Archive for September 8, 2020

Apple Is Saying That Epic Games Is Engaging In “Willful, Brazen, And Unlawful Conduct”… Ouch

Posted in Commentary with tags on September 8, 2020 by itnerd

Well, this is really becoming a bitch slap fest.

Apple filed paperwork today in relation to an upcoming hearing that may decide if Fortnite makes it back onto the App Store. Oh, and Apple is now suing Epic Games for damages for breach of contract. And it wasn’t nice. MacRumors has the details:

In a court filing today, Apple says that Epic’s lawsuit is “nothing more than a basic disagreement over money,” highlighting the revenue that Epic Games has earned through the Fortnite iOS app and Apple’s developer tools.

Although Epic portrays itself as a modern corporate Robin Hood, in reality it is a multi-billion dollar enterprise that simply wants to pay nothing for the tremendous value it derives from the ‌App Store‌. Epic’s demands for special treatment and cries of “retaliation” cannot be reconciled with its flagrant breach of contract and its own business practices, as it rakes in billions by taking commissions on game developers’ sales and charging consumers up to $99.99 for bundles of “V-Bucks.”

For years, Epic took advantage of everything the ‌App Store‌ had to offer. It availed itself of the tools, technology, software, marketing opportunities, and customer reach that Apple provided so that it could bring games like Infinity Blade and Fortnite to Apple customers all over the world. It enjoyed the tremendous resources that Apple pours into its ‌App Store‌ to constantly innovate and create new opportunities for developers and experiences for customers, as well as to review and approve every app, keeping the ‌App Store‌ safe and secure for customers and developers alike.

But it doesn’t stop there, here’s the “ouch” moment which references Epic CEO Eric Sweeney:

Neither Mr. Sweeney’s self-righteous (and self-interested) demands nor the scale of Epic’s business can justify Epic’s deliberate contractual breaches, its tortious conduct, or its unfair business practices. This court should hold Epic to its contractual promises, award Apple compensatory and punitive damages, and enjoin Epic from engaging in further unfair business practices.

That will leave a mark. Seeing as Apple has previously given the court details of Sweeney tried to cut a deal with Apple to get himself more favorable terms right before this blew up. As time goes on, Epic really looks like a bunch of grade A scumbags that really need the butts kicked in court and beyond. Which is not the result that I bet that Epic was expecting.

LinkedIn’s Latest Data Reveals Working Parents In Canada Have Struggled To Find Balance During The Pandemic

Posted in Commentary with tags on September 8, 2020 by itnerd

As Canada’s students return to school, how have working parents handled juggling childcare and work responsibilities during the pandemic?

LinkedIn’s latest Workforce Confidence research sheds light on the challenges faced by working parents and how professionals across different functions and generations are feeling about the outlook and the stresses of the pandemic.

Here are some of the key findings from this edition of Canada’s Workforce Confidence Index:

  • Women and men were relatively equally likely to say they were currently providing childcare full-time (18% and 16%, respectively)
  • Men were slightly more likely to say they were working outside of normal business hours to make up hours (42%) or that they were working fewer hours overall in order to provide childcare (26%)
  • Nearly half of men and women surveyed reported being unable to focus on work while their kids are home, and a majority struggled with providing education for their children.
  • Those who worked in engineering roles were the most confident of all (+43 overall). Those in business development roles also reported high scores (+40 overall).
  • At the other end of the spectrum, those working in administrative, support and community and social services saw the lowest scores, at +14 and +29 (tied) respectively. Those in administrative positions had an outright negative career outlook at -1, but felt slightly better about their finances (+6) and much better about job security (+36).

For the full results, visit here.

Waze Announces Live Map Save To App Functionality

Posted in Commentary on September 8, 2020 by itnerd

Waze, the platform where people and technology meet to solve transportation issues, today announced the new ability for Waze users to save a planned drive to their Waze app, directly from the Waze.com Live Map.

