Amazon Adds Free Encryption to Storage Service

Using Amazon Web Services' new Server Side Encryption feature, enterprises will at no extra cost be able to encrypt data stored on the company's Simple Storage Service (S3), Amazon said on Tuesday.

The Server Side Encryption feature has been added to simplify the process of protecting data stored on S3. Previously, enterprises had to choose an encryption algorithm, create and store keys, and adapt applications to ensure that all data was encrypted and decrypted for every operation. Now users can leave that to Amazon. The Server Side Encryption feature handles all encryption, decryption and key management transparently, according to a blog post.

The data is encrypted when an extra header is added when writing an object to S3. Each object is encrypted with a unique key. As an additional safeguard, this key itself is encrypted with a regularly rotated master key. The encryption algorithm Amazon uses is AES-256, it said.

Enterprises can start to take advantage of Server Side Encryption using Amazon's Management Console and the S3 API.

That Amazon added encryption on its servers isn't terribly exciting, according to Swedish security expert Jakob Schlyter. The feature would help protect data if someone managed to break into one of Amazon's data centers, and steal a disk that stored company data. That has to be weighed against what would happen if something went wrong with Amazon's key management, and data was lost because of that, Schlyter said, and added that he would still use client-side encryption.

On Tuesday, Amazon also said that the number of objects stored on S3 increased to 566 billion during the third quarter of this year, after reaching 262 billion objects during the last quarter of 2010.

The company is also hiring new staff to the S3 team, including a software development manager, development engineer and business development representative, who will all be based in Seattle.

Send news tips and comments to mikael_ricknas@idg.com

View the original article here

read more

Apple Announces IPhone 4S to Crowd

Apple on Tuesday announced the iPhone 4S, a 3G smartphone with improved hardware designed to allow the device to run applications faster than its predecessor, the iPhone 4.

The iPhone 4S will run on a dual-core A5 processor, which also will allow the device to run graphics up to seven times faster than prior models, said Phil Schiller, senior vice president of worldwide product marketing at Apple, during an event held at the company's Cupertino campus. That could allow for a better gaming experience and 1080p video playback. The iPhone 4's A4 chip provides up to 720p of video playback.

The iPhone 4S will be priced at US$199 for a 16GB model, $299 for a 32GB model and $399 for a 64GB model, with a two-year contract.

The smartphone will be available on Oct. 14 in the U.S. through AT&T, Sprint and Verizon. It will also become available in Canada, Australia, the U.K., France, Germany and Japan on that day. It will become available in 24 more countries by Oct. 28, and in 70 countries by the end of the year.

Video: Apple Unveils Souped-Up iPhone 4S

The new smartphone will offer eight hours of 3G talk time, 14 hours of 2G talk time and 10 hours of video on one battery charge. The device will also offer nine hours of Wi-Fi browsing time and six hours of 3G browsing time.

The iPhone 4S is also a world phone, which means it has a baseband chip that will work on both GSM (Global System for Mobile Communications) and CDMA (Code Division Multiple Access) networks. The iPhone 4 previously had two separate models for the GSM and CDMA networks. The iPhone 4S will also have an 8-megapixel camera, as many analysts had predicted.

The iPhone 4S also includes retina display, like the iPhone 4, which started shipping in June last year. The naming convention is much like the iPhone 3GS, which was considered an incremental upgrade from iPhone 3G.

The iPhone 4S will run on iOS 5, which the company introduced earlier this year. The OS includes about 200 more features than earlier versions, including Twitter integration, the new iMessage application for communication between iOS devices, and a unified center for notifications on email, text messages and more. The OS will also include the free iCloud syncing and hosting service for music, photos and other data, which will become available on Oct. 12.

The company also announced a new version of the iPod Touch, which will come with iOS 5. An 8GB model will be priced at US$199, a 32GB model at $299 and a 64GB model at $399. The new device will also come in white and become available on Oct. 12.

(Additional reporting by Macworld staff.)

View the original article here

read more

Apple iPhone 4S: A Deep Dive Into the New iPhone's Hardware

Apple iPhone 4S: A Deep Dive Into the New iPhone's HardwareApple iPhone 4SAfter more than a year with the iPhone 4, the iPhone 4S--announced Tuesday by Apple CEO Tim Cook--seems a bit, well, underwhelming.

The hardware announced today offers no design overhaul. Apple upgraded the phone's camera from a 5-megapixel sensor to an 8-megapixel sensor, though, and the iPhone 4S will use the same dual-core A5 chip that the iPad 2 does.

4G capability? Forget it--Apple isn't going that route this time. We already knew about iOS 5 and its features for a while, but the inclusion of the Siri voice-activated software was a nice surprise.

That isn’t to say that I’m dissatisfied. Last year’s iPhone 4 still holds up among smartphones released this year, and the internal enhancements in the iPhone 4S, while a bit late to the game, are certainly welcome. The iPhone 4S is a good phone that has become even better, but I certainly wouldn’t call it “revolutionary.” And, on second thought, Apple didn’t either.

[Read: Apple iPhone 4S Features Roundup: A Visual Tour]

Design: No Changes, No Problem

The iPhone 4S has an identical design to the iPhone 4, but its guts are all new. Although that might be a disappointment to some people (no larger display, no slimmer body, no tear-shape game-friendly design), I am actually pretty happy with it. I really like the iPhone 4 design: It's still the thinnest smartphone available (despite Samsung’s claims), and it has a stylish, premium look thanks to the glass face and back.

I am a little disappointed to see that the screen real estate didn’t get a bump. I’m definitely not asking for a 4.5-inch display (which is too big in my opinion), but 4 inches or even 3.7 inches would make Web browsing, movie watching, and gaming a bit more comfortable. Ramon Llamas, IDC's senior research analyst for mobile devices technology and trends, says that keeping the same screen size is actually a benefit to consumers and developers.

“You have all these incredible apps [in the App Store]. If you do a different screen size, it will wreak havoc for the developer community,” Llamas says. A consistent screen size is one of the reasons why the App Store has such a high number of apps, he adds.

The Best Camera? Hard to Say

Apple iPhone 4S camera featuresApple iPhone 4S camera featuresApple isn't the only tech company that loves to tick off specs and claim its products are the first to market with a certain technology. Most companies that do so rely on consumers' failure to understand the technology or know what the specs mean. Such confusion frequently happens with camera specs, so I asked my colleague Tim Moynihan, PCWorld’s camera editor, to decipher some of the specs announced for the iPhone 4S’s camera.

Apple says that the new iPhone’s 8-megapixel camera is built around a backside-illuminated (BSI) CMOS sensor, a type of low-light-optimized sensor that debuted in Sony's cameras a few years ago. BSI sensors are now fairly commonplace in CMOS-based cameras, including both stand-alone cameras and a growing number of camera phones.

A BSI sensor is designed such that small, light-blocking wires move to the back of the sensor, making the sensor's surface a more efficient light-gathering source; as such, BSI-sensor cameras usually perform well in low-light situations without a flash. The iPhone 4's 5-megapixel sensor was also a BSI sensor, and was very good; the new sensor in the iPhone 4S is likely a higher-resolution version.

Apple also says the iPhone 4S has a five-element lens that offers 30 percent more sharpness. According to Moynihan, the lens specs sound good, but we'll need to test Apple's claims of improved image sharpness in our labs. The iPhone 4S's F2.4 lens has a wider aperture than most phone cameras do; coupled with the low-light-optimized sensor, it should perform well in low-light situations and at quick shutter speeds. The T-Mobile MyTouch 4G Slide's F2.2 aperture is still a bit wider. (The HTC-made MyTouch 4G Slide is PCWorld's top-ranking phone camera right now.)

[Read: Android Camera Shootout: 13 Phones Put to the Test]

More Pixels Make It Better?

When Apple says that the iPhone 4S camera has 60 percent more pixels than the iPhone 4 camera, it means that an 8-megapixel camera is technically 160 percent of the resolution of a 5-megapixel camera. So really, it doesn’t translate directly to improved image quality, as more megapixels aren't an indicator of better image quality on small-sensored cameras. The higher megapixel count does mean that you'll be able to print out images at a bigger size without losing resolution, or to crop images without the cropped area losing resolution.

According to Moynihan, unless the sensor size is also 60 percent bigger, the added resolution could translate to worse image quality when compared with that of the iPhone 4. When you pack a sensor of the same size with more pixels, you can end up with a lot of noise and artifacts. Again, this is something we’ll have to test when we get the iPhone 4S in.

Video: Apple Unveils Souped-Up iPhone 4S

We’re still a bit confused about what exactly Apple means when it says that the iPhone 4S has a Hybrid IR filter, as the company simply threw that term out there without actually explaining what the "hybrid" refers to. It could be a filter that allows both infrared photography and regular photography, a feature that the user can turn on or off. Moynihan suspects that the iPhone 4S’s sensor has an infrared-blocking filter built to fix any chromatic aberration, purple fringing, or color-accuracy issues caused by the sensor's being sensitive to infrared light.

If that's the case, it's a unique feature for a phone camera, although some stand-alone cameras use lens coatings and processing software to address similar issues.

As for the company's shutter-speed claims of just 1.1 seconds to take a first photo and 0.5 seconds more to take a second, we noticed that Apple did not compare the iPhone to the T-Mobile MyTouch Slide, which has the best camera of any phone we’ve tested. The Slide’s camera specs are pretty similar to the iPhone 4S’s, so we’ll have to do some head-to-head testing once we receive the Apple phone in our labs. We also plan on replicating Apple’s test with other phones we have in house.

Like many dual-core Android phones currently available, the iPhone 4S can shoot high-resolution video up to 1080p. It also features digital video stabilization--but unless it’s a radically different system than we’ve seen on other video devices, don’t expect miracles from digital-only stabilization.

