a liquid-cooled and factory-overclocked gaming desktop engineered to give competitors a serious edge in battle. Developed specifically for tournament play, its case features a hot-swap SSD bay hidden behind a magnetic front cover. These are useful at esports events, since players often store their games and profiles on 2.5” SSDs. With the hot-swap bay, organizers can easily remove and insert SSDs without ever lifting a screwdriver or rebooting the system.

This gaming machine is equipped with the latest NVIDIA® GeForce RTX™ 2070 GPU, powerful enough to deliver the huge, triple-digit frame rates required for pro-level play. Competitors will immerse themselves in the action on a blazing fast ROG Swift PG248Q monitor. This high-refresh gaming panel features an overclockable 180Hz refresh rate and NVIDIA® G-SYNC, which reduces stuttering and eliminates tearing. It also has an ultra-responsive 1ms grey-to-grey response time, which means enemies and other targets will be rendered clearly without any ghosting or blurring.

Game casters and commentators will follow the action on new Strix SCAR III gaming laptops, which represents the top tier of portable esports gaming. Released in Spring 2019, the Strix SCAR III was the world’s first gaming laptop to offer 240Hz gaming panels for both 15 and 17-inch options. Slim bezels frame the display, giving casters a more immersive and in-depth view of the game.

Equipped with a powerful NVIDIA® GeForce RTX™ 2070, the Strix SCAR III delivers silky smooth visuals at any speed of play. The SCAR III also features a latest generation 9th Gen Intel® Core™ CPU, a blazing fast M.2 NVMe PCIe® SSD, and up to 32GB of RAM, so that content creators can spectate, take notes, participate in stream chats, and more all at the same time.

Let the games begin

The upcoming EXP tournaments are a major step forward in making esports a must-see, mainstream sporting event. ROG is excited to help bring esports to a wider stage with ESPN, the leading multinational, multimedia sports entertainment entity.

Tune in to the events live online and on the ESPN app. The EXP Apex Legends Pro-Am Presented by The Real Cost will be held the day following The 2019 ESPYS, July 11, and the EXP Invitational – Apex Legends at X Games Minneapolis is on August 2 and 3.

Mastercard & Zoho Expand Access To Tools To Help Small Business Owners

Posted in Commentary with tags , on July 11, 2019 by itnerd

Mastercard today announced it is expanding its partnership with Zoho to bring small business owners around the world a comprehensive array of products and services to make running their enterprise easier, more efficient and more profitable.

Every business is on a quest to increase efficiency and productivity; for small business owners it can be a matter of survival. With Zoho’s platform, Mastercard is able to offer its small business customers access to a suite of marketing, accounting and CRM tools to automate and digitize time-intensive, paper-based processes. Scaling its existing partnership from India to the rest of the world, Mastercard and Zoho are enabling simpler business operations for SMBs globally.

In fact, small businesses account for nearly 50 percent of the world’s GDP and employ almost two thirds of the global workforce1. Through Mastercard’s financial institution and acquiring partners, small businesses will now have access to various solutions such as enterprise resource planning and finance software, customer relationship management, and marketing solutions, amongst others.

Zoho is a cloud-based platform accessible via website and app and can be delivered via API. Zoho’s technology stack is flexible, taking the heavy lift off the integration process and making bringing solutions to market faster. Mastercard and Zoho shared solutions will be available later this year.

You can also read my review of Zoho here.

 

Apple Takes Action To Remove That Zoom Web Server Which Has Been Shown To Be A Security Risk

Posted in Commentary with tags , on July 11, 2019 by itnerd

I guess that Apple felt that the security risks posed by the Zoom video conferencing software and the response by Zoom to fix the issue was too great to ignore as TechCrunch is reporting that Apple has pushed a silent update to remove the Zoom web server that is at the center of this controversy. As in the one that was installed by Zoom without user consent and seems to do some sketchy things.

So you might be wondering how Apple did that. macOS has a feature called XProtect which is part of Apple’s Gatekeeper security suite that is built into macOS. It allows Apple to silently (as in no user interaction is required) deal with malware by pushing updates to any Mac that is online. These updates can quarantine or kill malware. Now to be clear, this isn’t a true antivirus product and you still need to run one despite what the Mac fanboys might say. But this is a good way for Apple to provide “herd immunity” for Mac users.

So the net result is that if you are a Mac based Zoom user and whether you ran the Zoom update or not, you’re protected from this threat. That’s great for Mac users. But given all that has transpired over the last few days, you have to question if you should be using Zoom at all.

Safe By HUB6 Adds Honeywell Compatiblity

Posted in Commentary with tags on July 11, 2019 by itnerd

Homeowners with Honeywell security systems can now upgrade their traditional hardwired alarm systems to a no-fee smart home monitoring system using Safe by HUB6. Safe allows homeowners to receive their alarm alerts directly, and fully control their system, with the HUB6 app. With Safe, homeowners can cancel expensive monitoring contracts for good.

Innovation in DIY smart home security took a giant leap forward in North America last year with the launch of Safe by HUB6 which allows homeowners to upgrade their legacy hardwired alarms into cost-effective, community-oriented monitoring systems.

Safe by HUB6 also helps homeowners seamlessly connect with neighbors for ultimate security. They can add trusted family and friends to their Neighborhood setting on the app – even those that don’t have their own Safe – so they too are notified in real-time if an alarm is activated.