Millions of Waze users viewing their upcoming journey each month on the Live Map using its real-time data will now be able to save their itinerary directly to their Waze app on their Android or iOS device with a single click. This provides a more seamless experience across platforms, and simplifies the process of planning a drive by finding the best route and time to leave, before even getting into the car. Users will receive time-to-leave reminder notifications based on real time traffic, and the ability to quick start navigation.

To use this functionality, users can visit waze.com/livemap and input their route and desired arrival time. They then simply need to tap ‘Save to app’ and the planned drive will appear on their Waze app.

This feature is available for all Waze users from today. For more information visit here.

One Of Chile’s Biggest Banks Pwned By Ransomware

Posted in Commentary with tags on September 8, 2020 by itnerd

BancoEstado, one of Chile’s three biggest banks, was forced to shut down all branches on Monday following a ransomware attack that took place over the weekend:

Our branches will not be operational and will remain closed today,” the bank said in a statement published on its Twitter account on Monday. Details about the attack have not been made public, but a source close to the investigation told ZDNet that the bank’s internal network was infected with the REvil (Sodinokibi) ransomware. The incident is currently being investigated as having originated from a malicious Office document received and opened by an employee. The malicious Office file is believed to have installed a backdoor on the bank’s network.

Well, this is an example of why you need to train people to avoid the sorts of behaviors that lead to something like this. Clicking on a boobytrapped Office document is something that should not happen if users are aware of the risks. Having said that, you have to wonder why whatever anti-malware application that this bank uses didn’t catch this as REvil isn’t new. Perhaps it’s a new variant? There are so many questions about this attack that I would like to see answered so that we can all learn from this and protect ourselves.

Keyfactor Expands End-to-End Crypto Capabilities with SSH Key Management

Posted in Commentary with tags on September 8, 2020 by itnerd

Keyfactor, the leader in crypto-agility solutions, today announced the release of SSH Key Manager for Keyfactor Command, its complete certificate lifecycle automation and PKI as-a-Service platform. The solution replaces manual management methods, automating access and distribution of SSH (Secure Shell) keys across machines, applications and devices within the enterprise.

SSH keys are used to secure remote access to critical systems and applications. However, lack of adequate management and evolving cyber-attack vectors make SSH keys increasingly vulnerable to exploit. Developers and system administrators often generate SSH keys using default configurations, with many left unmanaged on the network and vulnerable to compromise.

As enterprises expand their use of cryptography to protect sensitive data and secure connections across the business, managing sensitive SSH keys, X.509 certificates and cryptographic keys – sometimes referred to as machine identities – becomes critical. Keyfactor enables customers to establish an end-to-end machine identity strategy, with a centralized platform to manage all keys and certificates in the organization.

According to Gartner, machine identity management “encompasses a number of technologies, that today remain mostly siloed (i.e., X.509 certificate management, SSH key management, as well as secrets and other crypto-key management).” Gartner advises security and risk management leaders focused on identity and access management (IAM) to “use full life cycle management or discovery-centric tools to audit the number of deployed machine identities; and to identify the potential risks from expiry and overall compliance.”*

SSH Key Manager for Keyfactor Command enables:

  • Reduced risk exposure – maintaining a real-time inventory of SSH keys and the ability to delete or rotate weak or inactive keys.
  • Complete visibility – allowing teams to find SSH keys and map trust relationships to users, machines and web services, whether on-premises or in the cloud.
  • Greater control – providing a simple dashboard to identify risks, assign key permissions and simplify audits with easy-to-generate reports.
  • Seamless automation – automating SSH key deployment as workloads are spun up in multi-cloud and CI/CD environments.

To learn more or to request a demo of the SSH Key Manager for Keyfactor Command, please visit: www.keyfactor.com.

*Gartner Hype Cycle for Identity and Access Management Technologies, 2020, 16 July 2020, Ant Allan

Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.