Judging from the specs alone, the iPhone 4S's camera is competitive with those in the top crop of recent Android phones, including the Samsung Galaxy S II series, the HTC ThunderBolt, and the Slide. Considering the iPhone 4's excellent performance in our imaging tests, Apple gets the benefit of the doubt when it comes to those claims of improved camera performance--we just don't think the higher megapixel count has much to do with it.

Next: Speed Boost, No 4G, and Siri Software

View the original article here

read more

Apple Seeds Final iOS 5 Gold Master Beta to Developers

iOS 5 won't be out until October 12, but if you're a registered iOS developer, you can get your hands on the gold master release today.

The Gold Master update is available for download from Apple's developer site, but unlike previous builds of iOS 5, which have offered updating over-the-air via iOS' Software Update, the final beta is strictly a download-only affair. If you try to install the update directly from your iDevice, you'll be told that the software is up-to-date, even though it isn't..

Developers who log into the iOS Dev Center will first need to accept an updated iOS Developer Program License Agreement before they can get their GM download started.

As MacRumors notes, this final beta build joins the XCode 4.2 GM, which is also now availabe from Apple's developer site. In order to use the GM, you'll also need iTunes 10.5 Beta 7.

iOS 5 introduces an all new notifications system, a free messaging service by the way of iMessage, deep Twitter integration, location-aware reminders, various updates to the camera app, and more.

Get your GeekTech on: Twitter - Facebook - RSS | Tip us off | Follow Chris Brandrick

View the original article here

read more

Apple Unveils the New iPhone 4S

Apple Unveils the New iPhone 4SApple’s latest iPhone doesn't look all that different on the surface from the iPhone 4 it replace. But the iPhone 4S unveiled by Apple at a press event Tuesday promises an improved processor, new wireless system, and more powerful camera, along with voice control capabilities.

The iPhone 4S is available in black and white. The 16GB version costs $199, a 32GB model costs $299, and the 64GB edition costs $399—each with a two-year contract. They’ll be available for pre-order on October 7, with the phone shipping a week later on October 14 in the U.S., Canada, Australia, U.K., France, German, and Japan, on AT&T, Verizon, and newcomer Sprint. The iPhone 4S will be available in more than 70 countries by the end of the year, Apple says.

Video: Apple Unveils Souped-Up iPhone 4S

In unveiling the new iPhone, Apple senior vice president of worldwide product marketing Phil Schiller said that the iPhone 4S keeps the same Retina display, glass on front and back, and stainless steel band. Inside, however, it’s all new: The iPad’s A5 chip is now inside the iPhone—that’s the Apple-designed, dual-core chip. Schiller says it offers graphics performance up to seven times faster than the iPhone 4, and CPU performance up to twice as fast. Schiller said that with the new internals in the iPhone 4S, “you really see it scream… in games.”

The improved performance in the iPhone 4S doesn’t come at the expense of battery life. Schiller said that for the first time on an iPhone, you can expect eight hours of talk time on 3G, 14 hours of 2G talk time, six hours of 3G browsing, nine hours of Wi-Fi, ten hours of video, and 40 hours of listening to music.

[Read: Apple iPhone 4S: A Deep Dive Into the Hardware]

New Wireless System

The iPhone 4S also sports a new wireless system. Schiller said that the phone can “intelligently switch between two antennas to transmit and receive,” and the technology works even when you’re on a call. The result? Better call quality, and faster download speeds. The iPhone 4 could support 5.8Mbps up and 14.Mbps download speeds; the iPhone 4S offers 5.8Mbps uploads with 14.4Mbps download speeds. Schiller said that competitors describe those speeds as 4G, but that Apple is “not going to get into a debate about what’s 4G and what isn’t. The iPhone 4 came in GSM and CDMA models; the iPhone 4S comes in a single model that works around the world on both types of networks.

Camera Improvements

The iPhone 4S's new and improved cameraThe iPhone 4S’s camera system gets a significant upgrade over the iPhone 4’s, too, according to Apple. Schiller said that Apple “set out to create an all new camera,” with the aim of challenging point-and-shoots. The iPhone 4S’s camera offers an eight megapixel sensor, with 3264x2448 resolution. Said Schiller, “You can print out an 8x10 glossy photo that’s pixel perfect.” The iPhone 4S’s rear camera offers 60 percent more pixels than iPhone 4’s camera sensor. The new sensor is a state of the art CMOS backside illumination sensor, which affords 73 percent more light per pixel, which Schiller says means richer colors and better lowlight performance. The camera also takes pictures 33 percent faster than the iPhone 4.

In addition, the iPhone 4S camera sports a Hybrid IR filter on top of the sensor for better color accuracy, which Schiller said is usually a feature you’d associate with DSLR cameras. The optics employ a five-element, Apple-designed lens, which Schiller said is 30 percent sharper with an f/2.4 aperture. The iPhone 4S’s A5 chip also includes an Apple-designed image signal processor, which Schiller said provides advanced face detection—with the ability to detect up to ten unique faces in a single photo, for automatic exposure. The camera also offers 26 percent improved automatic white balance over the iPhone 4.

Schiller emphasized the iPhone 4S’s virtual shutter speed. He compared the iPhone 4S to the Droid Bionic, which needs 3.7 seconds to take its first photo, and the Galaxy SII HTC Sensation, which needs two seconds. The iPhone 4S can take its first picture in 1.1 seconds, and just half a second longer to take a second picture.

The iPhone 4S’s camera also takes stunning high definition 1080p video, Schiller said. The phone’s image signal processor offers real-time video image stabilization, along with temporal noise reduction to improve video quality in real time.

Voice Control

But according to Schiller, the “best feature of the iPhone 4S [is] all about our voice. Schiller explained that, for decades, technologists have attempted to get voice control working right, but none have succeeded. The iPhone 4S changes that. Schiller brought back out Apple’s vice president for iOS software, Scott Forstall, to talk about it.

The feature is called Siri, based on the voice-activated app that Apple bought in 2010. Forstall described it as “your intelligent assistant that helps you get things done just by asking.” Forstall asked the iPhone 4S what the weather is like today, and the phone gets to the meaning behind his words, displaying a weather forecast. He asked “What time is it in Paris,” an it came back with a live clock. “Wake me up at 6a.m.” instantly set an alarm clock for early tomorrow morning.

Apple also partnered with Yelp, so you can say, “Find me a great Greek restaurant in Palo Alto,” and the phone lists five restaurants there, sorted by Yelp rankings. Forstall also demonstrated with questions like, “Give me directions to the Hoover Tower.”

iPhone 4S and its new Siri voice control feature.And Siri doesn’t just listen—it also speaks. You can ask Siri to read your messages from the Notification queue to you hands-free, so that you’re not glancing at your phone when you should be, say, driving the car. You can even use Siri to reply to messages, Forstall said. If need be, you can tell Siri to check your calendar and then schedule a meeting.

Siri’s power, Forstall explained, is in how well it can process natural language. If you say, “Remind me to call my wife when I leave work,” Siri knows which of your contacts is your wife, knows the geolocation of your job, and schedules a location aware reminder in iOS 5’s Reminders app. Another example Forstall offered was Web searches: “Search Wikipedia for Neil Armstrong.” Forstall said that Siri supports Wikipedia and Wolfram Alpha, and can provide dictionary definitions and currency conversations. And using a Wolfram Alpha feature as an example, Forstall asked Siri: “How many days are there until Christmas?” he asked the phone. It answered, accurately 82. (So you have time to buy your loved ones iPhone 4S models of their own.)

You can tap and hold Siri’s “i” button to see a list of all the commands it can understand. It can play songs, genres, messages, manage your calendar, schedule reminders, get directions, email people, provide weather and stock updates, set alarms and timers, search your contacts and notes, search the Web, Wikipedia, and Wolfram Alpha.

Forstall ended the Siri demonstration asking it, “Who are you?” Siri replied: “I am a humble personal assistant.”

Schiller added that Siri also supports transcription: Anywhere you see a keyboard in iOS, you can tap a microphone button. Start talking, and your iPhone transcribes what you say. Transcription requires Wi-Fi and 3G; it’s built into iPHone 4S, and works in English, French, and German. Schiller said that the feature will debut in beta mode, meaning that Apple will add more languages and services over time.

To trigger Siri, you press and hold on the Home button, the same way Voice Control works on older iPhones today.


Schiller announced that the iPhone 4S will, like the iPad 2, offer AirPlay mirroring, which lets everything on your screen get streamed wireless to the Apple TV. Don’t have an Apple TV? You can use an HDMI cable to mirror over the wire, too.

Older iPhones

Even as the iPhone 4S arrives later this month, the iPhone 3GS and iPhone 4 remain available, too. The iPhone 4 is available in an 8GB model for $99. The iPhone 3GS—also 8GB—will be available for free, to customers who agree to a contract with AT&T.

For more Macintosh computing news, visit Macworld. Story copyright © 2011 Mac Publishing LLC. All rights reserved.

View the original article here

read more

Apple Updates iPod Nano, Touch Models

Phil Schiller, Apple's senior vice president of worldwide product marketing, announced updated versions of the iPod nano and iPod touch.

iPod nano

Apple has made the iPod nano’s multitouch display easier to navigate by using larger icons. Schiller also said the company has improved the experience of using the nano for fitness. “Right out of the box, you can go on a walk or a run as well, without adding sensors or devices,” he said.

Schiller also mentioned that companies have create watchband cases for the nano so people can wear them on their wrists, and that the latest nano features 16 new clock faces for those people.

The new nano is also a little less expensive than before. The 8GB model costs $129 (down from $149) and the 16GB models costs $149 (down from $179). Both sizes are available now, and come in seven colors.

iPod touch

Apple also updated the iPod touch on Tuesday, introducing a white model for the first time, and dropping the price for the low-end model.