If an alarm is triggered, Neighborhood members can communicate together in the app to investigate further and/or contact emergency services efficiently.

For an affordable one-time price of $249 ($299 CDN) this DIY product transforms existing home security into a smart system through the Safe by HUB6 app allowing users to check the status of their home, control the alarm system, and get instant alerts. The included, no-fee, LTE SIM card allows users to stay connected to their home, even if the power or internet is down.

Safe by HUB6 is sold directly to consumers at SafebyHUB6.com or via Amazon and BestBuy, is compatible with most home security systems and works with other smart home products.  Safe by HUB6 is expected in retail in the coming months.

Safe by HUB6 also offers on demand monitoring at $10 per 30 days so consumers can have an added layer of security when they are away.  There is no contract required for this service and it can be started and cancelled as desired.

Here’s a video on Safe by HUB6:

Dell Technologies Bus Tour Recap

Posted in Commentary with tags on July 11, 2019 by itnerd

This year’s edition of The Dell Technologies Bus Tour visited Toronto recently. And though I couldn’t attend, Dell was kind enough to share some pictures which I will display in a slide show below.

The Dell Technologies Bus Tour offered event attendees an immersive mobile product experience. The event showcased demos of Dell’s latest product offerings along with insights from industry experts, aiming to empower everyone with the most advanced, productive, liberating technology in the industry.

On display were Dell’s latest client and infrastructure solutions, including:

  • Latest-generation Latitude, OptiPlex, Rugged and Precision portfolios with purpose-built ecosystems and peripherals
  • Collaborative conferencing solutions with Intel Unite®
  • Hyper-Converged Solutions featuring VxRail and VMware vSAN ReadyNode
  • Pre-configured PCs with Dell Provisioning for VMware Workspace ONE
  • Next-Generation PowerEdge Servers and All-Flash Data Storage
  • Virtual reality experiences

Here’s a slide show of what was on display.

This slideshow requires JavaScript.

OpenText and Mastercard Team Up

Posted in Commentary with tags on July 11, 2019 by itnerd

OpenText and Mastercard today announced a partnership to help companies increase financial efficiencies across global supply chains, starting in the automotive industry. The collaboration will further advance a connected and scalable digital ecosystem, allowing companies irrespective of size, location or technical capability to build increased trust and security into trading partner relationships.

The new solution from OpenText and Mastercard aims to increase the speed, compliance and security for business information, payments and financing in the automotive supply chain. It is designed to facilitate integrated payments and to enhance the management of vendor master data, enabling suppliers to better manage risk for trade finance, accelerate cash flow for outstanding invoices and secure financial transactions with enhanced digital identity.

The integrated OpenText and Mastercard offering will also provide OpenText Business Network customers the ability to access spot financing through the Mastercard Track™ B2B global trade enablement platform. It will leverage the OpenText Supplier Portal (formerly Covisint Supplier Portal), the OpenText Identity Portal and the OpenText IoT Platform, integrated with Mastercard’s financial partners.

OpenText and Mastercard will provide a single user interface which links users to supplier portal functionality and to Mastercard Track, with a secure, permissioned repository of more than 210 million registered entities worldwide. Buyers and sellers maintain and exchange key information related to their businesses and Mastercard Track provides monitoring on sanctions, credit and other business standards. This eases supplier selection, compliance and risk management; enhancing the comprehensive up-to-date supplier profiles in the OpenText Supplier Portal. Expanded supplier portal capabilities such as parts and services management and IoT contextual telemetry help auto companies avoid supply chain disruptions by identifying vendors with available parts to fill production gaps.

OpenText Supplier Portal is part of OpenText Business Network which connects to 92 percent of Automotive News 2019 Top 100 Suppliers. The global connectivity offered by OpenText will provide Mastercard with more robust digital authentication and authorization services to manage access and business identities for Mastercard Track users.

Apple Turns Off Walkie Talkie Feature In watchOS Due To Eavesdropping Vulnerability

Posted in Commentary with tags on July 11, 2019 by itnerd

Here we go again. Much like this well publicized vulnerability from last year where you could use FaceTime to eavesdrop on others, and which left Apple with egg on their face because of the way it was handled, Apple has a similar vulnerability on its hands. In short, Apple has had to turn off the Walkie Talkie feature of the Apple Watch due to a bug that could allow users to eavesdrop on others according to TechCrunch. What’s important about to note is Walkie Talkie uses the FaceTime protocol. That makes one wonder what other bugs are hiding in there and how extensive these problems are.

Apple issued a statement noting that it was just notified about the vulnerability and has temporarily disabled the Walkie-Talkie functionality while they “quickly” fix the issue. How and when that fix will be delivered is not clear at this point. iOs 12.4 and watchOS 5.3 are in beta at this point, so my first thought is that they will likely use that as a delivery vehicle to address this bug. Or we could see a emergency patch come out to address this. There’s also the possibility that this could be a server side fix which would not require a client side software update. We’ll have to to wait and see how Apple decides to address this.

Bugs happen. I get that. But when you go around saying that you develop products that are private and secure, and you get bugs like this, it makes you look like all those statements about privacy and security are fake. Apple seriously needs to up it’s game here because clearly what I said in this article hasn’t been addressed. Which is Apple has lost the plot when it comes to making quality products.