The iPod touch costs $199 for the 8GB model (down from $229), $299 for the 32GB model, and $399 for the 64GB model. They will be available, alongside iOS 5, on October 12.

Schiller said that the iPod touch is Apple’s most popular iPod. Earlier in the presentation, Apple said that it has sold more than 300 million iPods to date.

For more Macintosh computing news, visit Macworld. Story copyright © 2011 Mac Publishing LLC. All rights reserved.

View the original article here

read more

Apple Upgrades Game Center in iOS 5 Update

Apple Upgrades Game Center in iOS 5 UpdateApple Game CenterThe "world's most popular gaming platform" just got better. On Tuesday, Apple unveiled new features appearing in their iOS 5 update, including some much-needed upgrades for their Game Center mobile gaming service. The changes include friend suggestions, photos, and achievement points.

On Apple's website, the "friend suggestions" element gets a bit more clarification: "Meet your match with new friend recommendations based on the games you play and the players you already know." For instance, if you're looking for another buddy to play Words With Friends, Game Center will help you out.

[Read: 5 Ways to Fix iOS Game Center]

While these upgrades seem minor, the fact that Game Center hasn't had them from the get-go has been the bigger story. When Game Center first launched over a year ago, many iOS game services worried that their days were numbered.

But Game Center integration hasn't been universal, with many popular games staying with OpenFeint and other pre-Game Center brands. The iOS 5.0 upgrade looks to be a step in the right direction, but at this juncture, it doesn't appear to be a game changer.

View the original article here

read more

Apple Will Pay You $200 for Your Gently Used IPhone 4

Apple Will Pay You $200 for Your Gently Used IPhone 4Apple iPhone 4If history is any guide, the advent of the iPhone 4S will soon render the iPhone 4 both significantly less sexy and significantly less valuable on the resale market. But the good news for early adopters is that Apple will pay them up to $200 to buy back their mint-condition iPhone 4.

As The Next Web points out, Apple's Reuse and Recycling Program offers the money in the form of an Apple gift card--useful if you want to turn around and buy the 4S. All you have to do is go to the site, answer a few questions about the phone you're selling, and receive an estimate on the phone's resale price. After that, ship the phone to Apple, and receive your gift card shortly after. As of Tuesday afternoon, Apple was still willing to pay $180 for a gently used 16GB iPhone 4, and $200 for the 32GB model.

But that's for phones in pristine condition--the payout goes down for phones with scuffs, scratches, or water damage. Phones with dying batteries and without power cords also get a lower payout; you'll also want to clear the content and settings from the phone to achieve your best resale value.

Interestingly, the Reuse and Recycle Program site suggests you can also receive a $105 gift card if you sell Apple a top-condition 16GB iPhone 3GS; Apple will now give you an 8GB model of the same phone for free--provided you sign a two-year phone service contract. Penny-pinching iPhone fans might find the 3GS--both buying and selling--worth their while.

For more Macintosh computing news, visit Macworld. Story copyright © 2011 Mac Publishing LLC. All rights reserved.

View the original article here

read more

Apple’s iPhone 4S Announcement Crashes Popular Websites

Apple’s Announcement Crashes Popular SitesIf you had trouble getting updates on this morning’s Apple keynote, you weren’t alone. Almost every major tech news site suffered at least some downtime during the introduction of the new iPhone 4S.

In addition to some server hiccups here at PCWorld and at our sister publication Macworld, almost every site covering Apple’s event live--including Wired, Engadget and Ars Technica--suffered down time. Even Apple itself wasn't spared as users rushed to order a new iPhone. Sadly pre-orders don’t begin until this Friday.

We’ve seen this kind of down time at almost every Apple event for the last few years. So what, if anything, can sites do about the Apple rush?

Hosting company Rackspace has a history of keeping sites up during major rushes like today’s Apple announcement. We asked Joseph Palumbo, a managed cloud specialist for Rackspace, what his company does to prepare for Apple announcements and other heavy traffic days.

Palumbo’s main tip is to prep early. When you know a heavy traffic day is coming, resources such as additional servers, need to be devoted beforehand--fixes on the day of the event rarely hold up.

“At that point anything you’re doing is just a Band-Aid.” says Palumbo. By the time a major event rolls around, Palumbo says, it’s just a typical day for Rackspace “with an extra tab open to make sure everything’s working as expected.”

Apple iPhone 4S keynoteImage courtesy of MacworldPalumbo also says it helps to have experience with these kinds of issues. Obviously an easy way to do that is to team up with a company like Rackspace that’s been through days like this before, it's easier for sites like Rackspace which have a lot of extra server cycles to use but even smaller companies can learn the ins and outs of avoiding down time.

Today, most companies managed to weather the storm relatively well, once the initial rush faded. But unless sites learn to better prepare (or the hype for Apple products dies down), this isn’t the last time we’ll see Apple crashing the tech world.

View the original article here

read more

AppleCare+ for IPhone Covers Accidental Damage

AppleCare+ for IPhone Covers Accidental DamageApple iPhone 4SWith all the big Apple news on Tuesday, you'll be forgiven if you missed a change the company made to its AppleCare extended-service offering for the iPhone. But that change is significant and will make the plan more appealing to some users.

Every iPhone includes 90 days of technical support and one year of hardware support and repairs. Prior to Apple's Tuesday event, you could pay $69 for an AppleCare policy that extends both technical support and hardware service to two full years. However, both the standard warranty and the standard AppleCare plan specifically exclude accidental damage.

As of October 4, Apple's iPhone service offering, rebranded AppleCare+, costs $99. But the extra $30 adds a significant benefit: According to Apple, AppleCare+ covers up to two incidents of "accidental damage due to handling," although each is subject to a $49 additional fee. In other words, if you drop your brand new iPhone 4S from your second-floor balcony and watch it shatter on your cement driveway, as long as you have an AppleCare+ policy on the iPhone, Apple will fix the phone--or, more likely, replace it with a refurbished unit--for $49.

For those who normally get AppleCare just for the extended service benefits, the increased price of the plan may be disappointing. (A better option for consumers would be to keep the price at $69 but charge, say, $65 for a hardware replacement.) But if you've ever had to replace your phone at full price, $148--$99 for the plan plus $49 for an accident repair--will likely seem like a bargain.

For more Macintosh computing news, visit Macworld. Story copyright © 2011 Mac Publishing LLC. All rights reserved.

View the original article here

read more

Apple--Not Piracy--Is the Real Problem for the Movie Industry, Says Exec

Piracy is less of an issue for the movie industry than is the dominance of the digital distribution channel by a single company, such as Apple.

That's what the CEO of Miramax told a movie industry crowd Monday at the annual MIPCOM event in Cannes, a sort of bazaar for entertainment content. While the audience listening to the executive's message was made up of industry insiders, the message has some interesting implications for consumers--namely, that when it comes to streaming video they should have more choice.

This is exactly the opposite stance that the music industry initially adopted toward digital media.

According to reports in Rapid TVNews and Music Ally, Miramax CEO Mike Lang argued that while some in the industry fear digital distribution of content because they believe it facilitates piracy, the real problem is distribution.

“Piracy really is not the bigger issue for our company or for our library," he said. "It’s been lack of exploitation, just not getting it out there."

Lang has obviously seen what happens when sources of legitimate content proliferate: piracy decreases. It took the music industry many years and many lawsuits to learn that. Of course, by the time the music industry learned this, it had lost something it can no longer get back: it allowed Apple to get a lock on distribution, which has stifled true competition in the market.

According to Lang, this is something the movie industry needs to keep in mind when it begins introducing its digital business models.

"As the movie business we have to be very cognizant of that," Lang said. "That’s why we did our deal with Netflix, and why we also did our deal with Hulu. We want multiple players to be successful."

"It’s really important as an industry that we try to allow multiple players in markets around the world,” he added.

Miramax cut a deal with Netflix in May allowing "several hundred" of the studio's movies to be streamed over the service, including titles such as Pulp Fiction, Good Will Hunting, Bad Santa, and Kill Bill.

In June, Miramax inked an agreement with Hulu that allowed the streaming service to show hundreds of Miramax movies on Hulu Plus, without commercials, and to rotate 15 movies a month, with commercials, through Hulu.com.

Streaming video enthusiasts can only hope that more Hollywood execs start thinking like Lang and realize that choice is a better antidote to piracy than restrictions, police raids, and lawsuits.

Follow freelance technology writer John P. Mello Jr. and Today@PCWorld on Twitter.

View the original article here

read more

CEO Steve Ballmer 'Underpaid,' Microsoft Says

CEO Steve Ballmer 'Underpaid,' Microsoft SaysCEO Steve BallmerMicrosoft CEO Steve Ballmer received compensation valued at $1.38 million this year, according to documents filed this week with the U.S. Securities and Exchange Commission. His total package is up roughly 2% compared to 2010, when he received compensation valued at $1.35 million.

[ReadL CEO PAYDAY: What tech's top execs raked in for 2010]

Ballmer's 2011 pay package consists of a $682,500 salary and a $685,500 bonus (half of the $1.37 million bonus he was eligible to receive). He also received a modest $11,915 in perks, which consist of a 401(k) company match and imputed income related to Microsoft's benefits program.

At his own request, Ballmer didn't receive any stock awards or option awards in 2011.

"As in previous years, Mr. Ballmer's incentive compensation opportunity for fiscal year 2011 was limited to a cash payment of up to 200% of his fiscal year 2011 base salary, consistent with his request that we not award him equity compensation," Microsoft said in its annual proxy statement.

Ballmer's compensation is significantly lower than that of his peers, the company claims. According to Microsoft's analysis, the CEOs in Ballmer's peer group, on average, receive a $1.4 million base salary, $4.5 million cash bonus, and a total compensation opportunity of $15.8 million. By comparison, Ballmer received a $682,500 salary and was eligible for a $1.37 million bonus -- making his total compensation opportunity worth just over $2 million.

"As the principal leader of Microsoft, Mr. Ballmer focuses on building our long-term success, and, as a significant shareholder, his personal wealth is tied directly to Microsoft's value. While the Committee and the Board believe Mr. Ballmer is underpaid for his role and performance, they have accepted his request," Microsoft said.

Even within Microsoft, Ballmer is the lowest paid of the five "named executive officers" listed in the company's proxy statement. The most highly compensated of the five is Kevin Turner, Microsoft's chief operating officer. He netted $9.3 million in 2011, up 17% from $7.9 million in 2010.

CFO Peter Klein received $3.5 million in total compensation, down 3% from $3.6 million in 2010. Steven Sinofsky, president of Windows and Windows Live Division, received $7.2 million. Kurt DelBene, president of the Office Division, received $6.2 million. (Neither Sinofsky nor DelBene were among the Microsoft's named executive officers in 2010, so there are no prior-year compensation figures for comparison.)

The company, meanwhile, grew revenue and income by 12% and 23%, respectively, in its 2011 fiscal year ended June 30. Revenue came in at $69.94 billion, up from $62.48 billion in 2010. Net income hit $23.15 billion, up from $18.76 billion in the prior year.

For more information about enterprise networking, go to NetworkWorld. Story copyright 2011 Network World Inc. All rights reserved.

View the original article here

read more

Epic Announces Infinity Blade II for iPhone 4S

Hot on the heels of the announcement of the iPhone 4S comes word that one of the platform's most popular games is getting a sequel.

Epic was on stage to show off Infinity Blade 2, the sequel to the iOS game released last year. The sequel will naturally feature improved graphics, as well as the ability to wield two swords.

Oh yeah, and it's "only going to run like this on the iPhone 4S. Why? Because it's awesome?" So there you go.

Look for it on the App Store on December 1.

[RELATED: Infinity Blade for Android]

View the original article here

read more

Despite Ellison Remark, Oracle Still a Fan of X86

It can't be easy working for Oracle CEO Larry Ellison. Just ask John Fowler, the head of Oracle's systems business, who's spent the past two weeks trying to convince customers that Ellison didn't really mean it when he said Oracle is "phasing out" its x86 business.

"Larry made some rather 'interesting' comments about Intel, that he doesn't care a lot about the Intel server business," Fowler said in a speech at Oracle OpenWorld in San Francisco on Tuesday. "That, of course, led to a lot of calls to my office."

It's easy to see how the confusion arose: "I don't care if our commodity x86 business goes to zero," Ellison brashly declared on Oracle's quarterly earnings call last month. "We don't make any money selling those things."

Oracle has "no interest" in selling other companies' intellectual property, such as Intel's chips and Microsoft's OS, he said. "Sun sold that stuff, and we are phasing out that business. We have no interest in it whatsoever."

But "commodity" was the key word, according to Fowler. Oracle will continue to make x86 servers and use them as building blocks in larger systems, such as its Exadata Database Machine.

"We see Intel as a key building block to whole families of systems," Fowler said Tuesday, trying to set the record straight. "What we aren't focused on is the large-scale x86 server business running, for example, the Windows OS. Our value is around enterprise computing."

Ellison isn't the only CEO sending mixed messages. Fowler was preceded on stage by Michael Dell, who declared that "Dell is not a PC company," then went on to extol the benefits of Dell being in the PC business.

Dell is an "end-to-end solutions company," Dell said, meaning it too can sell integrated systems that combine hardware and software, through acquisitions of companies like Compellent, Boomi and SecureWorks. Dell is buying companies at a rate of eight per year, Michael Dell said.

But he also took a shot at Hewlett-Packard's decision to sell or spin off its PC business. The move would cause HP to lose its purchasing heft and wind up paying more for components like microprocessors and disks, Dell said, which it would still need to build servers.

"If you give up that scale you go from being one of the largest suppliers in the world to being not even in the top five," he said. "That creates huge problems; the price of those components goes up."

Amid a lengthy sales pitch for his company, Michael Dell shared one bit of news: In the first quarter next year, Dell will introduce its 12th generation of PowerEdge servers with a memory virtualization technology from RNA Networks, a small company it acquired earlier this year with little fanfare.

The technology will allow Dell to build bigger servers that combine 1,024 processor cores and more than 40TB of memory in a single rack, he said. "Imagine you have a data center with 10 server racks. Now imagine consolidating that to one rack," he said.

The new systems will also make greater use of flash memory, putting it as close to the CPUs as possible to create "tier zero" storage, Dell said. As flash gets cheaper and more dense, server makers are using it to store frequently accessed data instead of hard disk drives, boosting performance.

"The result is 60x faster queries" on the new PowerEdge systems, according to Dell.

James Niccolai covers data centers and general technology news for IDG News Service. Follow James on Twitter at @jniccolai. James's e-mail address is james_niccolai@idg.com

View the original article here

read more

Kinect May Act As Xbox 360 Viewing Police with Parental Control Body Scanner

Microsoft wants the Xbox 360 to be the one-stop tech shop for all your entertainment needs: gaming, TV, movies, music and DVDs. But wait, there's more! Microsoft is trying to patent a Kinect 3D body scanner to estimate age and function as an Xbox viewing police AKA an automated parent control.

A Microsoft Xbox web-based, pay-TV deal may be officially announced this week. Programming is expected to include movies, sports, TV shows and music. Bloomberg reported that Microsoft is working with Comcast and Verizon for a pay-TV service over Xbox LIVE. Microsoft is also expecting to sign deals with Time Warner, HBO, Sony Picture's Crackle streaming service, NBC Universal's Bravo and Syfy channels, and Lovefilm UK.

By using a Kinect attachment, users will no longer need to fiddle with game controllers to navigate content. CEO Steve Ballmer previously said "Certainly we all know the frustrations of using guides and menus and controllers, and we think a better way to do all of this is simply to bring Bing and voice to Xbox. You say it, Xbox finds it." Then a Microsoft employee demonstrated by saying, "Xbox, Bing 'The Office'" and all available 'The Office' seasons popped up for on-demand viewing. By the way, yesterday the Microsoft Board awarded Ballmer a 2% pay raise, $682,500 for the fiscal year of 2011; so much for reimaging Microsoft without him.

Worried about children accessing TV, movies or games of a more mature nature? If you don't have body scanning privacy issues, Microsoft has that covered and could automate parental controls by using a Kinect for body scans that estimate age. While a pending Microsoft patent submitted in March 2010 doesn't directly mention Kinect, it does call for a 3D camera which the Kinect uses as a sensor for Xbox 360. According to the Microsoft patent, there are plans to use the 3D camera to scan a user's body and digitally measure arm length, shoulder width, torso length and overall height to estimate the user's age. A system based upon body dimensions and combined with movie, game and TV ratings could act as a parental control and automatically restrict access.

If someone is watching mature content and a child walks into the room, the proposed technology could detect the kid and change to a more appropriate channel. It can also keep a digital eye on when the youngster leaves the room. The patent specifies, "Subsequently, the person is tracked exiting the field of view of the motion capture system, and presenting of the restricted audio and/or video content is resumed at a particular point at which it was paused when the substitute audio and/or video content was presented." This type of automatic parental control is meant to give parents an edge over their tech-savvy children who can otherwise outwit most other parental controls.

[RELATED: Top 15 Kinect Hacks (So Far)]

It might be interesting to see if those same tech-whiz kids will try the "Say & See" approach and use Bing search via voice commands to get around the parental controls. Such as Xbox, Bing "hack Kinect body scan parental controls."

The Parental Control Settings Based On Body Dimensions patent states:

A 3-D image has the advantage of providing depth data so that absolute distances such as height and length measurements can be obtained. Moreover, the use of metrics relating to body proportions can be more reliable than other approaches such as those which analyze facial features such as skin texture or the relative location of the eyes, nose and mouth, because such features often cannot be determined with accuracy and consistency and are not as strongly correlated with age. Such approaches typically do not use a body model which is based on a skeletal model and a 3-D depth map, in which the entire body or a large portion of the body is modeled to determine the relative size of body parts.

The patent proposes several security policy age groups that could be defined to correspond with body measurements, yet many parental control default variations will be possible. For example, based on 3D scans and measuring bodily proportions, age groups might be defined like "a child of 0-6 years, a child of 7-12 years, a teenager of 13-17 years and an adult of 18 or more years." This could be setup to correspond with MPAA ratings of: G, PG, PG-13, R and NC-17 for movies, or TV ratings of TV-Y, TV-Y7, TV-Y7-FV, TV-G, TV-PG TV-14 and TV-MA, and video game ratings like EC, E, E10+, T, M and AO. Even TV listings can be grayed out so kids won't be able to view descriptions of mature content.

What if a user has funky bodily proportions, such as short childlike arms? GeekWire reported "Don't worry, there would be an override for someone with an administrator password, and no doubt there would be an option to disable the technology from the outset."

For more information about enterprise networking, go to NetworkWorld. Story copyright 2011 Network World Inc. All rights reserved.

View the original article here

read more

Firefox Advises Users to Disable McAfee Plugin

It's the last thing McAfee would want users to hear about one of its products, but the Firefox browser is advising users to disable McAfee's ScriptScan software, saying that it could cause "stability or security problems."

SriptScan ships with McAfee's VirusScan antivirus program. It's designed to keep Web surfer's safe by scanning for any malicious scripting code that might be running in the browser. But according to Mozilla it has an unintended side-effect: It can cause Firefox to crash... a lot.

Firefox Advises Users to Disable McAfee PluginIn a note posted to its website, Mozilla said that the add-on "causes a high volume of crashes," and is "strongly encouraging" users to disable the software. The warning applies to all users of version 14.4.0 and below of the plugin, Mozilla said.

The Firefox browser started popping up warning messages Monday, advising that users disable the software

In McAfee user forums, there is a smattering of complaints about the Firefox problem.

The problem affects Firefox 7 users, according to Francie Coulter, a McAfee spokeswoman. "McAfee has identified the cause and is working actively with the Firefox team to resolve this issue and expects to roll out an update shortly," she said in an email message.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

View the original article here

read more

NASA Discovers Northern Arctic Ozone Loss

Left: Earth’s Ozone levels in mid-March 2011. Purple and grey colors represent very small ozone amounts. Right: Dark blue and black colors represent very large amounts of chlorine monoxide, ozone destroying chemicals. [Photo: NASA/JPL-Caltech]Scientists have discovered an unprecedented depletion of the Earth’s ozone layer in the Northern Arctic region. A NASA-led study released on October 2 in the journal Nature reports that a loss of ozone similar to the one found in the Antarctic has begun to develop due to a prolonged period of low temperatures.

The Ozone layer is the stratosphere, extending from about 10 to 20 miles (15 to 35 kilometers) above the surface of the Earth. Ozone is a molecule made up of three-oxygen-atoms that absorb 97 to 99-percent of the Sun’s ultraviolet rays. The Ozone layer suffers some amount of damage every winter, as the cold temperatures cause ozone-destroying forms chlorine to be converted from human-produced chemicals.

"The difference from previous winters is that temperatures were low enough to produce ozone-destroying forms of chlorine for a much longer time,” said lead author of the study Gloria Manney, of NASA's Jet Propulsion Laboratory, in a press release. "This implies that if winter Arctic stratospheric temperatures drop just slightly in the future, for example as a result of climate change, then severe Arctic ozone loss may occur more frequently."

In the study, the scientists found that cold periods in the Arctic lasted for 30 days longer than they did in a previously studied winter. Scientists from 19 institutions in nine countries investigated the 2011 Arctic ozone loss that occurred last winter and spring. The study included daily atmospheric observations from NASA's Aura and CALIPSO spacecraft, Ozone measurements with instrumented balloons, and meteorological data and atmospheric models.

The total loss of Ozone in the Arctic was over double the typical amount in the Antarctic, but the area of loss was 40% smaller. Ozone depletion occurs in an atmospheric cyclone system known as an Arctic polar vortex. Whereas the Antarctic vortex is larger and longer-lived, the northern vortex is smaller and shorter, but it is also mobile and often moves over densely populated regions, potentially endangering humans to direct UV exposure.

[NASA Jet Propulsion Laboratory]

Get your GeekTech on: Twitter - Facebook - RSS | Tip us off

View the original article here

read more

Logitech Looks to IPhone 5 for Video Meetings

The Apple iPhone 5, expected to be announced on Tuesday, should be able to use Logitech's ClearSea videoconferencing software to tie mobile users into meetings alongside high-end telepresence systems and other platforms, according to Logitech.

Logitech's LifeSize videoconferencing division acquired ClearSea earlier this year by buying Mirial, a video software company based in Milan. ClearSea is videoconferencing software that works on a variety of endpoints and lets mobile devices interface with other endpoints through industry standards.

LifeSize has been updating ClearSea for iOS 5, the next version of Apple's iPhone and iPad software, as part of Apple's beta program, said Michael Helmbrecht, vice president of product marketing at LifeSize. ClearSea should be ready to run on the iPhone 5 as soon as the phone is available, he said.

"Unless they move to a completely new processor type that they haven't put in any kind of device before, we don't anticipate any issues," Helmbrecht said.

To be safe, because it doesn't know anything about the rollout schedule for the new iPhone, Logitech estimated that ClearSea would be available for the iPhone 5 by November.

Because it uses standards such as SIP (Session Initiation Protocol) and the H.264 encoding specification, ClearSea can interoperate with videoconferencing systems from major vendors including Cisco Systems, Polycom and Radvision, the company said. ClearSea is also available for version 2.1 and later of Google's Android OS.

On smartphones, ClearSea can send and receive standard-definition video, and on the iPad 2, it can receive 720p high-definition video. Users can participate in meetings with a good 3G cellular connection or Wi-Fi, Helmbrecht said.

It's unlikely the iPhone 5 will have enough processing power to encode or decode high-definition video for use in ClearSea meetings, Helmbrecht said. On the iPhone 4, the software can send video of the caller at 352 by 188 pixels at 15 frames per second, and receive the same resolution at 30 frames per second, he said.

"If the power's there, we can do HD," Helmbrecht said.

Stephen Lawson covers mobile, storage and networking technologies for The IDG News Service. Follow Stephen on Twitter at @sdlawsonmedia. Stephen's e-mail address is stephen_lawson@idg.com

View the original article here

read more

NTT DoCoMo Phone: You're Hungry, but Don't Eat Yet

"Your hunger level is 60%. Refrain from snacking even if you are hungry."

So reads the display on the Toshiba Regza phone on display at NTT DoCoMo's booth at the Ceatec electronics show this week in Japan. And it has a point. It's been a few hours since breakfast and I could definitely go for a quick ramen, but probably should wait until lunch.

A Bluetooth-enabled breathalyzer has analyzed my breath for acetone, which the body produces when body fat is consumed. If acetone levels are low, the theory is that the body is running on sugar and carbohydrates, and hasn't started burning fat yet.

Ceatec attendees line up to breath a few times into the breathalyzer devices, and few seconds later a nearby phone lights up with their numbers. The readings seem rough at best -- one healthy-looking man came up 150 percent hungry and several others all came up exactly 36 percent. The product has no firm launch date.

The research is part of DoCoMo's ongoing push to expand the role of mobile phones in everyday life. The country's largest carrier, it runs nearly half the handsets in Japan.

Also on display were a set of swappable cases that add various sensors to a phone, including a radiation detector and a bad breath analyzer.

The carrier also touted a high-speed charging service for its smartphones, that is under development. External battery cases made for NEC Medias smartphones could be fully charged in just 10 minutes, then provided another 50 percent to the phone's original battery.

The batteries are based on lithium-titanate technology, which is quick-charging but can have lower capacity than the traditional lithium-ion batteries used in mobile phones.

DoCoMo hopes to eventually build external batteries that work with a wide range of phones, then set up quick-charging stations at convenience stores and other locations.

View the original article here

read more

New iPhone 4S: Top 5 Letdowns

Apple's new iPhone 4S has some impressive upgrades, including voice controls, a faster processor, and a better camera. But to millions of tech fans hoping to be dazzled by Apple's latest creation, the 4S is, well, a tad disappointing. Here are the top pre-launch rumors that didn't come true:

No 4-inch, Curved, or Edge-to-Edge Display

The iPhone 4S' stunning 3.5-inch "retina" display is no improvement over the iPhone 4's screen, which debuted way back in June 2010--an eternity (or longer) in the mobile arena. Since then, competing Android phones have gone behemoth in a big way. In fact, four of the top five handsets on PCWorld's Top 10 Cell Phones chart have 4-inch or larger screens. All are Android models.

So whatever happened to the rumored edge-to-edge or curved glass screen on the next-gen iPhone? Not this year, apparently.

No New Design

The iPhone 4S' (unofficial) motto: Same on the outside, better on the inside. If you were expecting a daring teardrop shape, or something truly cutting-edge such as a pico projector to project images onto a nearby surface, today's unveiling had to be a bummer.

No 4G

The iPhone 4S is a 3G-capable handset, just like its predecessor. But numerous rumors had suggested Apple would launch a 4G-enabled iPhone in the fall.

Alas, this isn't the case, although Apple today did trumpet iPhone 4S' ability to double the theoretical maximum HSDPA data speed to a 4G-like 14.4 Mbps.

That said, the growing number of 4G phones on the market does make the iPhone 4S seem behind the times--at least in terms of data speeds.

No Sprint Exclusive

OK, this was by far the dumbest of the pre-launch rumors, but I'm sure somebody, somewhere believed it: the next-gen iPhone would launch exclusively on Sprint!

Sure, makes tons of sense. Apple's going to snub the two biggest U.S. wireless carriers to sign an exclusive deal with the third-place guy.

Didn't come to pass, of course. The good news, though, is that Sprint is getting the iPhone 4S--along with AT&T and Verizon Wireless, naturally.

No iPhone 5

Despite months of "iPhone 5" scuttlebutt, Apple's magical 5th-gen phone--with its teardrop shape, 4.5-inch curved edge-to-edge display, pico projector, and 5G 100 Mbps service--simply failed to materialize.

Oh, well. Let the new iPhone rumors begin!

Video: Apple Unveils Souped-Up iPhone 4S

Contact Jeff Bertolucci via Twitter (@jbertolucci) or at jbertolucci.blogspot.com.

View the original article here

read more

Overview: Apple's iPhone 4S Grabs the Spotlight

Apple unveiled a new iPhone Tuesday where the most significant changes—including new voice control features—are all on the smartphone’s inside. The iPhone 4S highlighted a press event where Apple also announced release dates for iOS 5 and its iCloud online storage and sync service as well as a new card design app for iOS devices.

Apple iPhone 4SApple iPhone 4SApple’s latest phone keeps the same Retina display, glass on front and back, and stainless steel band found in the iPhone 4. However, inside the iPhone 4S, an A5 processor promises graphics performance up to seven times faster than the previous model.

The iPhone 4S also features a new wireless system where the phone can switch between two antennas to transmit and receive, which should mean better call quality and faster download speeds.

Video: Apple Unveils Souped-Up iPhone 4S

What’s more, this iPhone works on both CDMA and GSM networks. Previously, Apple had to produce separate models of the iPhone for compatibility with those wireless standards. As a result, the iPhone will not only be available through previous partners AT&T and Verizon, but Sprint as well. And the iPhone 4S’s camera boasts a number of significant improvements.

It’s the iPhone 4S’s voice-controlled features that should grab the headlines, though. Based on the technology Apple got when it purchased mobile app maker Siri last year, the feature—also called Siri—can carry out searches, perform commands, and look up information all driven by the sound of your voice. Siri can also speak, reading messages and announcing notifications.

The iPhone 4S comes in 16GB, 32GB, and 64GB models, priced at $199, $299, and $399 with two-year contracts, respectively. They’ll go on sale October 14 in seven countries, including the U.S. Pre-orders will be available on October 7.

Get more information on the iPhone 4S

Apple iCloudApple iCloud

Apple also offered more details on iCloud, the cloud-based storage and syncing service that will replace MobileMe. A new app called Find My Friends joins the other iCloud features Apple first unveiled in June. Find My Friends helps you connect with friends and family. Find My Friends uses geolocation to help you locate your companions perennially, or throughout a set duration using Temporary Event.

Users can sign up for iCloud on October 12. You’ll get 5GB of storage for free, with additional space available for a yearly fee. Current MobileMe subscribers will be able to transfer their account to iCloud, though they can also elect to stay on MobileMe until June 30, 2012, when the service will be discontinued.

Get more information on iCloud

October 12 is also the debut date for iOS 5, the next version of Apple’s mobile operating system. That’s about the extent of the news Apple unveiled about its iOS update on Tuesday; the rest of the presentation largely recapped iOS 5 features first announced in June.

Get more information on iOS 5

Apple’s other iOS-related announcement on Tuesday involved Cards, a new addition to the App Store. The app lets you turn your photos into greeting cards that you can send from your iOS device. You’ll be able to print the card and have it mailed to anywhere in the world; US addresses will cost $3 while international cards sell for $5. That app also debuts on October 12.

Get more information on Apple’s Cards app

While Apple’s invitation to Tuesday’s event highlighted the iPhone, the iPod lineup also underwent a modest revamp.

The iPod nano saw its price cut on both the 8GB and 16GB models. Its multitouch display also features larger icons to make it easier to navigate through the music player. The iPod touch now comes in a white model, and the price of the 8GB touch fell $30 to $199.

While many speculated that Tuesday would see the end of Apple’s iPod classic and shuffle offerings, those remain available on Apple’s online store.

Get more information on Apple’s iPod updates

For more Macintosh computing news, visit Macworld. Story copyright © 2011 Mac Publishing LLC. All rights reserved.

View the original article here

read more

Online Banking Fraud Losses Decline in the UK

Online banking fraud losses in the U.K. fell 32 percent in the first half of the year, according to figures from U.K. banks released on Wednesday. The decline is due to the increased use of fraud detection software by banks, an industry group said.

Fraud losses in online banking totalled £16.9 million (US$26.2 million) for the first half of the year, compared to £24.9 million a year earlier, according to figures from the U.K. Cards Association and Financial Fraud Action U.K.

Banks are increasingly using more layers of security for transactions, said Doriena Koldenhof, spokeswoman for Financial Fraud Action U.K. For example, many U.K. banks have now issued devices to their customers that generate one-time passcodes, used to authorize some kinds of transactions.

Another reason for the drop is increased awareness of computer security among consumers, Koldenhof said. People are more aware of the need to update computers with the latest patches, she said.

The figures come as U.K. police announced earlier this week the sentencing of the last defendant in an extensive online banking fraud ring composed of 13 individuals living in the U.K. from the Ukraine, Latvia, Belarus and Georgia.

Police said the ring the ring stole at least £2.8 million from online bank accounts between September 2009 and March 2010, and attempted to steal as much as £4.3 million.

The U.K.'s Police Central e-Crime Unit said in September 2010 that the gang infected banking customers' PCs with an advanced piece of malicious software called Zeus, using it to steal their passwords as they logged in to banks including HSBC, RBS, Barclays and Lloyds. The gang then used those credentials to transfer money to accounts they controlled.

While online banking losses fell, another type of fraud rose: phone banking scams. That fraud totalled £8.6 million for the first half of the year, a 48 percent rise over the same period a year before.

The scam involves calling banking customers and tricking them into believe they are speaking to either bank staff or law enforcement and there are a few different variations. A scammer will call the victim and say that their card is due to expire, and to activate their new card, the victim should enter their PIN into the phone.

On the scammer's side, the audio tones are then analyzed to figure out the PIN. Another bolder variation is when the scammer shows up at the victim's home pretending to deliver a replacement card, which is a fake. The person's real card is collected, which is then used for fraud when the victim is tricked into divulging its PIN.

Send news tips and comments to jeremy_kirk@idg.com

View the original article here

read more

Rhapsody Buys Napster as It Battles Spotify

With its Napster acquisition this week, Rhapsody, the venerable U.S.-only digital music subscription service, is in battle mode as rival Spotify attempts to carry its strong momentum in Europe to America.

Rhapsody, which has about 800,000 paying subscribers, isn't saying yet how many more people Napster will add to its service, but bulking up its business is critical to compete against Spotify, which has about 10 million subscribers, 2 million of them on paid plans.

"I don't know how much Rhapsody paid, but any time you can acquire paying subscribers, that's a good opportunity if the price is right," said Gartner analyst Mike McGuire.

The deal between Rhapsody and Best Buy was an all-stock deal. A Rhapsody spokeswoman said the company isn't disclosing the value of the minority interest it gave up to Best Buy in exchange for Napster.

Rhapsody, in its various incarnations, has been providing subscription-based digital music streaming for about a decade. That business has been overshadowed in the U.S. by the a la carte purchasing of individual songs and entire albums, primarily from the iTunes Store.

However, the subscription model may be gathering momentum, helped by its success in other media, like the subscription-based streaming of TV shows and movies popularized by Netflix.

According to a recent Forrester Research survey, adult Internet users in the U.S. spend an average of US$81 per month on media products, and the way they pay for that content is undergoing a "fundamental transformation," wrote Forrester analyst James McQuivey.

"To thrive, media product strategists must shift to a model in which paid content is more virtual than physical -- and more rented than owned," McQuivey wrote in the report titled "People Pay For Content; They Just Don't Own It" published in March.

In a typical month, 18 percent of U.S. adult Internet users buy physical CDs, and 13 percent purchase songs and albums online, while 2 percent pay to subscribe to streaming music services like Rhapsody, according to the Forrester report.

Music subscription services got a bump up after Apple started letting these providers offer their services via applications from the App Store, said Gartner's McGuire.

These applications and other improvements have made Rhapsody and services like it more convenient and simpler for people to use, he said.

A clear sign that consumers are receptive to subscription-based music streaming services is the warm welcome they have given to Spotify since its launch in the U.S. in July of this year.

Spotify has also gotten a big endorsement from Facebook, which featured the company prominently at its recent F8 developer conference as an example of the tighter application integration possible through the latest upgrade to the Facebook platform.

The Rhapsody application for Facebook now offers similar integration to Spotify's. However, Spotify is a more compelling product for advertisers because of its larger user base, said Altimeter Group analyst Rebecca Lieb.

"Spotify has 10 million global members, and part of their deal with Facebook is, if not compelling, then strongly driving those users to share on Facebook's platform," she said via e-mail. "Even with the Napster acquisition, Rhapsody can't approach those numbers."

Thus, there isn't a major brand marketer out there not having discussions with Spotify, because advertisers go where the reach is, which is on Facebook, and that is creating intense, unprecedented competition for other cloud music players, Lieb added.

Rhapsody is sticking to its strategy of offering only paid subscription options, as opposed to Spotify, which has a basic free tier in addition to its fee-based alternatives.

For now, Rhapsody is focusing on the Napster transition. It expects to have all Napster subscribers migrated to the Rhapsody system by the end of November, the spokeswoman said. Napster customers will get equivalent value for MP3 credits they hold.

Once the Napster migration is completed, Rhapsody will release a new combined subscriber figure, she said.

View the original article here

read more

Panasonic Viera TC-L42D30 42-Inch HDTV, $743

The Panasonic Viera TC-L42D30 LED HDTV provides great simulated surround sound, yet we found its image quality to be somewhat lacking (read our review for details)--especially for the high $1079 at launch this past June. Right now, though, Amazon.com is selling the 42-inch Viera for only $743, and shipping is free. (Quantities are limited, though the HDTV was still available as of this writing.)

For hot tech bargains in your inbox every week, subscribe to the PCWorld Bargain Bulletin newsletter.

View the original article here 

read more

Take a Lego Gears of War Lancer to a Rubber-Band Fight

[Photo: 'Plum B' on MOCpages]Halfway through Gears of War 3, I realized that a Lancer assault rifle would be a very effective tool for keeping the raccoons out of my garbage can. It all made sense. Then I realized that the technology doesn’t exist, and more problematic, PETA wouldn’t be too happy about it.

So I moved on, and I purchased a raccoon-proof garbage can instead. I still wanted a Lancer gun, though. And as of today, it looks like I may just be able to build a life-sized Lancer Assault Rifle out of Lego bricks, complete with a motorized chain saw and magazine release. The Lancer Assault Rifle, created by 'Plum B' over at MOCpages, clearly shows just how badass legos can still be.

The Lancer fires rubber bands from magazines and pretty much makes your neighbor’s six shooter rubber band gun look like something a child would take to a gun fight. Imagine how many kids you could scare off just using the chainsaw around town. This raises yelling "get off my lawn!" to a whole new level. Darn kids.

Also, neighborhood raccoons, you’re officially on notice.


Get your GeekTech on: Twitter - Facebook - RSS | Tip us off

View the original article here

read more

Self-Service IT: Are Users Up To the Task?

Self-service procurement. Self-service business intelligence. Self-service recovery. User provisioning in private clouds. It's a wondrous world for end users these days as IT departments roll out tools that hand them the reins to the data and services they desire, whether it's instant access to their employee benefits account or a deep dive into corporate data stacks that were once off-limits.

But all this user empowerment raises the question: Are users up to their new role? To be sure, it's been a long time since IT staffers have had to show employees how to use a mouse or check that a desktop PC is plugged in, but there's a big jump between choosing a dental plan from a drop-down menu and applying advanced analytics to large volumes of enterprise data.

Have users really advanced so far that they can roll out their own business intelligence (BI) queries or recover from a hard disk failure entirely on their own? Yes and no, say IT managers and industry analysts.

On the one hand, thanks to the boom in smart consumer devices and the ubiquity of the Internet in corporate and personal life, employees at all levels of the organization are more comfortable with technology than ever before.

On the other hand, the United States is now 20-odd years into a decline in science, technology, engineering and math (STEM) skills (download PDF), according to the National Research Council and other education observers. If you include statistical analysis in that skill set, it potentially sets the stage for a perfect storm in self-service IT, where overconfident but underskilled end users run amok in business systems, draw bad conclusions from randomly mashed-up data or corrupt IT's once-pristine data stores.

"Some employees -- particularly the younger members of the workforce -- have an attitude of 'give me access and I'll figure it out,' but there are nuances to data that they may not realize," observes Cindi Howson, founder of business intelligence consultancy BIScorecard. "Some start out quite cavalier in their efforts, then get to a certain point and have to call for help."

5 tips for successful self-service IT

How do you do self-service IT right? Tech managers and analysts interviewed by Computerworld say the goal is to empower users without overwhelming them -- or putting corporate data at any kind of risk. Their specific tips:

Retain tight control over corporate data. User access to that data is important but should never supplant security, privacy or compliance concerns.Know who you're designing for. Users with different roles and technical skills may need different types of tools.Rather than asking what data business users think they need, find out what decisions they need to make or tasks they need to accomplish.Consider bringing in a business analyst during the project's planning stages to facilitate communication between business users and IT.Test with a small group of users to quickly identify and address trouble spots.Change management is crucial to a successful rollout of self-service tools. Line-of-business leaders -- not IT -- should explain to users how the tools will benefit them.

That said, Howson believes such failures are a necessary part of the process as IT, business units and end users renegotiate the delicate balance of who can do what when it comes to corporate data.

After years of tight control by IT, the pendulum is swinging the other way -- "sometimes maybe a little too far the other way," Howson says. Nevertheless, the move toward self-service is only going to accelerate, she and other analysts say, as IT departments face increasing demand, from the newest hire to the most senior executive, for faster, better access to corporate services and data. "IT cannot keep up. They need to be delivering intelligence faster and in a way that's more aligned with the business than what they've been able to deliver in the past," she says.

To gauge IT's handling of this new breed of customer, Computerworld checked in with three organizations -- The Kentucky Community and Technical College System (KCTCS), Intel Corp. and Mitre Corp. -- that serve three different user constituencies. Read on for their take on how to best handle End User 2.0.

Kentucky Community and Technical College System: Broad swath of users

With 16 colleges in 70 locations serving an estimated 130,000 faculty members, staff members, and students, KCTCS supports a broad swath of users.

KCTCS uses Oracle's PeopleSoft Enterprise Human Capital Management system to roll out self-service components to its various user constituencies, says CTO Paul Czarapata. PeopleSoft's Campus Solutions application allows students to enroll in classes, pay their bills and schedule class changes; that module is relatively easy to administer, Czarapata says, for two reasons.

First, "the students really don't have that many mind-boggling choices -- they can see if they're admitted to a class and pay for it. Everything else is on Blackboard" -- a separate student-services system, widely used in higher education, that also incorporates self-service as a cornerstone. Second, "students pick up on [self-service] quicker than employees do. For the most part, they're a little more technically savvy and used to doing things for themselves," Czarapata says.

This October, KCTCS is rolling out an ambitious e-benefits enrollment system that will rely heavily upon self-service options, a big change that could represent a challenge to KCTCS employees, at least initially. "On the HR side, we've got a lot of choices. We've got a super-complex HR system," Czarapata acknowledges. "Change management and communications are going to be super important" for achieving a smooth rollout, he says, "especially since we have to reach 70 locations."

In trying to ensure that the e-benefits system matched the technical expertise of its future users as it was being developed, KCTCS did have one advantage, Czarapata says. "We do know who our employees are, as opposed to a business trying to attract customers online."

Another plus: Having worked together closely on other projects, IT developers generally agreed with HR's assessment of users' abilities -- and when they didn't, they felt free to make suggestions or ask questions. "Other times, IT might not push back as much, but on this project, most of the people have worked with each other for a long time," Czarapata says. "[IT's] role was to look at designs, follow the flow-through, and establish filters to determine who gets the appropriate data," most of which was done in concert with the lead systems person from the HR side.

His advice to other organizations developing self-service systems for users with a wide range of abilities is: "Pilot, pilot, pilot." With a small group of test users, KCTCS developers were able to identify "landmines" and figure out where users needed more or different information, and do so quickly. "A small pilot means a faster feedback cycle," Czarapata points out.

Overall, Czarapata finds that end users today tend to have high expectations that internal systems will look and act like the consumer Web applications they're familiar with -- an expectation he sometimes has difficulty fulfilling.

"It's not that big a deal for a Twitter or a Yahoo to be constantly tweaked, but monolithic ERP stacks don't change as rapidly on the UI side as today's generation expects," he laments. "We're kind of at the mercy of the vendor about how the self-service components work. The functionality to do everything [users] need to do is in there; it just looks clunkier than they'd like."

Intel: 'Four big buckets' of self-service

"It's intriguing to stand back and think about end users," says Diane Bryant, CIO and vice president of Intel Corp. "When you look at tech trends, you see that IT has been delivering greater and greater capabilities into the hands of employees over the years."

At Intel, self-service initiatives can be roughly categorized into "four big buckets" -- traditional help-desk capabilities, BI, web publishing and infrastructure as a service.

Some initiatives, like self-service tech support, are designed for all of Intel's 93,000 employees, who, even at a high-tech company, encompass a wide range of skills. "We roll things out and some will dabble, some will be far more curious and more aggressive in pushing the limits of the tool, and others will shy away," says Bryant.

"We have a workforce that has a long tenure," she elaborates. "People coming into Intel tend to be more comfortable with these new ways of operating, but there's always a base of employees that isn't comfortable." As the solutions mature and more and more rank-and-file employees adopt them, "the rest of the users eventually get swept in," Bryant observes.

Self-service systems that are targeted toward specific groups of employees, on the other hand, tend not to face that kind of adoption lag, Bryant says. The company's new web publishing system, for example, allows the firm's approximately 2,000 corporate marketing employees to create and self-publish content for Intel.com.

Likewise, self-service BI solutions give salespeople access to analytics on customer leads and allow senior financial analysts to run what-if scenarios to determine where the company's financials are going to land for the quarter.

Those types of self-service systems typically take off much more quickly, for two reasons, Bryant says -- the user community tends to comprise high-level, highly skilled employees, and the tools themselves have evolved to the point where they can accommodate users' expectations without sacrificing quality.

"BI tools have matured to the level where you don't have to have a master's degree in computer science. They respond to the employee request. You get better access to the data, converted into formats that users are familiar with."

In her experience, Bryant says, the biggest question around self-service isn't whether users can meet the demands of a new system; it's whether business-unit managers can sell the merits of the system effectively enough that users will adopt it willingly.

"When you tell people you're going from a single point of control to a self-serve model, you are changing an existing business process," Bryant says. "Senior leaders often underestimate how hard that is. IT can't tell the sales force to start doing things differently. The business side needs to educate them on how this change will make them more productive."

View the original article here

read more

Tim Cook Touts Lion, Mac Sales During Apple's iPhone Event

Mobile products like iPhone and iPad may get all the attention—and drive huge sales—but Macs and Lion operating system are also generating big momentum for the company, CEO Tim Cook said during Tuesday's iPhone-focused Apple event.

Cook said Mac OS X Lion—available only through the Mac App Store—had been downloaded 6 million times since it launched to the public on July 20. Cook noted that Microsoft's Windows 7 operating system took about 20 weeks to reach about 10 percent of its installed base; according to Cook, Lion hit that mark in two weeks—one-tenth of the time.

That might simply be an indication that Apple's customer base is highly enthusiastic, but other metrics show that the base is expanding. Cook said there are now 60 million Mac users around the world; the MacBook Pro and iMac have been the best-selling notebook and desktop computers in the United States, with the result that Mac has sextupled the PC industry's rate of growth in the last year—by 23 percent, compared to 4 percent—a trend that stretches back to every business quarter over the last five years. Macs now comprise one of every four PCs sold in-store, Cook said, and there's still room for Apple’s computer business to grow.

If the ceiling is still high for Macs, Cook said, the market has matured for MP3s. But the iPod remains an important business for Apple, Cook said, with 45 million iPods sold during the year ending in June; half of those devices went to first-time buyers. Apple continues to retain more than 70 percent of the MP3 player market with more than 300 million iPods sold since the first model was introduced a decade ago; Sony, Cook noted, took 30 years to sell 220 million Walkman units. And all that hardware is helping Apple on another sales front: iTunes has now sold 16 billion downloads of music and other entertainment media, making it the No. 1 music store in the world.

Cook’s recap of iPod sales came on day that Apple not only rolled out iPod nano and iPod touch updates, but when Microsoft stopped production on the Zune.

Apple's other mobile devices—in addition to attracting publicity and critical praise for the company—are also doing big business. Despite stories that the Android operating system has overtaken Apple for smartphone marketshare, Cook says the iPhone is still outselling all other models of smartphone—with a 125 percent rise in sales during the second quarter, compared to 74 percent for the entire industry. The iPhone 4 has comprised more than half of all phone sales in Apple history, Cook said, aided by its consistent No. 1 rating on consumer satisfaction surveys—the iPhone has topped the J.D. Power survey six consecutive times. Even with that success, Cook said, there's still plenty of growth potential; the iPhone still comprises just 5 percent of all mobile phones (including non-smartphones) around the world.

Scott Forstall, Apple's senior vice president of iOS Software, said that the operating system—which runs on both iPhone and iPad—now accounts for 61 percent of the mobile web market. The iPad has also ranked high in customer satisfaction, and is growing in institutional use: About 1,000 K-12 schools and 1,000 universities in the United States have distributed the tablet to their students; the iPad is also increasingly replacing paper manuals and logbooks in airline cockpits. More than 80 percent of hospitals are testing the device; 92 percent of Fortune 500 companies are doing the same.

All those iOS devices have driven app sales. Forstall said there are now half-a-million apps in the App Store, with more than 140,000 made specifically for the iPad. Apple's customers have downloaded more than 18 billion apps. And Apple has paid more than $3 billion to App Store developers.

For more Macintosh computing news, visit Macworld. Story copyright © 2011 Mac Publishing LLC. All rights reserved.

View the original article here

read more

Ten Security Essentials for the Networked Enterprise

The ideal information security environment is different depending on who you talk to. Your typical security engineer may say it must have firewalls, intrusion detection or any number of security focused technologies. Meanwhile a security tester may suggest that it is conducting penetration testing to provide assurances that security widgets are working well.

This article attempts to provide a usable checklist to ensure the foundation is in place for an organisation to be as secure as it can reasonably be, given that it is operating in its own unique environment.

Information security can not be prescribed in a single checklist that suits all organisations. Information security is about adopting the right measures and controls for a given entity at a given point in time. Threats change and vulnerabilities are introduced or removed, demanding that security evolves simply to keep pace.

Checklist Item 1: Appointing a security officer

Every organisation should assign a security officer even if the role is given to an individual who wears multiple hats. Larger organisations may establish a dedicated position - the chief security officer who presides over a team of specialists addressing the different areas of information security.

The security officer is the central point for managing proactive and reactive information security tasks. The day to day activities for the individual resources that work in the domain will depend on the size and focus of an organisation but ultimately the security officer role should be accountable for the following:

Strategy -- identifying the security posture an organisation wishes to maintain and how this will be achieved.

Operations -- monitoring of security alerts and management of security assets, for example intrusion detection, jump hosts, firewalls and scanning tools.

Architecture -- ensuring security is designed into the businesses technology and processes.

Consultation -- providing consultation to projects or business units by way of requirements, reviews, recommendations and risk assessment.

Analysis -- researching products or specific technical issues to assist in provisioning of technology or remediation of vulnerabilities.

Testing -- providing security testing such as penetration testing for projects and rolling assurance exercises.

Emergency Response -- responding to emergency security incidents such as the compromise of information assets or the loss of service through a denial of service attack.

Programme manager -- acting as the business sponsor for a rolling security programme of work.

Checklist Item 2: Security reporting

Reporting provides a "heartbeat" for information security across an organisation. It ensures the right people remain up to date on the latest incidents, threats and initiatives that will influence the security posture. Regular reporting ensures those that are accountable for securing information assets are aware of the risks they may have inherited and the rigour in the controls that protect them.

Security reports must be written for their audience and this is an area where security professionals often fall down. The content must be accurate but presented at a level that can be consumed by the target audience. Reports destined for technologists with an appreciation of the hands on should be literal and explain any vulnerabilities and controls in technical terms. Those intended for managers with a technical background should be explained conceptually and include references to technical detail that supports any conclusions. Lastly those intended for parties outside the technology group such as the CEO or chief risk officer should wholly focus on the business impact where the conclusions are justified by a well-designed and established process rather than a series of technical whitepapers.

Checklist Item 3: Develop governance

For an organisation to maintain a consistent security posture people within that organisation must have clear instructions that tells them how to behave. Governance ensures that people are aware how they should conduct themselves and if well constructed encourages them to behave in a way that maintains or may even improve security. There are useful standards such as those produced by International Standards Organisation, National Institute for Standards and Technology and the Government Communications Security Bureau that can be used as a suggestion of best practice or simply as inspiration.

Checklist Item 4: Develop a security incident management plan

Every organisation will experience a security incident. The impact of that incident and the likelihood of it repeating is directly impacted by how an organisation manages it.

Was the incident clearly identified, validated and contained? Was the vulnerability that led to it identified and is there a plan to remediate or apply additional countermeasures? Was the incident reported to an appropriate authority inside the organisation and do any external parties need to be notified? These are but a few questions that are answered through a well formed security incident management plan.

The plan should identify a front door for people reporting potential incidents. From there it should define an auditable process that validates the incident and initiates a response team well placed to deal with it. The owner of the plan is the security officer who remains a central part of the response team. The plan will dictate how the incidents progress is recorded and what if any information is disclosed to a wider audience. Typically it will empower the response team to operate outside governance, bypassing change control and other processes that are designed for business as usual rather than an unforeseen emergency.

Checklist Item 5: Initiate a security programme of work

Security initiatives require a vehicle to carry them through design, build and implementation. Grouping them all in a single program of work allows for budgets to be managed more easily and ensures the investment in information security is transparent. Upgrades of security devices such as firewalls and antivirus may be included in the programme, as well as any capital investment in information security, such as an identity and access management system.

The security programme should be primarily focussed on enhancing information security and be funded at a level that an organisation considers appropriate. The security officer should have a list of initiatives in order of priority and the allocated budget should fund those at the top of the list.

Checklist Item 6: Assess the security of all initiatives

An unfortunately common observation is that organisations invest heavily in security controls in one area but due to budgetary constraints ignore others. For example the website may have extensive technical controls and receive frequent security testing while the "trusted" third party connections are left unchecked. Often this is due to incorrect assumptions being made by the business on what the security implications of an action are.

A security assessment should be focused on empowering the business to decide whether an initiative should progress, change direction, be reviewed at a more detailed level or in the most severe cases be halted.

Checklist Item 7: Complete period-based assurance tasks

While assessing the security of all initiatives is a proactive way of ensuring security is built in, it is also important to be reactive. With the best intent and design, it is possible for vulnerabilities to be introduced into a technical environment through human error or as the result of an aggregation of technical anomalies. Completing periodic assurance tasks is intended to identify and manage vulnerabilities that may not have been foreseen.

One of the most commonly practiced assurance measures is penetration testing. It provides a high level of assurance that the tested technology would be resistant to a targeted attack by an skilled attacker. It is however relatively expensive and often tightly scoped. Given the specialised nature of security testing it could be worth considering using a third party security practitioner. A practitioner can ensure that the scope is appropriate and that the tester is reputable.

Checklist Item 8: Provide security training

Security training is a widely recognised requirement for a mature organisation; but all too often the bare minimum is provided, such as an induction session which ensures everyone knows they shouldn't write their password down.

Induction training is a great idea but beyond making people aware of the security policy, it should be different for different roles. Members of the executive face different threats and employ different countermeasures to those holding a position on the help-desk. The former will likely require a one on one sessions while the later may be inducted as part of a group.

While security training may seem expensive, it is probably one of the best returns on investment for an organisation. Guarding against one phishing attempt may be the difference between winning the next big contract or recovering from an embarrassing information leak.

Checklist Item 9: Develop a whistleblower process

Securing an organisation is not limited to the practices of security specialists. It includes everyone from those cleaning the office (often with unparalleled access) to those on the board. It includes partner organisations and their staff and their partners and so the list goes on. Along with supporting (or opposing) security controls, staff and third party affiliates are a useful source of information about security events. They may observe vulnerabilities or even be aware of vulnerabilities being exploited. This information is extremely valuable and should be captured and processed to aid in improving ones security posture.

Reporting of shortcomings is not always something that a hierarchy does particularly well. There is little incentive for a middle manager to report a shortcoming in an area he/she is responsible for. It may lead to embarrassment or additional work and for these reasons potential risks can be swept under the rug. A solution is to develop a whistleblower process which allows anyone to report a perceived security issue to an information security authority in confidence; without fear of repercussions.

Checklist Item 10: Consider security functionally

A challenge that faces many organisations is the apparent power that security practitioners require to do their job. They often have super user rights on a system to provide oversight or control access and they often report to senior management even though they aren't necessarily executive level managers themselves. Security is a functional requirement rather than a hierarchical one.

In designing security roles and responsibilities the function of that role must be considered as a focus on hierarchy will weaken an organisation's ability manage information security well. It can mean the removal of critical information flows as security reports are summarised into something more general. It can risk unnecessary spending on security products to imply progress in the absence of consultation to the right level.

The caveat

This top ten isn't a silver bullet. In order for each of these items to be effective they must involve an experienced security practitioner and such people aren't that easy to find. Engineers can build the firewalls and testers can break them but in the first instance someone is required who can decide whether the firewall is required or not.

Simon Burson is an information security consultant who has delivered operating models and governance frameworks to a range of New Zealand businesses from the finance sector to the utilities sector. He co-manages the Auckland chapter of the Information Security Interest Group and has presented at Brightstar conferences and the New Zealand Information Security Forum. Reach him at

Read more about data protection in CSOonline's Data Protection section.

View the original article here

read more


Entri Populer